Neobjevuje se ikona zvuku, a ukazatel baterie

Zpráva

Tomasvlad · #1 Příspěvek od **Tomasvlad** » 12 dub 2015 21:50

Zdravím, již dlouhou dobu se mi neukazuje ikona zvuku, a ukazatel baterie. Tento problém se stane občas po restartu, nebo zapnutí PC, jinak se vse objevuje, jak má.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-12 22:37:43
Microsoft Windows 8.1
System drive C: has 369 GB (41%) free of 905 GB
Total RAM: 3962 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:37:47, on 12. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5667B02C-3890-45A6-9A63-6F036B8BA497}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE84DB5B-1860-4CAD-8ACB-28D004D33A18}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 15144 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
taskeng.exe {DF9C8D9F-315F-44B5-AF66-B329B7A7D966}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
ClassicStartMenu.exe -startup
"C:\Program Files\Bonjour\mDNSResponder.exe"
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
-nolaunchurl
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 693f76fd-3b32-4e77-9e8b-2c307f28d914 1
C:\WINDOWS\system32\wbem\wmiprvse.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

"C:\Users\Tomas\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\WINDOWS\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\extensions\
518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{a19638fe-8536-4bcf-b659-a38ad619be61}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-05-20 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-05-20 191568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-11-17 2800296]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"THXCfg64"=C:\WINDOWS\system32\THXCfg64.dll [2010-07-26 18432]
"RunDLLEntry"=C:\WINDOWS\system32\AmbRunE.dll [2009-02-26 17920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-25 100200]
"cz.seznam.software.autoupdate"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-31 1374032]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2012-05-02 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-09-04 3802448]
"WindowsDriverScan86"=C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [2014-08-10 1501]
"WindowsDriverScan64"=C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [2015-02-27 1512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5512912]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2015-03-24 863960]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [2010-02-18 241789]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" d3dgearload64.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.WVC1"=d3dgeardecoder64.dll
"VIDC.WMV3"=d3dgeardecoder64.dll
"VIDC.MJPG"=bdmjpeg64.dll
"VIDC.M4S2"=d3dgeardecoder64.dll
"VIDC.FVFW"=d3dgeardecoder64.dll
"VIDC.FFVH"=d3dgeardecoder64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-12 22:37:43 ----D---- C:\rsit
2015-04-12 15:31:33 ----A---- C:\WINDOWS\system32\drivers\hssdrv6.sys
2015-04-12 15:30:07 ----D---- C:\ProgramData\Hotspot Shield
2015-04-12 15:29:37 ----D---- C:\Program Files (x86)\Hotspot Shield
2015-04-12 15:10:38 ----D---- C:\Program Files (x86)\Zards software
2015-04-12 14:47:53 ----D---- C:\ProgramData\EPS
2015-04-12 13:23:51 ----D---- C:\AdwCleaner
2015-04-11 17:46:11 ----D---- C:\WINDOWS\Minidump
2015-04-08 17:59:46 ----D---- C:\ProgramData\BlueStacks
2015-04-08 17:59:46 ----D---- C:\Program Files (x86)\BlueStacks
2015-04-08 13:13:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-06 15:24:39 ----D---- C:\Users\Tomas\AppData\Roaming\SuperHideIP
2015-04-06 15:24:39 ----D---- C:\ProgramData\SuperHideIP
2015-04-06 15:17:14 ----D---- C:\Users\Tomas\AppData\Roaming\MaskMyIP
2015-04-06 15:17:14 ----D---- C:\ProgramData\MaskMyIP
2015-04-03 21:23:22 ----N---- C:\WINDOWS\Updreg.EXE
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\xFiMB2CfgUninstall32.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\CTtele32.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ctpxst32.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgfx.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AMBSpiE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AmbRunE.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\xFiMB2CfgUninstall64.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\CTtele64.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ctpxst64.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgfx.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AMBSpiE.exe
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AmbRunE.dll
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Spk.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Hp.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Capture.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_SP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_HP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\SYSWOW64\ResDefA.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfgUninstall64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.dll
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MCEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MBEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.dll
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\CmdRtr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\APOMngr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\CmdRtr64.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\APOMgr64.DLL
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\OpenAL32.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2015-04-03 21:23:04 ----N---- C:\WINDOWS\SYSWOW64\Sens_oal.dll
2015-04-03 21:23:03 ----N---- C:\WINDOWS\system32\Sens_oal.dll
2015-04-03 21:20:31 ----D---- C:\Program Files\Creative
2015-04-03 21:20:08 ----D---- C:\Program Files (x86)\Creative
2015-04-03 20:12:47 ----D---- C:\Program Files (x86)\Dolby
2015-03-31 00:27:05 ----D---- C:\Riot Games
2015-03-31 00:08:29 ----D---- C:\rads
2015-03-30 18:29:32 ----D---- C:\Program Files (x86)\Registry Recycler
2015-03-30 17:28:31 ----A---- C:\WINDOWS\system32\CxAudMsg64.exe
2015-03-30 17:27:45 ----A---- C:\WINDOWS\SAII_LOG.TXT
2015-03-30 17:23:27 ----A---- C:\WINDOWS\SYSWOW64\SASrv.exe
2015-03-30 17:06:12 ----A---- C:\WINDOWS\system32\UCI64A40.DLL
2015-03-30 17:06:11 ----A---- C:\WINDOWS\system32\drivers\Mixer.ini
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPA64.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\CxPageMaster64.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\drivers\CHDRT64.sys
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CX64BP04.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CSpkExt64.dll
2015-03-30 17:05:38 ----D---- C:\Drivers
2015-03-30 16:18:43 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-03-30 16:09:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-03-30 16:08:54 ----A---- C:\WINDOWS\avastSS.scr
2015-03-30 16:08:25 ----A---- C:\WINDOWS\system32\drivers\aswTap.sys
2015-03-30 16:08:23 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2015-03-30 16:02:33 ----D---- C:\Program Files\AVAST Software
2015-03-27 21:54:12 ----D---- C:\ProgramData\IObit
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-03-27 21:45:38 ----D---- C:\Program Files\trend micro
2015-03-25 18:47:01 ----D---- C:\Program Files (x86)\AutoClick3
2015-03-21 12:41:56 ----D---- C:\Program Files (x86)\Microsoft
2015-03-21 12:10:38 ----D---- C:\Program Files (x86)\PCSX2 1.2.1

======List of files/folders modified in the last 1 month======

2015-04-12 22:35:45 ----D---- C:\Program Files (x86)\opera
2015-04-12 22:34:58 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-04-12 22:32:17 ----D---- C:\WINDOWS\Prefetch
2015-04-12 22:00:53 ----D---- C:\WINDOWS\system32\NDF
2015-04-12 22:00:00 ----D---- C:\WINDOWS\system32\sru
2015-04-12 21:03:53 ----SHD---- C:\System Volume Information
2015-04-12 20:53:16 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-12 20:53:14 ----D---- C:\WINDOWS\Temp
2015-04-12 19:11:16 ----D---- C:\Users\Tomas\AppData\Roaming\ClassicShell
2015-04-12 19:07:02 ----RD---- C:\Program Files (x86)\Skype
2015-04-12 15:31:49 ----D---- C:\WINDOWS\system32\drivers
2015-04-12 15:31:49 ----D---- C:\WINDOWS\Inf
2015-04-12 15:31:41 ----D---- C:\WINDOWS\system32\DriverStore
2015-04-12 15:30:07 ----HD---- C:\ProgramData
2015-04-12 15:29:39 ----D---- C:\Windows
2015-04-12 15:29:37 ----RD---- C:\Program Files (x86)
2015-04-12 15:10:38 ----D---- C:\WINDOWS\SysWOW64
2015-04-12 14:46:51 ----D---- C:\WINDOWS\System32
2015-04-12 14:46:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-12 13:45:08 ----SHD---- C:\WINDOWS\Installer
2015-04-12 13:33:30 ----D---- C:\WINDOWS\Tasks
2015-04-12 13:33:30 ----D---- C:\WINDOWS\system32\Tasks
2015-04-12 13:32:39 ----D---- C:\Program Files
2015-04-12 13:26:07 ----D---- C:\ProgramData\hdgacbecipihjanjmahfcldombgfnpip
2015-04-12 00:45:37 ----D---- C:\Program Files (x86)\Steam
2015-04-11 12:17:28 ----D---- C:\WINDOWS\system32\config
2015-04-10 20:45:07 ----D---- C:\WINDOWS\AppReadiness
2015-04-10 17:29:02 ----RSD---- C:\WINDOWS\assembly
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\Camdata.ini
2015-04-08 17:59:20 ----D---- C:\ProgramData\BlueStacksSetup
2015-04-08 16:28:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 12:35:52 ----D---- C:\Users\Tomas\AppData\Roaming\TS3Client
2015-04-04 15:26:47 ----HD---- C:\Program Files\WindowsApps
2015-04-04 15:17:51 ----D---- C:\WINDOWS\CbsTemp
2015-04-03 21:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-03 21:20:46 ----D---- C:\Program Files (x86)\Common Files
2015-04-03 21:02:14 ----D---- C:\Program Files (x86)\IObit
2015-04-02 14:35:01 ----D---- C:\Counter-Strike 1.6
2015-04-02 12:00:33 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2015-03-31 10:39:56 ----D---- C:\ProgramData\Adobe
2015-03-31 01:04:22 ----D---- C:\Users\Tomas\AppData\Roaming\LSC
2015-03-31 01:03:29 ----D---- C:\ProgramData\Lenovo
2015-03-31 01:02:57 ----D---- C:\Program Files (x86)\Lenovo
2015-03-31 01:02:42 ----D---- C:\Program Files\Lenovo
2015-03-31 01:00:47 ----D---- C:\WINDOWS\Downloaded Installations
2015-03-31 00:27:19 ----D---- C:\Users\Tomas\AppData\Roaming\Riot Games
2015-03-31 00:15:21 ----D---- C:\WINDOWS\Logs
2015-03-30 19:12:01 ----D---- C:\Program Files\Defraggler
2015-03-30 17:36:18 ----D---- C:\WINDOWS\system32\catroot
2015-03-30 17:26:32 ----D---- C:\ProgramData\Conexant
2015-03-30 17:22:36 ----D---- C:\Program Files\CONEXANT
2015-03-30 16:46:33 ----D---- C:\WINDOWS\system32\wdi
2015-03-30 16:10:36 ----D---- C:\WINDOWS\system32\catroot2
2015-03-30 15:48:34 ----D---- C:\WINDOWS\debug
2015-03-30 15:48:17 ----HD---- C:\WINDOWS\ELAMBKUP
2015-03-30 15:45:02 ----D---- C:\ProgramData\Norton
2015-03-30 15:45:01 ----D---- C:\Program Files (x86)\NortonInstaller
2015-03-30 15:44:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-03-30 14:16:38 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-03-28 13:25:27 ----D---- C:\Program Files (x86)\Rockstar Games
2015-03-28 12:13:17 ----D---- C:\Users\Tomas\AppData\Roaming\Awesomium
2015-03-28 11:30:26 ----D---- C:\hry
2015-03-28 10:57:42 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-27 22:27:59 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-27 21:57:02 ----D---- C:\WINDOWS\ModemLogs
2015-03-27 21:57:01 ----DC---- C:\WINDOWS\Panther
2015-03-27 21:52:22 ----D---- C:\Users\Tomas\AppData\Roaming\IObit
2015-03-26 23:49:20 ----D---- C:\Users\Tomas\AppData\Roaming\MultiBit
2015-03-21 12:42:56 ----D---- C:\WINDOWS\SYSWOW64\directx
2015-03-21 12:42:15 ----SD---- C:\ProgramData\Microsoft
2015-03-21 12:41:29 ----HD---- C:\WINDOWS\msdownld.tmp
2015-03-17 13:24:27 ----D---- C:\WINDOWS\system32\MRT
2015-03-17 13:19:37 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-14 20:36:05 ----D---- C:\WINDOWS\rescache
2015-03-14 20:18:25 ----D---- C:\WINDOWS\WinSxS
2015-03-14 15:15:17 ----D---- C:\Users\Tomas\AppData\Roaming\.minecraft
2015-03-14 11:54:14 ----D---- C:\ProgramData\Origin
2015-03-14 11:45:11 ----D---- C:\Program Files (x86)\Origin
2015-03-13 15:41:31 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:41:31 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:41:28 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:27:45 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:27:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:27:43 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:27:43 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:27:40 ----D---- C:\WINDOWS\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;@oem21.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2015-03-30 449896]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-03-30 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-03-30 271200]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-05-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-12-13 31376]
R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2015-03-30 28144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-03-30 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-03-30 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-03-30 442264]
R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-04-28 283064]
R1 HssDRV6;@oem43.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2014-10-11 917112]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2014-10-11 129168]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-03-30 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-03-30 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-03-30 136752]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-24 144600]
R3 ACPIVPC;@oem12.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-05-20 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\system32\DRIVERS\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\system32\DRIVERS\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem28.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-09-04 46136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;@oem50.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 ScreamBAudioSvc;@oem23.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2009-11-26 38992]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-27 43832]
R3 SynTP;@oem4.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-27 448312]
R3 tap0901t;@oem45.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss6;@oem1.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2014-10-11 142528]
R3 VBoxNetFlt;@oem48.inf,%VBoxNetFltService_Desc%;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2014-10-11 157448]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\drivers\lmimirr.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys []
S3 aswTap;@oem42.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-30 44640]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-02-27 22704]
S3 RSUSBVSTOR;@oem29.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-30 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-30 107448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-24 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-24 798424]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-09-30 294912]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-09-04 2525008]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2014-05-17 919040]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2014-05-17 430344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-08-08 377616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-12-13 935240]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-01-09 143624]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-24 433880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2015-04-03 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2015-04-03 79360]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-11-17 182304]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2014-05-17 78512]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-14 1910640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-11-04 762320]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 13 dub 2015 09:31

Zdravim

Toto nemusi byt virovy problem, ale zavirovano mate, takze pocitaci odlehcime od tezeni BitCoinu a dalsi haveti a uvidime, do jake miry to pomuze.

Vcera jste pouzil AdwCleaner - pouzil jste i moznost Clean? Dejte prosim log z jeho cinnosti - nachazi se v C:\AdwCleaner\AdwCleaner [Sx].txt - "x" znaci cislo poradi.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

Upozorneni: tento sken zabere od 30 minut po nekolik hodin

Tomasvlad · #3 Příspěvek od **Tomasvlad** » 13 dub 2015 14:17

Zde je log ze včerejšího scanu.

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 13:32:32
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Tomas - IDEA-PC
# Spuštěno z : C:\Users\Tomas\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : hshld
[#] Služba Smazáno : SPPD

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\Tbccint
Složka Smazáno : C:\ProgramData\DownloadManager
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\HomeTab
Složka Smazáno : C:\WINDOWS\SysWOW64\SearchProtect
Složka Smazáno : C:\Program Files\FreeFixer
Složka Smazáno : C:\Program Files\HomeTab
Složka Smazáno : C:\Users\Tomas\AppData\Local\FreeFixer
Složka Smazáno : C:\Users\Tomas\AppData\Local\genienext
Složka Smazáno : C:\Users\Tomas\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Tomas\AppData\Local\Mobogenie
Složka Smazáno : C:\Users\Tomas\AppData\Local\pay-by-ads
Složka Smazáno : C:\Users\Tomas\AppData\Local\Tbccint
Složka Smazáno : C:\Users\Tomas\AppData\Local\webplayer
Složka Smazáno : C:\Users\Tomas\AppData\Local\Plus500
Složka Smazáno : C:\Users\Tomas\AppData\Local\somotomoviestoolbar181
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\SimplyTech
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\Tbccint
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\apps hat
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\FreeFixer
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\pdfforge
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\SimplyTech
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Složka Smazáno : C:\Users\Tomas\Documents\Mobogenie
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acfoobbgoakpihljnfedbcfaipcdlfhk_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_coljhboelhlkbgaaolcngflenaggpeao_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmedakdfngfmagjlndeckcbfcmidlbio_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_becofaobcinoilkmebdbeojebncfepbl_0.localstorage
Soubor Smazáno : C:\END
Soubor Smazáno : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Soubor Smazáno : C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Temp\Uninstall.exe
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe
Soubor Smazáno : C:\Users\Tomas\daemonprocess.txt
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : ASP
Úloha Smazáno : LaunchSignup
Úloha Smazáno : Yahoo! Search
Úloha Smazáno : Yahoo! Search Updater
Úloha Smazáno : Apps Hat-enabler

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.Band
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKCU\Software\Classes\keepmysearch
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7017502F-0194-46B2-AA5A-F713E6C0E366}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{F25FAEB1-AC58-4FE7-A2EB-F58578FA4A06}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7017502F-0194-46B2-AA5A-F713E6C0E366}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{17038D40-93BB-4F51-B5F9-B1D0B9F4B1EE}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{512AD27A-A4D3-4A2E-97E9-F8BAA2A84938}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\powerpack
Klíč Smazáno : HKCU\Software\SafetyNut
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\smarttweak
Klíč Smazáno : HKCU\Software\Tbccint
Klíč Smazáno : HKCU\Software\Webplayer
Klíč Smazáno : HKCU\Software\AppDataLow\Toolbar
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKCU\Software\AppDataLow\Software\simplytech
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Tbccint
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\SPPDCOM
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Data Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v37.0.1 (x86 cs)

[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app50611%22%3A%22app50[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_geolocation.expiration", "Sat Apr 18 2015 18:10:23 GMT+0200");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_metadata.expiration", "Sun Apr 12 2015 18:10:23 GMT+0200");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A50611%2C%22appName%22%3A%22CrowdFlowe[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_meta.value", "%7B%22YT.png%22%3A%7B%22id%22%3A1014153%2C%22ver%22%3A57%2C%22s[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014155.value", "%22%3C%21DOCTYPE%20html%3E%5Cr%5Cn%3Chtml%3E%5Cr%5C[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014157.value", "%22//Global%20helpers%5Cnvar%20_YT%20%3D%20%7B%5Cn%[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014161.value", "%22//%20The%20Impression%20plugin%20doesn%27t%20sho[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.thankyou", "hxxp://crossrider.com/thank_you/50611");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.crossrider.bic", "14ca93ec943a446a9efbf560d856e4b2");

-\\ Google Chrome v41.0.2272.118

[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=C ... rms}&SSPV=
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : coljhboelhlkbgaaolcngflenaggpeao
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : kmedakdfngfmagjlndeckcbfcmidlbio

-\\ Chromium v

-\\ Opera v28.0.1750.51

*************************

AdwCleaner[R0].txt - [20510 bytů] - [12/04/2015 13:23:54]
AdwCleaner[S0].txt - [19157 bytů] - [12/04/2015 13:32:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19216 bytů] ##########

#4 Příspěvek od **altrok** » 13 dub 2015 17:44

Dekuji, pockame jeste na MBAM a pak zacneme mazat rucne.

Tomasvlad · #5 Příspěvek od **Tomasvlad** » 13 dub 2015 19:26

Při scanu se mi ukázala error PC (Typická obrazovka se zamračeným smajlíkem - mam win8) a restartoval se. Po restartu se mi vypl antivir - přikládám screen. V linku je příklad erroru: https://www.google.com/search?q=windows ... 1280%3B720

#6 Příspěvek od **altrok** » 13 dub 2015 19:30

Dobre, tak na to mrknem rucne.

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Tomasvlad · #7 Příspěvek od **Tomasvlad** » 13 dub 2015 19:40

FRST LOG

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by Tomas (administrator) on IDEA-PC on 13-04-2015 20:37:28
Running from C:\Users\Tomas\Downloads
Loaded Profiles: Tomas (Available profiles: Tomas & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-05-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-05-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [THXCfg64] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry] => C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\AmbRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1512 2015-02-27] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-03-30] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [100200 2014-02-25] (Siber Systems)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [uTorrent] => C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-31] (BitTorrent Inc.)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\MountPoints2: {5be73c90-3c9c-11e3-bea1-24fd5257879d} - "F:\setup.exe"
AppInit_DLLs: d3dgearload64.dll => C:\WINDOWS\system32\d3dgearload64.dll [268112 2014-05-27] (D3DGear Technologies.)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... 22.0.0.110
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {257A3412-33C3-415E-951B-AD72F478E880} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {3F29671C-8783-4101-B2D7-7989A181A3CA} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {50E3C97B-D8D3-471D-9BC0-1DB7B44EA496} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {53EF6100-C5F3-41D7-A03C-99134A77292E} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {63516553-3A22-4704-8AEC-35828EE52E26} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {64F927FC-FE34-4E35-A700-E94A2283D7E3} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {6A4BF57A-CB51-4150-AB42-5F5FF91E25C5} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {73A15D6F-D498-4333-9973-0D3348482E54} URL =
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {7EBBB62D-F531-470E-972A-02AAC4130257} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> {F24E146D-641D-4A7D-B856-BC2BA239E4EC} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: No Name -> {724d43a9-0d85-11d4-9908-00400523e39a} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30] (Avast Software s.r.o.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25] (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - No Name - {a19638fe-8536-4bcf-b659-a38ad619be61} - No File
Toolbar: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25] (AVAST Software)
Toolbar: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> No Name - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5667B02C-3890-45A6-9A63-6F036B8BA497}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{FE84DB5B-1860-4CAD-8ACB-28D004D33A18}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232
FF NetworkProxy: "http", "91.229.20.73"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-27] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\WINDOWS\system32\npOGPPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3095543077-3893173563-4132863104-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tomas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3095543077-3893173563-4132863104-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Extension: CrowdFlower - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\Extensions\518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com [2015-04-13]
FF Extension: Force-TLS - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\Extensions\forcetls@sid.stamm.xpi [2015-04-12]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-04-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-30]
FF HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] -

Chrome:
=======
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-06]
CHR Extension: (Norton Identity Safe) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-06]
CHR Extension: (Skype Click to Call) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-06]
CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-30] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-03-30] (Avast Software s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2015-04-03] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-04-03] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [294912 2010-09-30] (Creative Technology Ltd) [File not signed]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [182304 2014-11-17] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-14] (Electronic Arts)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143624 2013-01-09] (Stardock Software, Inc)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-30] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-03-30] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-30] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-03-30] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-30] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-30] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-03-30] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-30] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2015-03-30] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-03-30] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [283064 2014-04-28] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-02-27] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S1 lmimirr; No ImagePath
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xhunter1; No ImagePath
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S2 NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 20:37 - 2015-04-13 20:38 - 00029952 _____ () C:\Users\Tomas\Downloads\FRST.txt
2015-04-13 20:37 - 2015-04-13 20:37 - 00000000 ____D () C:\FRST
2015-04-13 20:35 - 2015-04-13 20:36 - 02096640 _____ (Farbar) C:\Users\Tomas\Downloads\FRST64.exe
2015-04-13 20:05 - 2015-04-13 20:06 - 00310640 _____ () C:\WINDOWS\Minidump\041315-52312-01.dmp
2015-04-13 15:37 - 2015-04-13 15:37 - 00000222 _____ () C:\Users\Tomas\Desktop\sZone-Online.url
2015-04-13 15:18 - 2015-04-13 15:18 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-13 15:10 - 2015-04-13 15:10 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-13 15:10 - 2015-04-13 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-13 15:10 - 2015-04-13 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-13 15:10 - 2015-04-13 15:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-13 15:10 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-13 15:10 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-13 15:10 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-13 13:57 - 2015-04-13 13:57 - 00000198 _____ () C:\Users\Tomas\Desktop\Hitman Codename 47.url
2015-04-13 13:53 - 2015-04-13 13:53 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tomas\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-12 22:37 - 2015-04-12 22:37 - 00000000 ____D () C:\rsit
2015-04-12 15:32 - 2015-04-12 15:32 - 00001151 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2015-04-12 15:31 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) C:\WINDOWS\system32\Drivers\hssdrv6.sys
2015-04-12 15:30 - 2015-04-12 15:31 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2015-04-12 15:30 - 2015-04-12 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2015-04-12 15:29 - 2015-04-12 15:31 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2015-04-12 15:10 - 2015-04-12 15:10 - 02410180 _____ () C:\Users\Tomas\Downloads\trial.zip
2015-04-12 15:10 - 2015-04-12 15:10 - 00001287 _____ () C:\Users\Tomas\Desktop\Cleanse Uninstaller Pro.lnk
2015-04-12 15:10 - 2015-04-12 15:10 - 00001287 _____ () C:\Users\Administrator\Desktop\Cleanse Uninstaller Pro.lnk
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cleanse Uninstaller Pro
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleanse Uninstaller Pro
2015-04-12 15:10 - 2015-04-12 15:10 - 00000000 ____D () C:\Program Files (x86)\Zards software
2015-04-12 15:09 - 2015-04-12 15:09 - 00232216 _____ () C:\Users\Tomas\Downloads\trial-34594610.exe
2015-04-12 15:02 - 2015-04-12 15:02 - 07787136 _____ () C:\Users\Tomas\Downloads\HSS-3.42-install-e-550-plain(1).exe
2015-04-12 15:02 - 2015-04-12 15:02 - 02248800 _____ () C:\Users\Tomas\Downloads\MaskMyIP-2.4.9.8.Setup(1).exe
2015-04-12 14:58 - 2015-04-12 14:58 - 00000732 _____ () C:\Users\Tomas\Desktop\Start Tor Browser – zástupce.lnk
2015-04-12 14:57 - 2013-08-12 13:58 - 00000000 ____D () C:\Users\Tomas\Downloads\Tor Browser
2015-04-12 14:56 - 2015-04-12 14:57 - 27891222 _____ (Igor Pavlov) C:\Users\Tomas\Downloads\tor-browser-2.3.25-12_en-US.exe
2015-04-12 14:52 - 2015-04-12 14:52 - 00118229 _____ () C:\Users\Tomas\Downloads\force_tls-3.0.0-fx.xpi
2015-04-12 14:51 - 2015-04-12 14:51 - 00818824 _____ (mobile concepts GmbH) C:\Users\Tomas\Downloads\CGWebInstall.exe
2015-04-12 14:47 - 2015-04-12 14:51 - 00000000 ____D () C:\ProgramData\EPS
2015-04-12 14:47 - 2015-04-12 14:47 - 00588888 _____ (http://www.my-proxy.com ) C:\Users\Tomas\Downloads\EPS_setup.exe
2015-04-12 14:38 - 2015-04-12 14:38 - 07787136 _____ () C:\Users\Tomas\Downloads\HSS-3.42-install-e-550-plain.exe
2015-04-12 14:37 - 2015-04-12 14:37 - 07774104 _____ () C:\Users\Tomas\Downloads\HSS-3.42-install-plain-701-plain.exe
2015-04-12 13:23 - 2015-04-13 13:59 - 00000000 ____D () C:\AdwCleaner
2015-04-12 13:22 - 2015-04-12 13:22 - 02217984 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.201.exe
2015-04-12 12:57 - 2015-04-12 12:57 - 01222144 _____ () C:\Users\Tomas\Desktop\RSITx64.exe
2015-04-11 19:24 - 2015-04-11 19:24 - 00734480 _____ (Program Software ) C:\Users\Tomas\Downloads\Jewel Quest 3.exe
2015-04-11 17:46 - 2015-04-13 20:05 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-11 17:46 - 2015-04-11 17:47 - 00316872 _____ () C:\WINDOWS\Minidump\041115-42593-01.dmp
2015-04-11 17:45 - 2015-04-13 20:05 - 757396025 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-09 16:22 - 2015-04-09 16:22 - 00000204 _____ () C:\Users\Tomas\Desktop\Hitman 2 Silent Assassin.url
2015-04-08 17:59 - 2015-04-12 11:37 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-04-08 17:59 - 2015-04-08 18:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-04-08 17:59 - 2015-04-08 17:59 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Bluestacks
2015-04-08 17:59 - 2015-04-08 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-04-08 13:13 - 2015-04-08 13:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 22:20 - 2015-04-06 22:20 - 00001374 _____ () C:\Users\Tomas\Desktop\Cheat Engine – zástupce.lnk
2015-04-06 15:24 - 2015-04-06 15:24 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\SuperHideIP
2015-04-06 15:24 - 2015-04-06 15:24 - 00000000 ____D () C:\ProgramData\SuperHideIP
2015-04-06 15:23 - 2015-04-06 15:24 - 05662523 _____ () C:\Users\Tomas\Downloads\super-hide-ip_3.2.8.8.exe
2015-04-06 15:22 - 2015-04-06 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP Changer Premium
2015-04-06 15:21 - 2015-04-06 15:21 - 01179583 _____ () C:\Users\Tomas\Downloads\Ip-Changer-Premium_2.1.67.zip
2015-04-06 15:17 - 2015-04-06 15:17 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\MaskMyIP
2015-04-06 15:17 - 2015-04-06 15:17 - 00000000 ____D () C:\ProgramData\MaskMyIP
2015-04-06 15:15 - 2015-04-06 15:16 - 02248800 _____ () C:\Users\Tomas\Downloads\MaskMyIP-2.4.9.8.Setup.exe
2015-04-06 15:11 - 2015-04-06 15:11 - 02272070 _____ (Thomas Hauck Software) C:\Users\Tomas\Downloads\JanaSetup.exe
2015-04-06 14:46 - 2015-04-06 15:09 - 00000000 ____D () C:\Users\Tomas\Desktop\Flughafen Simulator 2014
2015-04-03 21:23 - 2015-04-03 21:23 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2015-04-03 21:23 - 2015-04-03 21:23 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2015-04-03 21:23 - 2015-04-03 21:23 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2015-04-03 21:23 - 2015-04-03 21:23 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2015-04-03 21:23 - 2015-04-03 21:23 - 00000159 ___RH () C:\WINDOWS\ctfile.rfc
2015-04-03 21:23 - 2010-11-23 14:27 - 00241664 _____ () C:\WINDOWS\system32\APOMgr64.DLL
2015-04-03 21:23 - 2010-11-23 14:26 - 00186368 _____ () C:\WINDOWS\SysWOW64\APOMngr.DLL
2015-04-03 21:23 - 2010-11-02 16:01 - 00001313 ____N () C:\WINDOWS\THXCfg_SP_APOIM.ini
2015-04-03 21:23 - 2010-11-02 16:00 - 00001212 ____N () C:\WINDOWS\THXCfg_HP_APOIM.ini
2015-04-03 21:23 - 2010-11-02 15:59 - 00001212 ____N () C:\WINDOWS\THXCfg_APOIM.ini
2015-04-03 21:23 - 2010-10-13 11:11 - 01942528 ____N (Creative) C:\WINDOWS\system32\Sens_oal.dll
2015-04-03 21:23 - 2010-10-13 11:08 - 02906591 ____N (Creative) C:\WINDOWS\SysWOW64\Sens_oal.dll
2015-04-03 21:23 - 2010-07-26 18:57 - 00018432 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\THXCfg64.dll
2015-04-03 21:23 - 2010-07-21 16:51 - 00011264 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ResDefA.exe
2015-04-03 21:23 - 2010-07-16 12:00 - 00007594 ____N () C:\WINDOWS\SysWOW64\xFiMB2CfgUninstall32.ini
2015-04-03 21:23 - 2010-07-16 12:00 - 00007594 ____N () C:\WINDOWS\system32\xFiMB2CfgUninstall64.ini
2015-04-03 21:23 - 2010-06-24 11:55 - 00005135 ____N () C:\WINDOWS\SysWOW64\cfgfx.ini
2015-04-03 21:23 - 2010-06-24 11:55 - 00005135 ____N () C:\WINDOWS\system32\cfgfx.ini
2015-04-03 21:23 - 2010-06-07 19:24 - 00006772 ____N () C:\WINDOWS\system32\THXCfg64.ini
2015-04-03 21:23 - 2010-06-01 11:59 - 00006985 ____N () C:\WINDOWS\system32\THXCfgUninstall64.ini
2015-04-03 21:23 - 2010-05-18 13:36 - 00002775 ____N () C:\WINDOWS\FF08_Render_Spk.ini
2015-04-03 21:23 - 2010-05-18 13:36 - 00002411 ____N () C:\WINDOWS\FF08_Render_Hp.ini
2015-04-03 21:23 - 2010-01-11 17:19 - 00005262 ____N () C:\WINDOWS\system32\MCEptMon.ini
2015-04-03 21:23 - 2009-12-29 16:53 - 00089088 _____ () C:\WINDOWS\system32\CmdRtr64.DLL
2015-04-03 21:23 - 2009-12-29 16:52 - 00073728 _____ () C:\WINDOWS\SysWOW64\CmdRtr.DLL
2015-04-03 21:23 - 2009-12-07 14:37 - 00002267 ____N () C:\WINDOWS\FF08_Capture.ini
2015-04-03 21:23 - 2009-11-30 17:30 - 00005262 ____N () C:\WINDOWS\system32\MBEptMon.ini
2015-04-03 21:23 - 2009-10-28 09:55 - 00001542 ____N () C:\WINDOWS\FF08_Render.ini
2015-04-03 21:23 - 2009-10-15 13:32 - 00021504 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\EptMon64.dll
2015-04-03 21:23 - 2009-10-08 17:05 - 00121856 ____N (Creative Technology Ltd) C:\WINDOWS\system32\CTtele64.dll
2015-04-03 21:23 - 2009-10-08 17:05 - 00110592 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTtele32.dll
2015-04-03 21:23 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\THXCfg64.exe
2015-04-03 21:23 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\EptMon64.exe
2015-04-03 21:23 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\cfgChain.exe
2015-04-03 21:23 - 2009-10-01 16:41 - 00132096 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\cfgChain.exe
2015-04-03 21:23 - 2009-05-21 11:15 - 00192512 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AMBSpiE.exe
2015-04-03 21:23 - 2009-05-21 11:14 - 00260608 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\AMBSpiE.exe
2015-04-03 21:23 - 2009-04-28 17:43 - 00093696 ____N (Creative Technology Ltd) C:\WINDOWS\system32\ctpxst64.exe
2015-04-03 21:23 - 2009-04-28 17:42 - 00083456 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\ctpxst32.exe
2015-04-03 21:23 - 2009-02-26 12:08 - 00017920 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\AmbRunE.dll
2015-04-03 21:23 - 2009-02-26 12:07 - 00014848 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\AmbRunE.dll
2015-04-03 21:23 - 2008-03-10 11:20 - 00008704 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ResDefE.exe
2015-04-03 21:23 - 2008-03-10 11:20 - 00008704 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\ResDefE.exe
2015-04-03 21:23 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\WINDOWS\Updreg.EXE
2015-04-03 21:20 - 2015-04-03 21:23 - 00000000 ____D () C:\Program Files (x86)\Creative
2015-04-03 21:20 - 2015-04-03 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-04-03 21:20 - 2015-04-03 21:20 - 00000000 ____D () C:\Program Files\Creative
2015-04-03 21:11 - 2015-04-03 21:11 - 00000000 ____D () C:\Users\Tomas\Desktop\x-fi
2015-04-03 21:03 - 2015-04-03 21:20 - 76767235 _____ () C:\Users\Tomas\Downloads\R 2.73 RTM FIXED INSTALL.rar.part
2015-04-03 21:00 - 2015-04-03 21:11 - 115883974 _____ () C:\Users\Tomas\Downloads\Creative X-FI MB 2012 -Gamespirit.zip
2015-04-03 20:42 - 2015-04-03 20:42 - 08365568 _____ () C:\Users\Tomas\Downloads\Drivers-x64.msi
2015-04-03 20:12 - 2015-04-03 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-04-03 20:12 - 2015-04-03 20:12 - 00000000 ____D () C:\Program Files (x86)\Dolby
2015-04-03 20:08 - 2015-04-03 20:10 - 63031056 _____ (Dolby ) C:\Users\Tomas\Downloads\dcc_vista32_win732_2.2.3_pv_dolby_spruce.exe
2015-04-03 20:07 - 2015-04-03 20:07 - 03568824 _____ (Informer Technologies, Inc. ) C:\Users\Tomas\Downloads\siinst.exe
2015-04-03 14:11 - 2015-04-03 14:11 - 00000222 _____ () C:\Users\Tomas\Desktop\AdVenture Capitalist.url
2015-04-02 00:16 - 2015-04-02 00:16 - 00000000 ____D () C:\Users\Tomas\Downloads\The Amazing Spider-Man 2 Proper - RELOADED
2015-03-31 14:34 - 2015-03-31 14:34 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Lenovo
2015-03-31 13:13 - 2015-03-31 13:14 - 13620936 _____ (BlueStack Systems Inc.) C:\Users\Tomas\Downloads\BlueStacks-ThinInstaller.exe
2015-03-31 01:05 - 2015-03-31 01:05 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2015-03-31 01:02 - 2015-03-31 01:02 - 00001978 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-03-31 00:27 - 2015-03-31 00:27 - 00000000 ____D () C:\Riot Games
2015-03-31 00:25 - 2015-03-31 00:26 - 30993712 _____ (Riot Games) C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014(1).exe
2015-03-31 00:25 - 2015-03-31 00:26 - 30668968 _____ (Riot Games) C:\Users\Tomas\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-03-31 00:08 - 2015-03-31 00:27 - 00000000 ____D () C:\rads
2015-03-31 00:04 - 2015-03-31 00:05 - 30993712 _____ (Riot Games) C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe
2015-03-30 19:12 - 2015-03-30 19:12 - 00001707 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-03-30 19:11 - 2015-03-30 19:11 - 04532776 _____ (Piriform Ltd) C:\Users\Tomas\Downloads\dfsetup219.exe
2015-03-30 18:29 - 2015-03-30 18:29 - 01285128 _____ (Developer Tribe (Pvt) Ltd. ) C:\Users\Tomas\Downloads\setup_rr.exe
2015-03-30 18:27 - 2015-03-30 18:27 - 00232216 _____ () C:\Users\Tomas\Downloads\setup_rr-32414816.exe
2015-03-30 17:55 - 2015-03-30 17:55 - 04159880 _____ (ReviverSoft LLC) C:\Users\Tomas\Downloads\RegistryReviverInstaller.exe
2015-03-30 17:51 - 2015-03-30 17:51 - 12892992 _____ (Lenovo Group Limited ) C:\Users\Tomas\Desktop\g3an05ww.exe
2015-03-30 17:28 - 2013-07-25 14:39 - 00206552 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2015-03-30 17:23 - 2011-09-01 15:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2015-03-30 17:21 - 2015-04-12 22:28 - 00856084 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-30 17:06 - 2013-08-20 13:28 - 02832088 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A40.DLL
2015-03-30 17:06 - 2013-08-19 15:56 - 00936128 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64BP04.dll
2015-03-30 17:06 - 2013-08-05 13:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-03-30 17:06 - 2013-08-05 13:56 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-03-30 17:06 - 2013-08-05 13:56 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-03-30 17:06 - 2013-08-05 13:56 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-03-30 17:06 - 2013-07-10 16:39 - 01299648 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys
2015-03-30 17:06 - 2013-05-15 15:27 - 00406208 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\CSpkExt64.dll
2015-03-30 17:06 - 2012-06-29 13:04 - 00050848 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxPageMaster64.dll
2015-03-30 17:06 - 2011-01-18 08:35 - 00030893 _____ () C:\WINDOWS\system32\Drivers\Mixer.ini
2015-03-30 16:56 - 2015-03-30 17:04 - 194426600 _____ (Lenovo Group Limited ) C:\Users\Tomas\Desktop\au200w81.exe
2015-03-30 16:18 - 2015-03-30 16:18 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-03-30 16:11 - 2015-03-30 16:11 - 00001969 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-03-30 16:11 - 2015-03-30 16:11 - 00001909 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2015-03-30 16:11 - 2015-03-30 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-30 16:09 - 2015-04-12 13:49 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-30 16:09 - 2015-03-30 16:08 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-30 16:09 - 2015-03-30 16:08 - 00271200 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-30 16:09 - 2015-03-30 16:08 - 00028144 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2015-03-30 16:08 - 2015-03-30 16:08 - 00449896 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-03-30 16:08 - 2015-03-30 16:08 - 00044640 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2015-03-30 16:08 - 2015-03-30 16:08 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-30 16:02 - 2015-03-30 16:02 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-30 15:49 - 2015-04-13 20:17 - 00013929 _____ () C:\WINDOWS\setupact.log
2015-03-30 15:49 - 2015-03-30 15:49 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-30 15:48 - 2015-04-13 20:05 - 00134834 _____ () C:\WINDOWS\PFRO.log
2015-03-30 15:42 - 2015-03-30 15:42 - 05453024 _____ (Avast Software s.r.o.) C:\Users\Tomas\Desktop\avast_premier_antivirus_setup_online.exe
2015-03-30 15:42 - 2015-03-30 15:42 - 05453024 _____ (Avast Software s.r.o.) C:\Users\Public\Desktop\avast_premier_antivirus_setup_online.exe
2015-03-30 15:41 - 2015-03-30 15:41 - 00896048 _____ () C:\Users\Tomas\Downloads\Norton_Removal_Tool.exe
2015-03-30 15:24 - 2015-04-10 21:10 - 00000000 ____D () C:\Users\Tomas\Desktop\Původní data aplikace Firefox
2015-03-28 13:46 - 2015-04-07 09:02 - 00000000 ____D () C:\Users\Tomas\Desktop\aim
2015-03-27 21:54 - 2015-03-27 21:54 - 00000000 ____D () C:\ProgramData\IObit
2015-03-27 21:54 - 2015-01-10 16:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-03-27 21:54 - 2014-06-04 16:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-03-27 21:45 - 2015-04-12 22:37 - 00000000 ____D () C:\Program Files\trend micro
2015-03-27 17:23 - 2015-03-27 17:23 - 00000221 _____ () C:\Users\Tomas\Desktop\Altitude.url
2015-03-25 18:47 - 2015-03-25 18:47 - 00001081 _____ () C:\Users\Public\Desktop\AutoClick.lnk
2015-03-25 18:47 - 2015-03-25 18:47 - 00000000 ____D () C:\Users\Tomas\Documents\AutomaticSolution Software
2015-03-25 18:47 - 2015-03-25 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoClick
2015-03-25 18:47 - 2015-03-25 18:47 - 00000000 ____D () C:\Program Files (x86)\AutoClick3
2015-03-25 18:46 - 2012-03-19 21:07 - 00866494 _____ (goldensoft.org ) C:\Users\Tomas\Desktop\AutoClick-Setup.exe
2015-03-22 11:51 - 2015-03-22 12:02 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2015-03-21 12:30 - 2015-03-21 12:30 - 00002012 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2015-03-21 12:13 - 2015-03-21 12:15 - 02436110 _____ () C:\Users\Tomas\Desktop\PS2_BIOS_V22_ALL_REGIONS.rar
2015-03-21 12:11 - 2015-03-22 12:03 - 00000000 ____D () C:\Users\Tomas\Documents\PCSX2
2015-03-21 12:10 - 2015-03-21 12:31 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 20:28 - 2014-04-28 21:55 - 02071210 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-13 20:27 - 2014-03-18 17:33 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-13 20:27 - 2014-03-18 16:54 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-04-13 20:27 - 2014-03-18 16:54 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-04-13 20:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-13 20:18 - 2013-05-20 18:24 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-04-13 20:12 - 2014-02-16 14:25 - 00000976 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 20:08 - 2014-02-16 14:25 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-13 20:06 - 2014-04-28 22:08 - 00000000 ____D () C:\Users\Tomas
2015-04-13 20:06 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-13 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-13 19:58 - 2014-07-08 19:02 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-13 19:10 - 2014-03-17 20:05 - 00000944 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job
2015-04-13 19:10 - 2014-03-17 20:05 - 00000922 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job
2015-04-13 16:13 - 2014-04-27 20:51 - 00000000 ____D () C:\Program Files (x86)\opera
2015-04-13 15:37 - 2014-03-09 12:31 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-13 15:16 - 2014-02-16 15:12 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3095543077-3893173563-4132863104-1002
2015-04-13 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-13 13:46 - 2014-02-26 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-12 23:12 - 2014-04-29 23:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\ClassicShell
2015-04-12 22:31 - 2014-07-21 18:03 - 00000000 ____D () C:\Users\Tomas\AppData\Local\LogMeIn Hamachi
2015-04-12 22:12 - 2014-02-16 14:02 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VirtualStore
2015-04-12 21:05 - 2014-12-07 10:56 - 00000000 ____D () C:\Users\Tomas\Documents\Assassin's Creed Unity
2015-04-12 19:07 - 2014-08-02 19:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-12 14:36 - 2014-02-18 12:23 - 00000000 ____D () C:\Users\Tomas\AppData\Local\CrashDumps
2015-04-12 13:26 - 2015-01-26 17:26 - 00000000 ____D () C:\ProgramData\hdgacbecipihjanjmahfcldombgfnpip
2015-04-11 17:53 - 2014-08-20 16:58 - 00000000 ____D () C:\Users\Tomas\Desktop\54
2015-04-10 16:51 - 2013-08-23 02:46 - 00000000 ____D () C:\Users\Tomas\Documents\Youcam
2015-04-10 16:50 - 2014-07-25 21:15 - 00004509 _____ () C:\Users\Tomas\AppData\Roaming\CamStudio.cfg
2015-04-10 16:50 - 2014-07-25 21:15 - 00000408 _____ () C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2015-04-10 16:50 - 2014-07-25 21:15 - 00000408 _____ () C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2015-04-10 16:50 - 2014-07-25 21:15 - 00000096 _____ () C:\Users\Tomas\AppData\Roaming\Camdata.ini
2015-04-08 18:00 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-08 17:59 - 2014-03-06 23:00 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-04-08 16:28 - 2014-05-06 22:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 16:09 - 2014-06-21 14:34 - 00003828 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1398624677
2015-04-08 16:09 - 2014-04-27 20:52 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-07 12:35 - 2014-03-14 19:10 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\TS3Client
2015-04-04 15:17 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-03 21:23 - 2013-05-20 17:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-03 21:16 - 2014-06-25 23:56 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-03 21:02 - 2014-06-06 11:35 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-04-02 14:35 - 2014-07-07 23:54 - 00000000 ____D () C:\Counter-Strike 1.6
2015-04-02 12:00 - 2014-02-16 14:46 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\uTorrent
2015-03-31 10:39 - 2013-05-20 18:24 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-31 01:04 - 2014-02-16 14:13 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\LSC
2015-03-31 01:03 - 2014-02-16 14:22 - 00000000 ____D () C:\Users\Tomas\AppData\Local\LSC
2015-03-31 01:03 - 2013-05-20 18:29 - 00000000 ____D () C:\ProgramData\Lenovo
2015-03-31 01:02 - 2013-05-20 18:24 - 00000000 ____D () C:\Program Files\Lenovo
2015-03-31 01:02 - 2013-05-20 18:17 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-03-31 01:00 - 2013-05-20 18:24 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-03-31 00:27 - 2015-01-30 15:27 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Riot Games
2015-03-31 00:04 - 2014-09-11 17:49 - 00000000 ____D () C:\Users\Tomas\Desktop\HRY
2015-03-30 19:12 - 2014-06-01 15:17 - 00000000 ____D () C:\Program Files\Defraggler
2015-03-30 18:36 - 2015-02-14 18:48 - 00000000 ____D () C:\Users\Tomas\Desktop\fd
2015-03-30 18:36 - 2014-07-17 22:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP
2015-03-30 18:36 - 2014-06-30 14:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Guns And Robots
2015-03-30 18:36 - 2014-06-22 17:11 - 00000000 ____D () C:\Users\Tomas\Desktop\moje soubory
2015-03-30 17:26 - 2013-05-20 17:47 - 00000000 ____D () C:\ProgramData\Conexant
2015-03-30 17:22 - 2014-04-28 21:57 - 00000000 ____D () C:\Program Files\CONEXANT
2015-03-30 16:25 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-30 15:48 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-30 15:45 - 2015-02-27 16:41 - 00000000 ____D () C:\ProgramData\Norton
2015-03-30 15:44 - 2015-02-27 16:43 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-30 14:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-28 13:25 - 2014-02-18 16:26 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-03-28 12:13 - 2014-04-13 11:08 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Awesomium
2015-03-28 11:30 - 2014-04-28 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hry
2015-03-28 11:30 - 2013-12-15 22:54 - 00000000 ____D () C:\hry
2015-03-28 11:11 - 2013-12-03 15:26 - 00000000 ____D () C:\Users\Tomas\Downloads\torrent hry
2015-03-28 11:08 - 2014-12-20 10:38 - 00000000 ____D () C:\Users\Tomas\Desktop\AC IV S
2015-03-28 10:57 - 2014-02-16 18:51 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-03-28 10:50 - 2014-05-02 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-03-27 21:57 - 2014-04-28 22:49 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-27 21:52 - 2014-06-06 11:35 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\IObit
2015-03-27 21:40 - 2014-08-01 14:49 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Adobe
2015-03-27 21:38 - 2014-07-08 19:02 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-26 23:49 - 2014-07-10 16:49 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\MultiBit
2015-03-22 12:10 - 2014-11-01 12:12 - 00000000 ____D () C:\Users\Tomas\AppData\Local\PAYDAY
2015-03-21 16:40 - 2014-07-12 23:15 - 00000000 ____D () C:\Users\Tomas\Documents\Camtasia Studio
2015-03-21 12:42 - 2014-05-28 16:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2015-03-21 12:41 - 2014-05-28 16:18 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2015-03-17 13:24 - 2014-02-19 16:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-17 13:19 - 2014-02-19 16:07 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-14 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-14 15:15 - 2014-02-16 14:35 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\.minecraft
2015-03-14 11:54 - 2014-06-17 19:11 - 00000000 ____D () C:\ProgramData\Origin
2015-03-14 11:45 - 2014-06-17 19:10 - 00000000 ____D () C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2014-07-25 21:15 - 2015-04-10 16:50 - 0000096 _____ () C:\Users\Tomas\AppData\Roaming\Camdata.ini
2014-07-25 21:15 - 2015-04-10 16:50 - 0000408 _____ () C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2014-07-25 21:15 - 2015-04-10 16:50 - 0000408 _____ () C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2014-07-25 21:15 - 2015-04-10 16:50 - 0004509 _____ () C:\Users\Tomas\AppData\Roaming\CamStudio.cfg
2015-01-29 18:34 - 2015-01-29 18:34 - 0118707 _____ () C:\Users\Tomas\AppData\Roaming\icarus-dxdiag.xml
2014-08-20 17:05 - 2014-08-20 17:05 - 0001244 _____ () C:\Users\Tomas\AppData\Roaming\Roaming – zástupce.lnk
2014-07-11 20:56 - 2014-07-25 21:21 - 0006144 _____ () C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-12 19:54 - 2014-06-12 19:54 - 0000000 ___SH () C:\Users\Tomas\AppData\Local\LumaEmu
2014-06-17 21:49 - 2014-06-17 21:49 - 0000700 ___SH () C:\Users\Tomas\AppData\Local\systemFL7.dat
2013-05-20 17:49 - 2013-05-20 17:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-20 18:29 - 2013-05-20 18:29 - 0000198 ____H () C:\ProgramData\Lenovo-30316.vbs

Files to move or delete:
====================
C:\ProgramData\Lenovo-30316.vbs

Some content of TEMP:
====================
C:\Users\Tomas\AppData\Local\Temp\AskSLib.dll
C:\Users\Tomas\AppData\Local\Temp\ICReinstall_Jewel Quest 3.exe
C:\Users\Tomas\AppData\Local\Temp\KUIU.EXE

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-12 20:52

==================== End Of Log ============================

Tomasvlad · #8 Příspěvek od **Tomasvlad** » 13 dub 2015 19:41

Addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by Tomas at 2015-04-13 20:39:21
Running from C:\Users\Tomas\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Productions Ltd.)
Aktualizace NVIDIA 16.13.69 (Version: 16.13.69 - NVIDIA Corporation) Hidden
Altitude (HKLM-x32\...\Steam App 41300) (Version: - Nimbly Games)
Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AutoClick (HKLM-x32\...\AutoClick_is1) (Version: V3.0 - goldensoft.org)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
avast! EasyPass (HKLM-x32\...\AI RoboForm) (Version: 7-9-1-129 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BlueStacks Notification Center (HKLM-x32\...\{011580CB-3D7F-47A6-A5D2-1287A4E43C73}) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty - World at War verze 1.7 (HKLM-x32\...\{2126C3DC-16F3-4BFE-96D0-44441D85EB7E}_is1) (Version: 1.7 - tomi2k9)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}) (Version: 8.4.1.1745 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Cleanse Uninstaller Pro 7.1.0 (HKLM-x32\...\Cleanse Uninstaller Pro 7.1.0) (Version: - Zards software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.180.0 - Conexant Systems)
Counter-Strike 1.6 v42 (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DGear (HKLM\...\D3DGear_is1) (Version: 4.7.4 - D3DGear Technologies)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dolby Control Center (HKLM-x32\...\{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}) (Version: 2.2.3 - Dolby)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Sports™ FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.2.0.43717 - Electronic Arts, Inc.)
EasyRemove (HKLM-x32\...\{E7A30306-1222-4892-82B1-E0EF0CB0D1E3}_is1) (Version: 1.0 - EUROBYTE SOFTWARE s.r.o.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.5 - Lenovo)
Energy Management (x32 Version: 8.0.2.5 - Lenovo) Hidden
Eternal-WoW! Launcher (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\1b3fd9835e4d92e9) (Version: 2.0.2.20 - Eternal-WoW!)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fallen Earth (HKLM-x32\...\Steam App 113420) (Version: - Reloaded Productions)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version: - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version: - IO Interactive)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.0.1006.15 - Solveig Multimedia)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Mobogenie version 2.1.36_308 (HKLM-x32\...\{6A12DD48-5710-4AD5-AB1A-AB6E5D270DFA}_is1) (Version: 2.1.36_308 - Mobogenie) <==== ATTENTION
Moo0 Voice Recorder 1.38 (HKLM-x32\...\Moo0 VoiceRecorder) (Version: - )
MorphVOX Pro (HKLM-x32\...\{A25A7B10-75EA-4208-AAF1-0E3841C444F1}) (Version: 4.3.3 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 cs)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Stable 28.0.1750.51 (HKLM-x32\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden
Panzar (HKLM-x32\...\{4FF82163-423A-43CE-898D-3B60D19A5E8F}_is1) (Version: 1.0 - Panzar)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pivot Stickfigure Animator (HKLM-x32\...\{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}) (Version: 2.2.5 - Peter Bone)
Plague Inc Evolved (HKLM-x32\...\Plague Inc Evolved 1.0.0) (Version: 1.0.0 - Ndemic Creations)
Plague Inc Evolved (x32 Version: 1.0.0 - Ndemic Creations) Hidden
Plus500 (HKLM-x32\...\Plus500) (Version: - )
Pokemon World Online version 1.94 (HKLM-x32\...\{58FA82F2-5FAA-4036-9129-C97DDCAC6A1B}_is1) (Version: 1.94 - PWO Team)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.8 - Developer Tribe (Pvt) Ltd.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Seznam Software (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sound Blaster X-Fi MB 2 (HKLM-x32\...\{89F922D6-E3E0-4303-AF8E-CE18412E3A18}) (Version: 1.00.00 - Creative Technology Limited)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splinter Cell - Blacklist 1.01 (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}_is1) (Version: - )
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Start8 (HKLM-x32\...\Start8) (Version: 1.10 - Stardock Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Sun-PTPbarre M-B-v2.15e (HKLM-x32\...\{C5021419-CF53-401C-B32E-E8603C2378E6}_is1) (Version: - Agia3D)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.13 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{698A302D-8E17-4D97-AF33-53DD530564CD}) (Version: 2.2.4.0 - Husdawg, LLC)
sZone-Online (HKLM-x32\...\Steam App 316390) (Version: - Cybertime System)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.03.000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
Tunngle version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Unity Web Player (HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{E6F012B0-E930-11E0-A67A-F04DA23A5C58}) (Version: 11.0.370 - Sony)
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
War Thunder Launcher 1.0.1.395 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tomas\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

28-03-2015 10:56:19 Odstraněno Assassin's Creed II
30-03-2015 15:56:47 avast! antivirus system restore point
03-04-2015 20:11:13 Installed Dolby Control Center.
08-04-2015 17:56:37 Removed BlueStacks Notification Center
12-04-2015 11:45:03 Removed BlueStacks Notification Center

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1156D402-C493-40BB-856F-2C224D3D414A} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {1203AA8A-1D27-4DB3-A1A6-E76C3356C176} - System32\Tasks\Lenovo\sysrun-15965 => C:\Users\Tomas\AppData\Local\Temp\sysrun-15965.cmd <==== ATTENTION
Task: {2F144546-5312-4818-972F-1960EE0764AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {3700B9F4-C516-4961-88E7-413B5B34C174} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
Task: {383AC80B-1FF2-4EB5-8A12-5474A61382C8} - System32\Tasks\{75854773-B898-4E5C-A5F2-C8333A63DBF7} => pcalua.exe -a "C:\Program Files (x86)\Kwyshell\MidpX\Midp2Exe\Midp2Exe.exe" -d C:\Users\Tomas\Downloads -c -jar "C:\Users\Tomas\Downloads\forge-1.6.4-9.11.1.965-installer.jar" -k
Task: {3C2C7829-A613-42E4-93DF-E12C81A3707D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-17] (Microsoft Corporation)
Task: {4C0BAF66-3FC3-4C0A-8513-FC3FDAD0CFB4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {4CBF861F-0AED-46CB-B2A6-10B3245DF533} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {51428792-0924-48F6-AFE3-7D64F0A8DB7D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {5B70F8B0-CDBE-4C8B-BF9F-E1620096EE00} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\WSCStub.exe
Task: {66A6AF96-598B-4DF6-B4A2-72B635A16B2D} - System32\Tasks\{AE1535D2-B40D-41F7-800D-3301D01578B4} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... =tsInstall
Task: {724E3E69-9885-4A1E-AC40-FE353C9EED8D} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {776509DD-EA81-4F4C-A12B-6217CB955DFD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-17] (Facebook Inc.)
Task: {79436324-C53A-4A2F-B415-E3C57F874726} - System32\Tasks\Opera scheduled Autoupdate 1398624677 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {7C42EC11-5FB3-490D-8EB1-B720D52A998F} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {8164C2E2-D978-4D96-9CA4-DFD0FF238DA0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {847CD103-269A-4F82-9F2C-FECC2E916A2E} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe <==== ATTENTION
Task: {84CCB7AD-5F1D-4235-B6F1-72333B76B341} - System32\Tasks\{DF7D4FDC-83D7-4636-AEDD-97B32519B80B} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(1).exe -d C:\Users\Tomas\Downloads
Task: {886748E2-C4A3-4918-8264-7CBC7C22A269} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {A1A22F70-D2DF-4188-ACA9-A474C9FA34B6} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe
Task: {A48FAAC0-6F4A-4A7E-BD51-9AA50F6EC813} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.1.0.9\SymErr.exe
Task: {AF5704D2-95D1-4D38-BF08-1884A73E52CB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {B0914C49-233B-4424-A53A-0F366EDFDBDA} - System32\Tasks\{275AFA74-77A8-4454-B0F9-9386AFBEDFA0} => pcalua.exe -a E:\FahrenheitAutoRun.exe -d E:\
Task: {B1AB8201-A59A-4767-981C-47F45FEBDD04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {C1033F33-3BE1-44DB-862E-BA8995248959} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {C3040383-E854-4214-983C-986A76744BCE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-17] (Facebook Inc.)
Task: {C506A3C8-6D8F-470A-9B45-01C903FAFB65} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-25] (Siber Systems)
Task: {CF25096D-68A5-4154-899F-4B33F5CB38D6} - System32\Tasks\Lenovo\sysrun-29030 => C:\Users\Tomas\AppData\Local\Temp\sysrun-29030.cmd <==== ATTENTION
Task: {D2D288F0-7383-4D71-A29C-683108C65112} - System32\Tasks\{7AF9BE96-8832-42F1-A2CB-ED510A7D0DE7} => Firefox.exe http://www.skype.com/go/downloading?sou ... rror=12002
Task: {D79B28D7-E9D1-4E1E-AB0D-862FD8F5E1F6} - System32\Tasks\Lenovo\sysrun-31775 => C:\Users\Tomas\AppData\Local\Temp\sysrun-31775.cmd <==== ATTENTION
Task: {E5F2D378-8340-480B-B2BB-AFE770203CD4} - System32\Tasks\Lenovo\Lenovo-30316 => C:\ProgramData\Lenovo-30316.vbs [2013-05-20] ()
Task: {EE1E52F6-0525-400A-A643-5C63C9D4761A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27] (Adobe Systems Incorporated)
Task: {F8377C05-4368-4A88-9254-7C7C1A521A46} - System32\Tasks\{FB244F9E-6410-462F-9605-487453678A18} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(2).exe -d C:\Users\Tomas\Downloads
Task: {F9802E41-8302-4C2A-9A3E-D69A193905AA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-30] (Avast Software s.r.o.)
Task: {FC48DA4D-0110-4F32-A598-F6C25BF652C4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-27] (Synaptics Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-28 21:57 - 2014-12-13 10:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-26 19:42 - 2014-12-13 12:08 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-08 13:14 - 2005-03-12 01:07 - 00087040 _____ () C:\WINDOWS\System32\pdfcmnnt.dll
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2013-01-25 09:09 - 2013-01-25 09:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 09:05 - 2013-01-25 09:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 09:12 - 2013-01-25 09:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-30 16:08 - 2015-03-30 16:08 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-30 16:08 - 2015-03-30 16:08 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-05-20 18:31 - 2012-07-12 14:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-03-30 16:08 - 2015-03-30 16:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-05 17:16 - 2014-12-13 12:08 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-05-20 17:35 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-13 16:34 - 2015-04-13 16:35 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041301\algo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Tomas\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.88.1 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "20Dollars2Surf.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "amd_dc_opt"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "InboxToolbar"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\StartupFolder: => "DesktopWeatherAlerts.lnk"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\StartupFolder: => "Weather Alerts.lnk"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "RoboForm"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "FixMyRegistry"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "Horloger"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "Advanced SystemCare 3"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "SpeedUpMyPC"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "ThreadManager.exe"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\StartupApproved\Run: => "Yahoo! Search"

==================== Accounts: =============================

Administrator (S-1-5-21-3095543077-3893173563-4132863104-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3095543077-3893173563-4132863104-501 - Limited - Disabled)
Tomas (S-1-5-21-3095543077-3893173563-4132863104-1002 - Administrator - Enabled) => C:\Users\Tomas
UpdatusUser (S-1-5-21-3095543077-3893173563-4132863104-1080 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 08:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 08:20:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 08:08:08 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.IO.FileNotFoundException: Soubor C:\ProgramData\BlueStacks\Android\kernel.elf nebyl nalezen.
Název souboru: C:\ProgramData\BlueStacks\Android\kernel.elf
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/13/2015 07:34:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 07:19:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 07:04:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 06:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 06:34:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 06:19:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2015 06:04:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

System errors:
=============
Error: (04/13/2015 08:35:53 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: App.AppXsg0y3xx14yw6r9epte18b27nzb5hhht4.mca

Error: (04/13/2015 08:20:54 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: App.AppXsg0y3xx14yw6r9epte18b27nzb5hhht4.mca

Error: (04/13/2015 08:14:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service přestala během spouštění reagovat.

Error: (04/13/2015 08:08:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (04/13/2015 08:08:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby LogMeIn Hamachi Tunneling Engine bylo dosaženo časového limitu (30000 ms).

Error: (04/13/2015 08:08:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (04/13/2015 08:07:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NEWDRIVER neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (04/13/2015 08:06:10 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001e (0xffffffffc0000005, 0xfffff801aa41afbb, 0x0000000000000000, 0xffffffffffffffff)C:\WINDOWS\MEMORY.DMP041315-52312-01

Error: (04/13/2015 08:06:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:39:06, ‎13. ‎4. ‎2015) bylo neočekávané.

Error: (04/13/2015 07:34:01 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: App.AppXsg0y3xx14yw6r9epte18b27nzb5hhht4.mca

Microsoft Office Sessions:
=========================
Error: (04/13/2015 08:35:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 08:20:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 08:08:08 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.IO.FileNotFoundException: Soubor C:\ProgramData\BlueStacks\Android\kernel.elf nebyl nalezen.
Název souboru: C:\ProgramData\BlueStacks\Android\kernel.elf
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/13/2015 07:34:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 07:19:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 07:04:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 06:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 06:34:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 06:19:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

Error: (04/13/2015 06:04:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2144927141

CodeIntegrity Errors:
===================================
Date: 2014-10-28 17:56:22.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:22.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:22.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:21.809
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:21.604
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:21.373
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:21.154
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:20.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:20.770
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-10-28 17:56:20.465
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 41%
Total physical RAM: 3961.77 MB
Available physical RAM: 2316.45 MB
Total Pagefile: 9902.77 MB
Available Pagefile: 7938.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:355.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0B4BD62C)

Partition: GPT Partition Type.

==================== End Of Log ============================

#9 Příspěvek od **altrok** » 13 dub 2015 20:25

Rozsireni ve FireFoxu CrowdFlower mate vedome?

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1512 2015-02-27] ()
C:\Program Files (x86)\Adobe Arkalis
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\MountPoints2: {5be73c90-3c9c-11e3-bea1-24fd5257879d} - "F:\setup.exe" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {724d43a9-0d85-11d4-9908-00400523e39a} -> No File
Toolbar: HKLM - No Name - {a19638fe-8536-4bcf-b659-a38ad619be61} - No File
Toolbar: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> No Name - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
FF NetworkProxy: "http", "91.229.20.73"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\WINDOWS\system32\npOGPPlugin.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]
FF HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] - 
CHR Extension: (Skype Click to Call) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [Not Found]
C:\Program Files (x86)\Skype\Toolbars

S1 lmimirr; No ImagePath
S3 xhunter1; No ImagePath
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S2 NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys [X]

2015-04-13 13:53 - 2015-04-13 13:53 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tomas\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-12 22:37 - 2015-04-12 22:37 - 00000000 ____D () C:\rsit
2015-04-12 13:23 - 2015-04-13 13:59 - 00000000 ____D () C:\AdwCleaner
2015-04-12 13:22 - 2015-04-12 13:22 - 02217984 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.201.exe
2015-04-12 12:57 - 2015-04-12 12:57 - 01222144 _____ () C:\Users\Tomas\Desktop\RSITx64.exe
2013-05-20 17:49 - 2013-05-20 17:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-20 18:29 - 2013-05-20 18:29 - 0000198 ____H () C:\ProgramData\Lenovo-30316.vbs

Task: {1203AA8A-1D27-4DB3-A1A6-E76C3356C176} - System32\Tasks\Lenovo\sysrun-15965 => C:\Users\Tomas\AppData\Local\Temp\sysrun-15965.cmd <==== ATTENTION
Task: {383AC80B-1FF2-4EB5-8A12-5474A61382C8} - System32\Tasks\{75854773-B898-4E5C-A5F2-C8333A63DBF7} => pcalua.exe -a "C:\Program Files (x86)\Kwyshell\MidpX\Midp2Exe\Midp2Exe.exe" -d C:\Users\Tomas\Downloads -c -jar "C:\Users\Tomas\Downloads\forge-1.6.4-9.11.1.965-installer.jar" -k
Task: {724E3E69-9885-4A1E-AC40-FE353C9EED8D} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Enigma Software Group
Task: {847CD103-269A-4F82-9F2C-FECC2E916A2E} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe <==== ATTENTION
Task: {84CCB7AD-5F1D-4235-B6F1-72333B76B341} - System32\Tasks\{DF7D4FDC-83D7-4636-AEDD-97B32519B80B} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(1).exe -d C:\Users\Tomas\Downloads
Task: {B0914C49-233B-4424-A53A-0F366EDFDBDA} - System32\Tasks\{275AFA74-77A8-4454-B0F9-9386AFBEDFA0} => pcalua.exe -a E:\FahrenheitAutoRun.exe -d E:\
Task: {CF25096D-68A5-4154-899F-4B33F5CB38D6} - System32\Tasks\Lenovo\sysrun-29030 => C:\Users\Tomas\AppData\Local\Temp\sysrun-29030.cmd <==== ATTENTION
Task: {D79B28D7-E9D1-4E1E-AB0D-862FD8F5E1F6} - System32\Tasks\Lenovo\sysrun-31775 => C:\Users\Tomas\AppData\Local\Temp\sysrun-31775.cmd <==== ATTENTION
Task: {F8377C05-4368-4A88-9254-7C7C1A521A46} - System32\Tasks\{FB244F9E-6410-462F-9605-487453678A18} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(2).exe -d C:\Users\Tomas\Downloads

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

Tomasvlad · #10 Příspěvek od **Tomasvlad** » 13 dub 2015 20:53

CrowdFlower mám vedome, nikdy mi nedelal problemy

#11 Příspěvek od **altrok** » 13 dub 2015 20:59

OK, v poradku. Ve fixlistu zahrnuty neni, takze pokracujte instrukcemi z meho predchazejiciho prispevku.

Tomasvlad · #12 Příspěvek od **Tomasvlad** » 13 dub 2015 22:07

Po restartu se mi ukazalo hlaseni, o chybejicim souboru - prikladam screen.

Zde je log.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-04-2015
Ran by Tomas at 2015-04-13 22:48:14 Run:1
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available profiles: Tomas & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1512 2015-02-27] ()
C:\Program Files (x86)\Adobe Arkalis
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\MountPoints2: {5be73c90-3c9c-11e3-bea1-24fd5257879d} - "F:\setup.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {724d43a9-0d85-11d4-9908-00400523e39a} -> No File
Toolbar: HKLM - No Name - {a19638fe-8536-4bcf-b659-a38ad619be61} - No File
Toolbar: HKU\S-1-5-21-3095543077-3893173563-4132863104-1002 -> No Name - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll No File
FF NetworkProxy: "http", "91.229.20.73"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\WINDOWS\system32\npOGPPlugin.dll No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-08]
FF HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\...\Firefox\Extensions: [eliteproxyswitcher@my-proxy.com] -
CHR Extension: (Skype Click to Call) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [Not Found]
C:\Program Files (x86)\Skype\Toolbars

S1 lmimirr; No ImagePath
S3 xhunter1; No ImagePath
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S2 NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys [X]

2015-04-13 13:53 - 2015-04-13 13:53 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Tomas\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-12 22:37 - 2015-04-12 22:37 - 00000000 ____D () C:\rsit
2015-04-12 13:23 - 2015-04-13 13:59 - 00000000 ____D () C:\AdwCleaner
2015-04-12 13:22 - 2015-04-12 13:22 - 02217984 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.201.exe
2015-04-12 12:57 - 2015-04-12 12:57 - 01222144 _____ () C:\Users\Tomas\Desktop\RSITx64.exe
2013-05-20 17:49 - 2013-05-20 17:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-20 18:29 - 2013-05-20 18:29 - 0000198 ____H () C:\ProgramData\Lenovo-30316.vbs

Task: {1203AA8A-1D27-4DB3-A1A6-E76C3356C176} - System32\Tasks\Lenovo\sysrun-15965 => C:\Users\Tomas\AppData\Local\Temp\sysrun-15965.cmd <==== ATTENTION
Task: {383AC80B-1FF2-4EB5-8A12-5474A61382C8} - System32\Tasks\{75854773-B898-4E5C-A5F2-C8333A63DBF7} => pcalua.exe -a "C:\Program Files (x86)\Kwyshell\MidpX\Midp2Exe\Midp2Exe.exe" -d C:\Users\Tomas\Downloads -c -jar "C:\Users\Tomas\Downloads\forge-1.6.4-9.11.1.965-installer.jar" -k
Task: {724E3E69-9885-4A1E-AC40-FE353C9EED8D} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Enigma Software Group
Task: {847CD103-269A-4F82-9F2C-FECC2E916A2E} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WConnectorProductivity.exe <==== ATTENTION
Task: {84CCB7AD-5F1D-4235-B6F1-72333B76B341} - System32\Tasks\{DF7D4FDC-83D7-4636-AEDD-97B32519B80B} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(1).exe -d C:\Users\Tomas\Downloads
Task: {B0914C49-233B-4424-A53A-0F366EDFDBDA} - System32\Tasks\{275AFA74-77A8-4454-B0F9-9386AFBEDFA0} => pcalua.exe -a E:\FahrenheitAutoRun.exe -d E:\
Task: {CF25096D-68A5-4154-899F-4B33F5CB38D6} - System32\Tasks\Lenovo\sysrun-29030 => C:\Users\Tomas\AppData\Local\Temp\sysrun-29030.cmd <==== ATTENTION
Task: {D79B28D7-E9D1-4E1E-AB0D-862FD8F5E1F6} - System32\Tasks\Lenovo\sysrun-31775 => C:\Users\Tomas\AppData\Local\Temp\sysrun-31775.cmd <==== ATTENTION
Task: {F8377C05-4368-4A88-9254-7C7C1A521A46} - System32\Tasks\{FB244F9E-6410-462F-9605-487453678A18} => pcalua.exe -a C:\Users\Tomas\Downloads\forge-1.7.2-10.12.1.1082-installer-win(2).exe -d C:\Users\Tomas\Downloads

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job => C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64 => value deleted successfully.
C:\Program Files (x86)\Adobe Arkalis => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value deleted successfully.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value deleted successfully.
"HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5be73c90-3c9c-11e3-bea1-24fd5257879d}" => Key deleted successfully.
HKCR\CLSID\{5be73c90-3c9c-11e3-bea1-24fd5257879d} => Key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}" => Key deleted successfully.
HKCR\CLSID\{724d43a9-0d85-11d4-9908-00400523e39a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{a19638fe-8536-4bcf-b659-a38ad619be61} => value deleted successfully.
HKCR\CLSID\{a19638fe-8536-4bcf-b659-a38ad619be61} => Key not found.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} => value deleted successfully.
HKCR\CLSID\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
HKU\S-1-5-21-3095543077-3893173563-4132863104-1002\Software\Mozilla\Firefox\Extensions\\eliteproxyswitcher@my-proxy.com => value deleted successfully.
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
"C:\Program Files (x86)\Skype\Toolbars" => File/Directory not found.
lmimirr => Service deleted successfully.
xhunter1 => Service deleted successfully.
EagleX64 => Service deleted successfully.
NEWDRIVER => Service deleted successfully.
C:\Users\Tomas\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Tomas\Desktop\adwcleaner_4.201.exe => Moved successfully.
C:\Users\Tomas\Desktop\RSITx64.exe => Moved successfully.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\ProgramData\Lenovo-30316.vbs => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1203AA8A-1D27-4DB3-A1A6-E76C3356C176}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1203AA8A-1D27-4DB3-A1A6-E76C3356C176}" => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\sysrun-15965 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\sysrun-15965" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{383AC80B-1FF2-4EB5-8A12-5474A61382C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{383AC80B-1FF2-4EB5-8A12-5474A61382C8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{75854773-B898-4E5C-A5F2-C8333A63DBF7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{75854773-B898-4E5C-A5F2-C8333A63DBF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{724E3E69-9885-4A1E-AC40-FE353C9EED8D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{724E3E69-9885-4A1E-AC40-FE353C9EED8D}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => Key deleted successfully.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{847CD103-269A-4F82-9F2C-FECC2E916A2E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{847CD103-269A-4F82-9F2C-FECC2E916A2E}" => Key deleted successfully.
C:\Windows\System32\Tasks\SystemSockets\SystemSockets => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemSockets\SystemSockets" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84CCB7AD-5F1D-4235-B6F1-72333B76B341}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84CCB7AD-5F1D-4235-B6F1-72333B76B341}" => Key deleted successfully.
C:\Windows\System32\Tasks\{DF7D4FDC-83D7-4636-AEDD-97B32519B80B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DF7D4FDC-83D7-4636-AEDD-97B32519B80B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0914C49-233B-4424-A53A-0F366EDFDBDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0914C49-233B-4424-A53A-0F366EDFDBDA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{275AFA74-77A8-4454-B0F9-9386AFBEDFA0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{275AFA74-77A8-4454-B0F9-9386AFBEDFA0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF25096D-68A5-4154-899F-4B33F5CB38D6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF25096D-68A5-4154-899F-4B33F5CB38D6}" => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\sysrun-29030 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\sysrun-29030" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D79B28D7-E9D1-4E1E-AB0D-862FD8F5E1F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D79B28D7-E9D1-4E1E-AB0D-862FD8F5E1F6}" => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\sysrun-31775 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\sysrun-31775" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8377C05-4368-4A88-9254-7C7C1A521A46}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8377C05-4368-4A88-9254-7C7C1A521A46}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FB244F9E-6410-462F-9605-487453678A18} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FB244F9E-6410-462F-9605-487453678A18}" => Key deleted successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.1 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-04-13 22:59:04)<=

C:\ProgramData\DP45977C.lfl => Is moved successfully.

==== End of Fixlog 22:59:04 ====

#13 Příspěvek od **altrok** » 13 dub 2015 22:16

Ikona zvuku a ukazatel baterie se stale neobjevuji?

Otestujte na virustotal.com C:\FRST\Quarantine\C\ProgramData\Lenovo-30316.vbs.vir - pokud uz byl soubor otestovany, zvolte Reanalyse. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.

Tomasvlad · #14 Příspěvek od **Tomasvlad** » 13 dub 2015 22:16

Ikony se uz ukazuji. Pokud se problem objevi, tak se ozvu

#15 Příspěvek od **altrok** » 13 dub 2015 22:19

Otestuje jeste ten soubor na virustotal, at muzem neco provest s chybovou hlaskou pri startu pocitace.

VIRY.CZ

Neobjevuje se ikona zvuku, a ukazatel baterie

Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie

Re: Neobjevuje se ikona zvuku, a ukazatel baterie