VIRY.CZ

zdravím, v předmětu jen vysvětlení, protože tu sám řeším problém na svém notebooku.Po dlouhé době jsem byl na notebooku dcery a neustále ji tu vyskakují reklamní okna, v dolní obrazovce při spuštěném prohlížeči jsou to vždy tři reklamy ve tvaru u a v pravém horním rohu, ohnutá obálka. Zřejmě tu má při různém stahování kupu havěti, trošku jsem to promazal, ale nepomohlo.
děkuji Martin

ogfile of random's system information tool 1.10 (written by random/random)
Run by Andrea at 2015-05-08 21:37:45
Microsoft Windows 8
System drive C: has 536 GB (77%) free of 698 GB
Total RAM: 3979 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:46, on 8. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17267)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe
C:\Program Files\trend micro\Andrea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0418__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Dragon Branch - {d640ce67-58e4-43c2-9adc-6bb959d7c606} - C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Andrea\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Andrea\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll C:\Program Files C:\Program Files
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem7.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr DragonBranch - Unknown owner - C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr DragonBranch - Unknown owner - C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15922 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
taskhostex.exe
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {6cb9628e-1ffb-4741-80f897fa8e122c93}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ad6645e5-2df7-4e1b-a7d9-49f16133647b -SystemEventPortName:HostProcess-d6f3dd17-17d7-48a8-b19c-1fd6f428c148 -IoCancelEventPortName:HostProcess-7474d281-8fbf-4304-9d80-2f30e1281765 -NonStateChangingEventPortName:HostProcess-60976a71-3e75-489a-9196-a0e2f557e8b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3c4ea5ad-d6d8-4d86-8758-85298ef80dd6 -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d08bccb4-eaa4-4ad1-8393-4375597d095c -SystemEventPortName:HostProcess-026027ae-954a-4590-98b9-b23530c5d566 -IoCancelEventPortName:HostProcess-e2a9e3de-5308-4f68-b077-bbd800774cde -NonStateChangingEventPortName:HostProcess-4358a6e1-ae95-470e-b2f5-a24b83ee269b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d99d3fc0-076e-407e-ade7-e8f9531ad671 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
explorer.exe
"C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe"
atieclxx
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=12480.be72570.922343438 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 12480 "\\.\pipe\gecko-crash-server-pipe.12480" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --proxy-stub-channel=Flash16236.6611AF38.2860 --host-broker-channel=Flash16236.6611AF38.15491 --host-pid=16236 --host-npapi-version=28 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_17_0_0_169.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --channel=15972.00B2F684.268820581 --proxy-stub-channel=Flash16236.6611AF38.2860 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_17_0_0_169.dll" --host-npapi-version=28 --type=renderer
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\5\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\8\plugin.exe"
"C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugins\3\plugin.exe"
taskeng.exe {9A7D587E-109C-4240-B538-2023034D81E7}
"C:\Windows\System32\Taskmgr.exe" /3
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Andrea\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002Core.job - C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002UA.job - C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForAndrea.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAndrea (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nprotect.com/keycrypt]
"Description"=INCA Internet nProtect KeyCrypt V6.0
"Path"=C:\Windows\system32\npkfxmp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\extensions\
plugin@starstable.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-01 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d640ce67-58e4-43c2-9adc-6bb959d7c606}]
Dragon Branch - C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll [2015-04-18 146168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-23 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-23 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-23 441152]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30 116648]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-04-19 3632472]
"Pokki"=C:\Users\Andrea\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-03-16 10818888]
"DAEMON Tools Lite"=C:\Users\Andrea\Desktop\DAEMON Tools Lite\DTLite.exe -autorun []
"cz.seznam.software.autoupdate"=C:\Users\Andrea\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31280256]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-01 56128]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-07-17 684064]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"YouCam Mirage"=c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-08-31 136488]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2012-08-31 167024]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-01 4085896]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-07-09 2020704]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-03-30 3978600]

C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll C:\Program Files C:\Program Files"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-23 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-08 21:32:41 ----D---- C:\rsit
2015-05-08 21:32:41 ----D---- C:\Program Files\trend micro
2015-05-08 21:24:03 ----SHD---- C:\Config.Msi
2015-04-23 20:45:49 ----D---- C:\ProgramData\Package Cache
2015-04-22 15:37:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-19 13:58:21 ----D---- C:\Users\Andrea\AppData\Roaming\Audacity
2015-04-18 17:31:41 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-04-18 17:30:46 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-04-18 17:27:47 ----D---- C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb
2015-04-18 17:27:45 ----D---- C:\Program Files (x86)\Dragon Branch
2015-04-17 19:36:01 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-17 19:35:59 ----A---- C:\Windows\system32\invagent.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\generaltel.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\devinv.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\appraiser.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\aepdu.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\aeinv.dll
2015-04-17 19:35:59 ----A---- C:\Windows\system32\acmigration.dll
2015-04-17 19:35:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-17 19:35:45 ----A---- C:\Windows\system32\ntdll.dll
2015-04-17 19:35:44 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-17 19:35:35 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-17 19:35:35 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-17 19:35:35 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-17 19:35:15 ----A---- C:\Windows\system32\mshtml.dll
2015-04-17 19:35:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-17 19:35:05 ----A---- C:\Windows\system32\ieframe.dll
2015-04-17 19:35:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-17 19:35:00 ----A---- C:\Windows\system32\wininet.dll
2015-04-17 19:34:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-17 19:34:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-17 19:34:57 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-17 19:34:57 ----A---- C:\Windows\system32\urlmon.dll
2015-04-17 19:34:57 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-17 19:34:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-17 19:34:56 ----A---- C:\Windows\system32\jscript9.dll
2015-04-17 19:34:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-17 19:34:55 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-17 19:34:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-17 19:34:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-17 19:34:54 ----A---- C:\Windows\system32\vbscript.dll
2015-04-17 19:34:54 ----A---- C:\Windows\system32\jscript.dll
2015-04-17 19:34:14 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-17 19:34:14 ----A---- C:\Windows\system32\msctf.dll

======List of files/folders modified in the last 1 month======

2015-05-08 21:37:42 ----D---- C:\Windows\Prefetch
2015-05-08 21:35:31 ----D---- C:\Windows\Temp
2015-05-08 21:32:41 ----D---- C:\Program Files
2015-05-08 21:32:23 ----D---- C:\Windows\Inf
2015-05-08 21:27:52 ----SHD---- C:\Windows\Installer
2015-05-08 21:27:51 ----D---- C:\Windows\system32\DriverStore
2015-05-08 21:27:47 ----RD---- C:\Windows\System32
2015-05-08 21:27:47 ----D---- C:\Windows\SysWOW64
2015-05-08 21:26:37 ----D---- C:\Program Files (x86)\NortonInstaller
2015-05-08 21:26:35 ----D---- C:\Windows\system32\Drivers
2015-05-08 21:26:34 ----RD---- C:\Program Files (x86)
2015-05-08 21:26:34 ----D---- C:\ProgramData\Norton
2015-05-08 21:26:32 ----D---- C:\Windows\Tasks
2015-05-08 21:26:32 ----D---- C:\Windows\system32\Tasks
2015-05-08 21:25:04 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-05-08 21:25:03 ----HD---- C:\ProgramData
2015-05-08 21:21:15 ----D---- C:\ProgramData\BlueStacksSetup
2015-05-08 21:20:50 ----D---- C:\Windows\SoftwareDistribution
2015-05-08 21:20:50 ----D---- C:\Windows
2015-05-08 21:10:10 ----D---- C:\Users\Andrea\AppData\Roaming\Skype
2015-05-08 21:00:04 ----D---- C:\Windows\system32\sru
2015-05-08 20:12:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-08 19:31:36 ----D---- C:\Users\Andrea\AppData\Roaming\vlc
2015-05-08 18:39:42 ----D---- C:\Users\Andrea\AppData\Roaming\Sony
2015-05-08 18:39:42 ----D---- C:\Users\Andrea\AppData\Roaming\DAEMON Tools Lite
2015-05-08 18:38:06 ----D---- C:\Windows\Logs
2015-05-08 18:38:06 ----D---- C:\Windows\debug
2015-05-08 18:32:22 ----D---- C:\Program Files\CCleaner
2015-05-08 18:24:54 ----SHD---- C:\System Volume Information
2015-05-08 10:07:56 ----D---- C:\Windows\Microsoft.NET
2015-05-08 09:12:17 ----A---- C:\Windows\SYSWOW64\bscs.ini
2015-05-08 09:09:12 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2015-05-08 09:09:10 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2015-05-07 21:34:18 ----HD---- C:\$Windows.~BT
2015-05-07 20:54:54 ----D---- C:\Windows\system32\catroot
2015-05-07 20:54:48 ----D---- C:\Windows\system32\catroot2
2015-05-07 20:15:25 ----D---- C:\ProgramData\Origin
2015-05-04 20:58:36 ----D---- C:\ProgramData\PDFC
2015-05-01 14:02:57 ----D---- C:\Users\Andrea\AppData\Roaming\Seznam.cz
2015-05-01 14:01:12 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-30 14:54:12 ----D---- C:\ProgramData\Skype
2015-04-29 20:21:59 ----D---- C:\Windows\system32\config
2015-04-29 15:46:08 ----D---- C:\Windows\system32\NDF
2015-04-29 15:26:06 ----A---- C:\SROF.ini
2015-04-26 08:50:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-24 13:52:32 ----RD---- C:\Users
2015-04-23 15:43:04 ----D---- C:\Users\Andrea\AppData\Roaming\uTorrent
2015-04-22 19:59:21 ----D---- C:\Windows\WinSxS
2015-04-22 19:16:35 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
2015-04-21 23:09:37 ----D---- C:\Users\Andrea\AppData\Roaming\Mozilla
2015-04-20 19:06:11 ----D---- C:\Windows\AppCompat
2015-04-20 18:38:26 ----RSD---- C:\Windows\assembly
2015-04-20 18:09:45 ----D---- C:\Windows\rescache
2015-04-19 21:34:35 ----SD---- C:\Windows\system32\CompatTel
2015-04-19 21:34:34 ----D---- C:\Windows\system32\appraiser
2015-04-19 21:34:33 ----D---- C:\Windows\apppatch
2015-04-19 19:29:03 ----D---- C:\Program Files (x86)\Origin
2015-04-18 17:50:43 ----D---- C:\Program Files (x86)\Uniblue
2015-04-18 17:29:43 ----D---- C:\Users\Andrea\AppData\Roaming\DVDVideoSoft
2015-04-18 17:27:50 ----D---- C:\Program Files (x86)\Common Files
2015-04-18 17:26:44 ----D---- C:\Users\Andrea\AppData\Roaming\RHEng
2015-04-17 19:54:18 ----D---- C:\Windows\CbsTemp
2015-04-17 19:53:28 ----D---- C:\Windows\system32\MRT
2015-04-17 19:45:15 ----A---- C:\Windows\system32\MRT.exe
2015-04-17 19:44:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-16 14:33:06 ----RD---- C:\Program Files (x86)\Skype
2015-04-14 00:07:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem19.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2012-07-09 35496]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-01 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-01 224896]
R0 hpdskflt;@oem7.inf,%service_desc%;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-08-28 646712]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-01 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-21 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-01 427360]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 dtsoftbus01;@oem33.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-12-27 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-01 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-01 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-01 92008]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R3 Accelerometer;@oem7.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-08-01 10280960]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-08-01 368640]
R3 BtAudioBusSrv;@oem15.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 clwvd;@oem26.inf,%clwvd.DeviceDesc%;CyberLink Webcam Sharing Manager; C:\Windows\system32\DRIVERS\clwvd.sys [2012-08-28 40944]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2015-03-30 44296]
R3 HpqKbFiltr;@oem5.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\Windows\System32\drivers\HpqKbFiltr.sys [2012-08-28 26504]
R3 IntcDAud;@oem21.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-23 9000256]
R3 JMCR;JMCR; C:\Windows\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem37.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2014-03-29 2532552]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtbth;@oem35.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem6.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;UMDF Reflector service for SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-04 1864328]
R3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;@oem34.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2012-07-25 64832]
S3 dg_ssudbus;@oem42.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-23 9000256]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 ssudmdm;@oem43.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 taphss6;@oem40.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-08-01 239616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-01 50344]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-15 1578496]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CltMngSvc;Search Protect Service; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2015-01-05 3342608]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-08-25 488824]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem7.inf,%hpservice_desc%;HP Service; C:\Windows\system32\Hpservice.exe [2012-08-22 33600]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-08-28 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-03-30 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-07-17 1134624]
R2 Service Mgr DragonBranch;Service Mgr DragonBranch; C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe [2015-05-08 556304]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 Update Mgr DragonBranch;Update Mgr DragonBranch; C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe [2015-05-08 478992]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-15 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-03-30 2490216]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-23 276288]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2012-08-01 477088]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-22 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-04-19 1931632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

notebook se nerestartoval a už se delší dobu nic neděje, tak nevím jestli zoek proběhl, jak měl
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Andrea on p 08. 05. 2015 at 22:10:09,84.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andrea\Downloads\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 22:15:30,76 =====

--- Create Environment Variables 22:15:33,69
--- Create System Restore Point 22:15:51,36
--- Checking Input 22:15:58,16
# AdwCleaner v4.203 - Log vytvořen 08/05/2015 v 21:54:02
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-08.1 [Server]
# Operační system : Windows 8 (x64)
# Uživatelské jméno : Andrea - ANDREJKA
# Spuštěno z : C:\Users\Andrea\Downloads\adwcleaner_4.203(1).exe
# Nastavení : Sken

***** [ Služby ] *****

Služba Nalezeno : CltMngSvc
Služba Nalezeno : SPPD

***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Program Files (x86)\SearchProtect
Složka Nalezeno : C:\Program Files (x86)\Smart Driver Updater
Složka Nalezeno : C:\Program Files (x86)\smart pc cleaner
Složka Nalezeno : C:\Program Files (x86)\Tbccint
Složka Nalezeno : C:\Program Files (x86)\Uniblue
Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\smart pc cleaner
Složka Nalezeno : C:\ProgramData\Tbccint
Složka Nalezeno : C:\ProgramData\Uniblue
Složka Nalezeno : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Složka Nalezeno : C:\Users\Andrea\AppData\Local\pokki
Složka Nalezeno : C:\Users\Andrea\AppData\Local\SearchProtect
Složka Nalezeno : C:\Users\Andrea\AppData\Local\Tbccint
Složka Nalezeno : C:\Users\Andrea\AppData\LocalLow\PriceGong
Složka Nalezeno : C:\Users\Andrea\AppData\LocalLow\Tbccint
Složka Nalezeno : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Nalezeno : C:\Users\Andrea\AppData\Roaming\OpenCandy
Složka Nalezeno : C:\Users\Andrea\AppData\Roaming\RHEng
Složka Nalezeno : C:\Users\Andrea\AppData\Roaming\Smart Driver Updater
Složka Nalezeno : C:\Users\Andrea\AppData\Roaming\smart pc cleaner
Složka Nalezeno : C:\Users\Andrea\Documents\Smart Driver Updater
Složka Nalezeno : C:\Users\Andrea\Documents\smart pc cleaner
Složka Nalezeno : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Soubor Nalezeno : C:\END
Soubor Nalezeno : C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
Soubor Nalezeno : C:\Windows\apppatch\apppatch64\vcldr64.dll
Soubor Nalezeno : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Soubor Nalezeno : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Soubor Nalezeno : C:\Windows\AppPatch\nbin\VC32Loader.dll

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : Smart Driver Updater Schedule

***** [ Zástupci ] *****

***** [ Registry ] *****

Data Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll
Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Hodnota Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\PriceGong
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Tbccint
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Nalezeno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\Directory\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\Drive\shell\pokki
Klíč Nalezeno : HKCU\Software\Classes\lnkfile\shell\pokki
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48F16FC1-CC7A-4F2B-92D9-058F0E1714F7}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Klíč Nalezeno : HKCU\Software\Pokki
Klíč Nalezeno : HKCU\Software\Smart Driver Updater
Klíč Nalezeno : HKCU\Software\Smart PC Cleaner
Klíč Nalezeno : HKCU\Software\Tbccint
Klíč Nalezeno : HKCU\Software\Tbccint_HKLM
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48F16FC1-CC7A-4F2B-92D9-058F0E1714F7}
Klíč Nalezeno : [x64] HKCU\Software\Pokki
Klíč Nalezeno : [x64] HKCU\Software\Smart Driver Updater
Klíč Nalezeno : [x64] HKCU\Software\Smart PC Cleaner
Klíč Nalezeno : [x64] HKCU\Software\Tbccint
Klíč Nalezeno : [x64] HKCU\Software\Tbccint_HKLM
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\driverscanner
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Klíč Nalezeno : HKLM\SOFTWARE\InstallIQ
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart PC Cleaner_is1
Klíč Nalezeno : HKLM\SOFTWARE\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\SPPDCOM
Klíč Nalezeno : HKLM\SOFTWARE\Uniblue
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v10.0.9200.17267

-\\ Mozilla Firefox v37.0.2 (x86 cs)

[hci9cm60.default] - Řádek Nalezeno : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... D-4261-491[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&ind=2014080709&p2=^Y6^xdm007^S10500^cz&si=CPXD9u[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.BUTTON_STRUCTURE", "[{\"b\":221352991,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221352992,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.prev", "Google");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.prev", "Trovi search");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.prev", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... F&SearchSo[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&p2=^ZO^xdm017^YYA^cz&si=produt[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.page.savedPrev", 1);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.page.tb", 1);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.browser.version.last", "37.0");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.firstKnownVersion", "6.83.5.43020");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&p2=^ZO^xdm017^YYA^cz&si=produtools");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.hp.enabled", false);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.hp.guardType", "HPR");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.hp.user.defined", false);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.initialized", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installKeysSource", "LocalStorage");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installType", "XPI");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.contextKey", "");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.installDate", "2014122505");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerId", "^ZO^xdm017^YYA^cz");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerSubId", "produtools");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.pixelUrl", "hxxp://www.utilitychest.com/install_pixels.jht ... daeba0f34c[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.success", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.installation.toolbarId", "C655DA0A-DF61-4F5F-99B2-0F58873CEC76");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.isCompliantUninstallImplementation", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.lastActivePing", "1429365627619");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.lastKnownVersion", "6.85.5.65368");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.options.defaultSearch", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.options.homePageEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.options.keywordEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.options.tabEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.partnerPixelFired", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.successUrl", "hxxp://produtools.com/thankyou_utility.php");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.toolbar.versionChanged", false);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.toolbarCollapsed", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._49Members_.weather.location", "10001");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":222149868,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":222149869,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "hxxp://www.seznam.cz/");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&p2=^Y6^xdm007^S10500^cz&si=CPX[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "6.58.4.26369");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&p2=^Y6^xdm007^S10500^cz&si=CPXD9unTgMACFfMZtAodTg[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installKeysSource", "Cookies");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2014080709");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm007^S10500^cz");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CPXD9unTgMACFfMZtAodTggABw");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "hxxp://download.fromdoctopdf.com/install_pixels.jhtml?partner=^Y6^xdm007^S10500^cz&coId=99ad76bff96446e8aa2ec97a24d96ccc&ca[...]
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "4397812B-39D7-4448-9581-CE9E22F845DB");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.isCompliantUninstallImplementation", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1407443118265");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "6.58.4.26369");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "hxxp://download.fromdoctopdf.com/installComplete.jhtml");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", false);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[hci9cm60.default] - Řádek Nalezeno : user_pref("extensions.toolbar.mindspark.lastInstalled", "utilitychest@mindspark.com");
[hci9cm60.default] - Řádek Nalezeno : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&ind=2014122505&p2=^ZO^xdm017^YYA^cz&si=produtools&searchfor=");

-\\ Google Chrome v42.0.2311.135

[C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : ncffjdbbodifgldkcbhmiiljfcnbgjab

*************************

AdwCleaner[R0].txt - [18775 bytů] - [08/05/2015 21:54:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18834 bytů] ##########

U AdwCleaneru jste nedal Cisteni ale jen Sken, takze se nic nesmazalo...

omlouvám se
# AdwCleaner v4.203 - Log vytvořen 08/05/2015 v 22:37:30
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-08.1 [Server]
# Operační system : Windows 8 (x64)
# Uživatelské jméno : Andrea - ANDREJKA
# Spuštěno z : C:\Users\Andrea\Downloads\adwcleaner_4.203(1).exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : CltMngSvc
Služba Smazáno : SPPD

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\Tbccint
Složka Smazáno : C:\ProgramData\Uniblue
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\smart pc cleaner
Složka Smazáno : C:\Program Files (x86)\SearchProtect
Složka Smazáno : C:\Program Files (x86)\Smart Driver Updater
Složka Smazáno : C:\Program Files (x86)\smart pc cleaner
Složka Smazáno : C:\Program Files (x86)\Tbccint
Složka Smazáno : C:\Program Files (x86)\Uniblue
Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Složka Smazáno : C:\Users\Andrea\AppData\Local\SearchProtect
Složka Smazáno : C:\Users\Andrea\AppData\Local\Tbccint
Složka Smazáno : C:\Users\Andrea\AppData\Local\pokki
Složka Smazáno : C:\Users\Andrea\AppData\LocalLow\PriceGong
Složka Smazáno : C:\Users\Andrea\AppData\LocalLow\Tbccint
Složka Smazáno : C:\Users\Andrea\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Andrea\AppData\Roaming\Smart Driver Updater
Složka Smazáno : C:\Users\Andrea\AppData\Roaming\smart pc cleaner
Složka Smazáno : C:\Users\Andrea\AppData\Roaming\RHEng
Složka Smazáno : C:\Users\Andrea\Documents\Smart Driver Updater
Složka Smazáno : C:\Users\Andrea\Documents\smart pc cleaner
Složka Smazáno : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Soubor Smazáno : C:\END
Soubor Smazáno : C:\Windows\apppatch\apppatch64\vcldr64.dll
Soubor Smazáno : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Soubor Smazáno : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Soubor Smazáno : C:\Windows\AppPatch\nbin\VC32Loader.dll
Soubor Smazáno : C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk

***** [ Naplánované úlohy ] *****

Úloha Smazáno : Smart Driver Updater Schedule

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Klíč Smazáno : HKLM\SOFTWARE\Classes\driverscanner
Klíč Smazáno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\Directory\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\Drive\shell\pokki
Klíč Smazáno : HKCU\Software\Classes\lnkfile\shell\pokki
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{48F16FC1-CC7A-4F2B-92D9-058F0E1714F7}
Klíč Smazáno : HKCU\Software\Pokki
Klíč Smazáno : HKCU\Software\Smart Driver Updater
Klíč Smazáno : HKCU\Software\Smart PC Cleaner
Klíč Smazáno : HKCU\Software\Tbccint
Klíč Smazáno : HKCU\Software\Tbccint_HKLM
Klíč Smazáno : HKCU\Software\AppDataLow\Software\PriceGong
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Tbccint
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Smazáno : HKLM\SOFTWARE\InstallIQ
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\SPPDCOM
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart PC Cleaner_is1
Data Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll

***** [ Prohlížeče ] *****

-\\ Internet Explorer v10.0.9200.17267

-\\ Mozilla Firefox v37.0.2 (x86 cs)

[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... D-4261-491[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&ind=2014080709&p2=^Y6^xdm007^S10500^cz&si=CPXD9u[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.BUTTON_STRUCTURE", "[{\"b\":221352991,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221352992,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.prev", "Google");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.prev", "Trovi search");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.prev", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... F&SearchSo[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&p2=^ZO^xdm017^YYA^cz&si=produt[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.page.savedPrev", 1);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.startup.page.tb", 1);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.browser.version.last", "37.0");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.firstKnownVersion", "6.83.5.43020");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&p2=^ZO^xdm017^YYA^cz&si=produtools");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.hp.enabled", false);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.hp.guardType", "HPR");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.hp.user.defined", false);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.initialized", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installKeysSource", "LocalStorage");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installType", "XPI");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.contextKey", "");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.installDate", "2014122505");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerId", "^ZO^xdm017^YYA^cz");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerSubId", "produtools");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.pixelUrl", "hxxp://www.utilitychest.com/install_pixels.jht ... daeba0f34c[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.success", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.installation.toolbarId", "C655DA0A-DF61-4F5F-99B2-0F58873CEC76");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.isCompliantUninstallImplementation", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.lastActivePing", "1429365627619");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.lastKnownVersion", "6.85.5.65368");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.options.defaultSearch", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.options.homePageEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.options.keywordEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.options.tabEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.partnerPixelFired", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.successUrl", "hxxp://produtools.com/thankyou_utility.php");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.toolbar.versionChanged", false);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.toolbarCollapsed", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._49Members_.weather.location", "10001");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.BUTTON_STRUCTURE", "[{\"b\":222149868,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":222149869,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.prev", "hxxp://www.seznam.cz/");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.savedPrev", "true");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&p2=^Y6^xdm007^S10500^cz&si=CPX[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.savedPrev", 1);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.browser.startup.page.tb", 1);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.firstKnownVersion", "6.58.4.26369");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=4397812B-39D7-4448-9581-CE9E22F845DB&n=780c6ec5&p2=^Y6^xdm007^S10500^cz&si=CPXD9unTgMACFfMZtAodTg[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installKeysSource", "Cookies");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installType", "XPI");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2014080709");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm007^S10500^cz");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CPXD9unTgMACFfMZtAodTggABw");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.pixelUrl", "hxxp://download.fromdoctopdf.com/install_pixels.jhtml?partner=^Y6^xdm007^S10500^cz&coId=99ad76bff96446e8aa2ec97a24d96ccc&ca[...]
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "4397812B-39D7-4448-9581-CE9E22F845DB");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.isCompliantUninstallImplementation", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1407443118265");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.lastKnownVersion", "6.58.4.26369");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.partnerPixelFired", true);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.successUrl", "hxxp://download.fromdoctopdf.com/installComplete.jhtml");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.toolbarCollapsed", false);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "utilitychest@mindspark.com");
[hci9cm60.default\prefs.js] - Řádek Smazáno : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=C655DA0A-DF61-4F5F-99B2-0F58873CEC76&n=780d1209&ind=2014122505&p2=^ZO^xdm017^YYA^cz&si=produtools&searchfor=");

-\\ Google Chrome v42.0.2311.135

[C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : ncffjdbbodifgldkcbhmiiljfcnbgjab

*************************

AdwCleaner[R0].txt - [18997 bytů] - [08/05/2015 21:54:02]
AdwCleaner[R1].txt - [19056 bytů] - [08/05/2015 22:36:16]
AdwCleaner[S0].txt - [18900 bytů] - [08/05/2015 22:37:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18959 bytů] ##########

Zkuste jeste spustit Zoek

dobře

tak nevím, už běží 10 min a žádný restart, okno nebudu zavírat, třeba to ještě něco provede
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Andrea on so 09. 05. 2015 at 11:03:04,09.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Andrea\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 11:06:44,55 =====

--- Create Environment Variables 11:06:49,01
--- Checking Input 11:07:11,13

Dejte mu tak pul hodky, pokud stale nic, tak jej ukoncete a napiste

pokud ho chci ukončit křížkem, tak se otevře okno s
Zoek.exe is running now.
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

pokud ho chci zavřít, otevře se zase původní co jsem posílal, a tak dokola. Ukončit nejde ani přes správce úloh, pomůže pouze restart.

Tak nic, pokud nedobehl, tak restart a pak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Zdravím, už tu u toho docela chytám nerva)))\vypnu Avast a stejně nejsem schopnej stáhnout FRSTLauncher, stejně to napíše blokováno.

můžu poprosit ho poslat na e-mail m.marfy(@)seznam.cz
děkuji

Tak stahnete jen FRST a spustte jej

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Andrea (administrator) on ANDREJKA on 10-05-2015 09:42:25
Running from C:\Users\Andrea\Desktop
Loaded Profiles: Andrea (Available profiles: Andrea)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
() C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-28] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684064 2012-07-17] (PDF Complete Inc)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [364032 2012-08-16] (IVT Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-24] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-08-31] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601976 2013-02-15] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Google Update] => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-30] (Google Inc.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-19] (Electronic Arts)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [DAEMON Tools Lite] => "C:\Users\Andrea\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andrea\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {2cfef542-8de4-11e4-bec7-f4b7e2407b2e} - "G:\autorun.exe"
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {6786ab25-5068-11e3-be7d-f4b7e2407b2f} - "G:\PXRoute.exe"
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {6786ab36-5068-11e3-be7d-f4b7e2407b2f} - "H:\Autorun.exe"
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files => C:\Program Files C:\Program Files C:\Program Files File Not Found
AppInit_DLLs-x32: C:\Program Files C:\Program Files C:\Program Files => "C:\Program Files C:\Program Files C:\Program Files" File Not Found
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-09-25]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-01] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {2C049BF3-6312-429E-AF62-1C6E4F3D6C63} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {6E1EBD68-AF77-44D6-9B02-0FAEA760E186} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {7B78C529-CAD5-40FB-93CA-65D60BDCC9D9} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {98CDEA35-38D9-49C0-8F34-68FA03FEC191} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {B584B996-9CB6-4876-9D9E-FDE4134101B9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {B7AE7620-0318-4729-A9B2-B247E67BB8A8} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://search.yahoo.com/search?fr=vmn& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {CBD27F5B-F129-4EBD-A5A2-81B8D9D8EAB1} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {CE277894-36F4-4DF8-BF1C-1E3103AF7F55} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002 -> {FA233084-DAD0-49D4-BF43-7F177D9D3AEA} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-04] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Dragon Branch -> {d640ce67-58e4-43c2-9adc-6bb959d7c606} -> C:\Program Files (x86)\Dragon Branch\Extensions\d640ce67-58e4-43c2-9adc-6bb959d7c606.dll [2015-04-18] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 85.119.89.2 85.119.88.2

FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-10-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nprotect.com/keycrypt -> C:\Windows\system32\npkfxmp.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-26] (VideoLAN)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-08-25] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2351530261-1594788566-2326651036-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Andrea\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2351530261-1594788566-2326651036-1002: @talk.google.com/O1DPlugin -> C:\Users\Andrea\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2351530261-1594788566-2326651036-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2351530261-1594788566-2326651036-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Star Stable Online - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\plugin@starstable.com [2014-07-25]
FF Extension: MEGA - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\firefox@mega.co.nz.xpi [2015-01-27]
FF Extension: Dragon Branch - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\{4e5f8bc2-d16f-4c2c-9f65-4de08f473fcd}.xpi [2015-05-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-22]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-10]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-28]
CHR Extension: (Google Docs) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-28]
CHR Extension: (Google Drive) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-28]
CHR Extension: (Kaboom) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\beahobhgpojnjfdjglaehfhdanaioode [2014-12-27]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-02-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-02-28]
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-28]
CHR Extension: (Google Search) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-28]
CHR Extension: (Google Sheets) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-28]
CHR Extension: (Star Stable Online) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk [2014-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-28]
CHR Extension: (Google Wallet) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-02-28]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-15] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-15] (IVT Corporation) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-08-25] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477088 2012-08-01] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-28] (Intel Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-19] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134624 2012-07-17] (PDF Complete Inc)
R2 Service Mgr DragonBranch; C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe [556304 2015-05-10] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
R2 Update Mgr DragonBranch; C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe [478992 2015-05-10] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-10] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-10] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-10] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-10] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-10] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-10] ()
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-02-15] (BlueStack Systems)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
U4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-07-25] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-27] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1864328 2012-10-04] ()
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-04] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 09:42 - 2015-05-10 09:42 - 00029525 _____ () C:\Users\Andrea\Desktop\FRST.txt
2015-05-10 09:42 - 2015-05-10 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-10 09:41 - 2015-05-10 09:41 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-10 09:41 - 2015-05-10 09:41 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-10 09:41 - 2014-11-21 21:36 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4FDA.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\asw530B.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00224896 _____ () C:\Windows\system32\Drivers\asw531C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\asw524C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw534C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\asw526D.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00065776 _____ () C:\Windows\system32\Drivers\asw52CC.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00029208 _____ () C:\Windows\system32\Drivers\asw525C.tmp
2015-05-10 09:40 - 2015-05-10 09:42 - 00000000 ____D () C:\FRST
2015-05-10 08:56 - 2015-05-10 08:56 - 00001171 _____ () C:\Users\Public\Desktop\Web'n'walk Manager.lnk
2015-05-10 08:56 - 2015-05-10 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile
2015-05-10 08:56 - 2015-05-10 08:56 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2015-05-10 08:55 - 2015-05-10 08:55 - 00000788 _____ () C:\Windows\setupact.log
2015-05-10 08:55 - 2015-05-10 08:55 - 00000000 ____D () C:\Program Files (x86)\ZTE
2015-05-10 08:55 - 2015-05-10 08:55 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-10 08:55 - 2010-03-02 14:59 - 00121344 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2015-05-10 08:55 - 2010-03-02 14:59 - 00121344 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2015-05-10 08:55 - 2010-03-02 14:59 - 00121344 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2015-05-10 08:55 - 2010-02-22 10:09 - 00011776 _____ (MBB Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2015-05-10 08:43 - 2015-05-10 08:43 - 02102784 _____ (Farbar) C:\Users\Andrea\Desktop\FRST64.exe
2015-05-09 12:58 - 2015-05-09 12:58 - 00000330 _____ () C:\Windows\PFRO.log
2015-05-09 11:12 - 2015-05-09 11:12 - 00003262 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2351530261-1594788566-2326651036-1002
2015-05-09 11:07 - 2015-05-08 22:53 - 00000353 _____ () C:\zoek-results2015-05-08-205308.log
2015-05-08 22:53 - 2015-05-08 22:15 - 00000389 _____ () C:\zoek-results2015-05-08-201555.log
2015-05-08 22:44 - 2015-05-08 22:44 - 00019095 _____ () C:\Users\Andrea\Desktop\AdwCleaner[S0].txt
2015-05-08 22:15 - 2015-05-09 11:07 - 00000401 _____ () C:\zoek-results.log
2015-05-08 22:15 - 2015-05-08 22:15 - 00018997 _____ () C:\Users\Andrea\Desktop\AdwCleaner[R0].txt
2015-05-08 22:12 - 2015-05-08 22:13 - 04180806 _____ () C:\Users\Andrea\Downloads\zoek.zip
2015-05-08 22:09 - 2015-05-09 11:07 - 00000379 _____ () C:\runcheck.txt
2015-05-08 22:09 - 2015-05-08 22:09 - 01308672 _____ () C:\Users\Andrea\Desktop\zoek.exe
2015-05-08 22:09 - 2015-05-08 22:09 - 00000000 ____D () C:\zoek_backup
2015-05-08 22:00 - 2015-05-10 09:34 - 00651802 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 21:53 - 2015-05-09 12:57 - 00000000 ____D () C:\AdwCleaner
2015-05-08 21:53 - 2015-05-08 21:53 - 02204160 _____ () C:\Users\Andrea\Desktop\adwcleaner_4.203(1).exe
2015-05-08 21:53 - 2015-05-08 21:53 - 00015539 _____ () C:\Users\Andrea\Downloads\adwcleaner_4.203.exe
2015-05-08 21:32 - 2015-05-08 21:37 - 00000000 ____D () C:\Program Files\trend micro
2015-05-08 21:32 - 2015-05-08 21:32 - 00000000 ____D () C:\rsit
2015-05-08 21:31 - 2015-05-08 21:31 - 01222144 _____ () C:\Users\Andrea\Downloads\RSITx64.exe
2015-05-08 18:32 - 2015-05-08 18:32 - 00000788 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-08 18:31 - 2015-05-08 18:31 - 13825818 _____ () C:\Users\Andrea\Downloads\cc-setup.exe
2015-05-08 18:29 - 2015-05-08 18:29 - 00733352 _____ () C:\Users\Andrea\Downloads\ccleaner-lista-centrumcz.exe
2015-04-24 07:01 - 2015-04-24 07:01 - 01785400 _____ () C:\Users\Andrea\Downloads\wrar520cz.exe
2015-04-23 20:45 - 2015-04-23 20:45 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-23 15:41 - 2015-04-23 15:41 - 02168592 _____ (emc) C:\Users\Andrea\Downloads\uTorrent221(1).exe
2015-04-22 15:37 - 2015-04-22 15:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-20 18:28 - 2015-04-23 17:15 - 00000000 ____D () C:\Users\Andrea\Downloads\[R.G. Mechanics] The Sims 4
2015-04-20 18:26 - 2015-04-20 18:26 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-04-20 18:25 - 2015-04-20 18:25 - 02168592 _____ (emc) C:\Users\Andrea\Downloads\uTorrent221.exe
2015-04-19 13:58 - 2015-04-19 14:13 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Audacity
2015-04-19 13:57 - 2015-04-19 13:58 - 00000000 ____D () C:\Users\Public\Audacity
2015-04-19 13:57 - 2015-04-19 13:57 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-04-19 13:55 - 2015-04-19 13:56 - 22180353 _____ (Audacity Team ) C:\Users\Andrea\Downloads\audacity_2.0.5.exe
2015-04-18 19:14 - 2015-04-19 14:01 - 00000237 _____ () C:\Users\Andrea\updhelper.xml
2015-04-18 19:14 - 2015-04-18 19:14 - 00000008 _____ () C:\Users\Andrea\updhelper.xml.lck
2015-04-18 17:31 - 2015-03-12 11:59 - 00373864 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-04-18 17:30 - 2015-03-12 11:58 - 00326288 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-04-18 17:28 - 2015-04-18 17:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-18 17:27 - 2015-05-10 08:44 - 00000000 ____D () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\Dragon Branch
2015-04-18 17:26 - 2015-04-18 17:28 - 00000000 ____D () C:\Users\Public\DVDVideoSoft
2015-04-18 17:23 - 2015-04-18 17:24 - 30650288 _____ (DVDVideoSoft Ltd. ) C:\Users\Andrea\Downloads\FreeVideoToMP3Converter.exe
2015-04-17 19:36 - 2015-02-24 09:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 19:35 - 2015-03-23 07:19 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-17 19:35 - 2015-03-23 07:17 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-17 19:35 - 2015-03-23 07:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-17 19:35 - 2015-03-23 07:17 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-17 19:35 - 2015-03-23 07:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-17 19:35 - 2015-03-23 07:17 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-17 19:35 - 2015-03-23 00:04 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-17 19:35 - 2015-03-17 09:00 - 06971712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 19:35 - 2015-03-17 08:52 - 01822696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 19:35 - 2015-03-17 06:45 - 01409496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 19:35 - 2015-03-10 07:28 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 19:35 - 2015-03-10 07:27 - 19292672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 19:35 - 2015-03-10 07:27 - 15409152 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 19:35 - 2015-03-10 05:49 - 14373376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 19:35 - 2015-03-10 05:48 - 13767680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 19:35 - 2015-03-04 09:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-17 19:35 - 2015-03-04 08:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 19:35 - 2015-03-04 06:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-17 19:34 - 2015-03-14 10:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-17 19:34 - 2015-03-14 08:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-17 19:34 - 2015-03-10 07:28 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 19:34 - 2015-03-10 07:28 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 19:34 - 2015-03-10 07:27 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 19:34 - 2015-03-10 07:27 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-17 19:34 - 2015-03-10 07:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-17 19:34 - 2015-03-10 07:27 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 19:34 - 2015-03-10 05:49 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 09:41 - 2014-08-01 21:36 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-10 09:41 - 2014-08-01 21:36 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-10 09:41 - 2013-09-10 18:32 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-10 09:41 - 2012-11-22 06:19 - 00756994 _____ () C:\Windows\system32\perfh005.dat
2015-05-10 09:41 - 2012-11-22 06:19 - 00163422 _____ () C:\Windows\system32\perfc005.dat
2015-05-10 09:41 - 2012-07-26 09:28 - 01854972 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-10 09:38 - 2014-12-14 00:14 - 00000000 ____D () C:\Users\Andrea\AppData\Local\LogMeIn Hamachi
2015-05-10 09:38 - 2013-02-24 16:09 - 00004524 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-05-10 09:37 - 2013-09-10 18:05 - 00000024 _____ () C:\SROF.ini
2015-05-10 09:30 - 2013-09-10 18:35 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-10 09:24 - 2013-09-10 17:55 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2351530261-1594788566-2326651036-1002
2015-05-10 09:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2015-05-10 09:17 - 2014-08-02 11:52 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-10 09:16 - 2015-02-28 17:43 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Seznam.cz
2015-05-10 09:11 - 2014-05-01 11:07 - 00000000 ____D () C:\ProgramData\Origin
2015-05-10 09:11 - 2012-11-22 05:49 - 00000000 ____D () C:\ProgramData\PDFC
2015-05-10 09:10 - 2014-08-02 11:52 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-10 09:10 - 2012-08-16 03:46 - 00000787 _____ () C:\Windows\SysWOW64\bscs.ini
2015-05-10 09:10 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-10 09:08 - 2014-04-30 14:33 - 00000984 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002UA.job
2015-05-10 08:53 - 2013-09-10 18:18 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Skype
2015-05-09 20:49 - 2015-02-26 15:30 - 00000354 _____ () C:\Windows\Tasks\HPCeeScheduleForAndrea.job
2015-05-09 20:49 - 2013-02-24 16:09 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2015-05-09 20:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-09 20:19 - 2015-02-26 15:30 - 00003170 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForAndrea
2015-05-09 20:19 - 2013-09-10 17:46 - 00000000 ____D () C:\Users\Andrea
2015-05-09 17:08 - 2014-04-30 14:33 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002Core.job
2015-05-09 15:06 - 2014-11-22 00:02 - 00000000 ___HD () C:\$Windows.~BT
2015-05-09 08:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-08 21:26 - 2014-09-24 17:20 - 00000000 ____D () C:\ProgramData\Norton
2015-05-08 21:25 - 2014-11-26 21:11 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-05-08 21:24 - 2013-09-23 17:17 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Unity
2015-05-08 21:21 - 2015-02-05 17:30 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-08 19:31 - 2013-09-15 19:45 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\vlc
2015-05-08 18:39 - 2014-12-22 01:59 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Sony
2015-05-08 18:39 - 2014-10-09 22:02 - 00000000 ____D () C:\Users\Andrea\Tracing
2015-05-08 18:39 - 2013-11-23 08:56 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DAEMON Tools Lite
2015-05-08 18:32 - 2013-09-10 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-08 18:32 - 2013-09-10 18:27 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-04 21:03 - 2013-09-10 17:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-01 14:38 - 2014-11-26 21:15 - 00003248 _____ () C:\Windows\System32\Tasks\Smart PC Cleaner Schedule
2015-04-30 14:54 - 2013-09-10 18:16 - 00000000 ____D () C:\ProgramData\Skype
2015-04-26 18:45 - 2015-02-18 17:09 - 00000000 ___RD () C:\Users\Andrea\Desktop\programy
2015-04-26 08:50 - 2013-09-10 18:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-24 13:52 - 2014-05-01 14:43 - 00000000 ____D () C:\Users\Andrea\Documents\Electronic Arts
2015-04-24 13:52 - 2014-05-01 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-04-24 07:02 - 2015-01-27 17:22 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-24 07:02 - 2015-01-27 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-04-23 15:43 - 2014-12-20 18:36 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\uTorrent
2015-04-22 19:16 - 2015-04-08 16:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-04-21 23:09 - 2013-09-10 18:03 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Mozilla
2015-04-20 20:30 - 2015-02-18 17:10 - 00000000 ____D () C:\Users\Andrea\Desktop\Prezentace
2015-04-20 19:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AppCompat
2015-04-20 18:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2015-04-19 21:34 - 2014-12-16 18:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-19 21:34 - 2014-07-17 08:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-19 19:29 - 2014-05-01 11:07 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-18 17:29 - 2015-04-02 20:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DVDVideoSoft
2015-04-17 19:54 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-17 19:53 - 2013-09-12 15:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-17 19:45 - 2013-09-12 15:41 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-17 19:44 - 2013-09-10 19:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 19:23 - 2015-03-28 10:00 - 00000000 ____D () C:\Users\Andrea\Desktop\Přestavba bytu
2015-04-16 14:33 - 2015-03-15 18:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-14 18:34 - 2013-09-10 18:35 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 00:07 - 2014-12-16 18:33 - 00791520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 00:07 - 2014-12-16 18:33 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-02 20:31 - 2015-04-02 20:31 - 0069441 _____ () C:\Users\Andrea\AppData\Local\1DC8B7A7_stp.CIS
2015-04-02 20:31 - 2015-04-02 20:31 - 0000309 _____ () C:\Users\Andrea\AppData\Local\1DC8B7A7_stp.CIS.part
2015-04-02 20:31 - 2015-04-02 20:31 - 0385602 _____ () C:\Users\Andrea\AppData\Local\5D515C96_stp.CIS
2015-04-02 20:31 - 2015-04-02 20:31 - 0000220 _____ () C:\Users\Andrea\AppData\Local\5D515C96_stp.CIS.part
2015-04-02 20:43 - 2015-04-02 20:43 - 0000000 _____ () C:\Users\Andrea\AppData\Local\67FE4091_stp.CIS
2015-04-02 20:31 - 2015-04-02 20:44 - 0143360 _____ () C:\Users\Andrea\AppData\Local\694C50D0_stp.EXE
2015-04-02 20:32 - 2015-04-02 20:32 - 0000199 _____ () C:\Users\Andrea\AppData\Local\694C50D0_stp.EXE.part
2015-04-02 20:31 - 2015-04-02 20:44 - 0081920 _____ () C:\Users\Andrea\AppData\Local\754A5C3C_stp.CIS
2015-03-19 20:15 - 2015-03-19 20:15 - 0000000 ___SH () C:\Users\Andrea\AppData\Local\LumaEmu
2015-01-31 19:59 - 2015-01-07 18:04 - 0000851 _____ () C:\Users\Andrea\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\7za.exe
C:\Users\Andrea\AppData\Local\Temp\DaS_21.exe
C:\Users\Andrea\AppData\Local\Temp\hijackthis.exe
C:\Users\Andrea\AppData\Local\Temp\NirCmd.exe
C:\Users\Andrea\AppData\Local\Temp\PEVZ.EXE
C:\Users\Andrea\AppData\Local\Temp\Quarantine.exe
C:\Users\Andrea\AppData\Local\Temp\remove.exe
C:\Users\Andrea\AppData\Local\Temp\sed.exe
C:\Users\Andrea\AppData\Local\Temp\shortcut.exe
C:\Users\Andrea\AppData\Local\Temp\sqlite3.dll
C:\Users\Andrea\AppData\Local\Temp\swreg.exe
C:\Users\Andrea\AppData\Local\Temp\swxcacls.exe
C:\Users\Andrea\AppData\Local\Temp\wget.exe
C:\Users\Andrea\AppData\Local\Temp\zoek-delete.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-30 15:53

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Andrea at 2015-05-10 09:43:44
Running from C:\Users\Andrea\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2351530261-1594788566-2326651036-500 - Administrator - Disabled)
Andrea (S-1-5-21-2351530261-1594788566-2326651036-1002 - Administrator - Enabled) => C:\Users\Andrea
Guest (S-1-5-21-2351530261-1594788566-2326651036-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.2 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alicia (HKLM-x32\...\Alicia) (Version: 1.0.0.0 - NtreevSoft)
AMD Catalyst Install Manager (HKLM\...\{45324571-83B7-307A-6114-DAE65A50DC8E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.3.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.3.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1924 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.2006 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4330 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3231 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.0.3 - Hewlett-Packard Company)
Dragon Branch (HKLM-x32\...\Dragon Branch) (Version: 2.0.5586.13733 - Dragon Branch)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.0.4542 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.0.4542 - Hewlett-Packard Company) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
G3 Torrent (HKLM-x32\...\g3torrent) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GimpShop 2.8 (HKLM-x32\...\{3F1C9552-58E0-4AAC-A616-AE3A28720EC6}) (Version: 2.8 - GimpShop)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{29989969-FED8-4EFB-8FB2-39429D37E471}) (Version: 5.1.5.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FCD58C04-324A-40D1-BA9E-1A754DF1736D}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 8 (HKLM-x32\...\{482FF7A0-EA03-487A-9112-862D3341B76C}) (Version: 1.2.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 8.0.0.1314 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{B50981AD-95E8-4E4D-912A-7C4B738387CA}) (Version: 3.4.6.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{A9088865-5AB9-4E37-A82F-CB264E0B5415}) (Version: 1.0.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.6.1002 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
nProtect KeyCrypt V6.0 (HKLM-x32\...\npkfx) (Version: - INCA Internet Co., Ltd.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.8 - PDF Complete, Inc)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Rusted.cz Klient 1.8.3 (HKLM-x32\...\Rusted.cz Klient 1.8.3) (Version: - )
Rusted.cz Klient 1.8.4 (HKLM-x32\...\Rusted.cz Klient 1.8.4) (Version: - )
Seznam Software (HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 4 Vytvořit Simíka – demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Youtube to MP3 Converter v. 1.4 (HKLM-x32\...\Youtube to MP3 Converter_is1) (Version: - YoutubeDownloaderHD.com)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2351530261-1594788566-2326651036-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

23-04-2015 20:44:57 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
27-04-2015 20:00:28 Windows Update
04-05-2015 21:44:16 Windows Update
08-05-2015 18:23:53 Windows Update
10-05-2015 09:38:21 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4BD7ED39-2A97-4198-AEC4-D2DB9B4F7A0E} - System32\Tasks\HPCeeScheduleForAndrea => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {594F8170-EF82-47C1-B944-93C52A26BC5B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30] (Synaptics Incorporated)
Task: {5AA4790F-31A0-4F39-966C-9B6547FB476E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-17] (Microsoft Corporation)
Task: {5FDEF3B5-EF43-495D-83EC-01FFD04086E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02] (Google Inc.)
Task: {649738D6-B5BC-4D66-8325-89B6C13C3CFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {65238426-0AF5-4960-BF47-3B4939B3404F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {84A478FA-4D92-488F-82F4-02E52776D4D6} - System32\Tasks\avastBCLRestartS-1-5-21-2351530261-1594788566-2326651036-1002 => Firefox.exe
Task: {8F229499-410A-476E-8486-C6F7F4AFED88} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-10] (Avast Software s.r.o.)
Task: {8F78E9E1-4507-44C3-80BA-679F9724FFC4} - System32\Tasks\{FD423972-ED8B-480E-9054-0D9334B30FD5} => pcalua.exe -a "C:\Program Files (x86)\Autodesk\Autodesk Pixlr\Setup\Setup.exe" -c /P {B0547B43-3AEE-453C-9945-800B9F92052D} /M Pixlr /LANG en-us
Task: {92128ADA-395B-4082-AEBC-2D4C0CEDA730} - System32\Tasks\{27C6967E-BB1D-4B66-8219-FC9F5B10011B} => pcalua.exe -a E:\setup.exe -d E:\
Task: {94DEB14C-6BA3-4F49-BAF7-D2543F9B2C8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A867B0C9-F57D-49C4-B61C-77A396F76A11} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C1A3F8A0-A964-4C04-BA56-ECF357E87CDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-02] (Google Inc.)
Task: {C575872E-8CD9-46C7-BDC3-7891775409CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002Core => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {CACD48E4-262F-4A15-BD1E-F20EF3FC4BB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EB335C1C-77B0-4D75-8EB4-8F5D3B3BA74F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002UA => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {FD3CD6C1-3D55-4CCA-BCE5-86DB4693870D} - System32\Tasks\{65E83D43-F5E7-466F-80C8-F602F1F416F2} => pcalua.exe -a C:\Users\Andrea\Downloads\Alicia_Launcher_Install_Beta(2).exe -d C:\Users\Andrea\Downloads
Task: {FEE3A66C-29C9-4E56-A02F-FDD6E0E1520A} - System32\Tasks\Smart PC Cleaner Schedule => C:\Program Files (x86)\Smart PC Cleaner\SPCSchedule.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002Core.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002UA.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndrea.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2012-01-18 02:57 - 2012-01-18 02:57 - 00298368 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2010-09-06 23:18 - 2010-09-06 23:18 - 01412608 _____ () C:\Windows\SYSTEM32\LIBEAY32.dll
2015-04-18 16:38 - 2015-05-10 08:44 - 00556304 _____ () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe
2015-04-18 16:38 - 2015-05-10 08:45 - 00478992 _____ () C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe
2015-02-28 17:43 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\26603libfoxloader-x64.dll
2012-08-15 00:13 - 2012-08-15 00:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-23 13:07 - 2012-08-23 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-28 17:43 - 2013-04-12 10:13 - 00457208 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-02-28 17:43 - 2013-04-29 12:53 - 00045560 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-08-06 21:54 - 2012-08-06 21:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-01 21:35 - 2014-08-01 21:35 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-05-09 20:51 - 2015-05-09 20:51 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050901\algo.dll
2015-02-28 17:43 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\26600libfoxloader.dll
2015-02-28 17:43 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-02-28 17:43 - 2013-04-29 11:54 - 01663000 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2015-02-28 17:43 - 2012-10-24 16:42 - 00247352 _____ () C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\unlockInstance.dll
2012-08-15 00:11 - 2012-08-15 00:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-08-15 00:16 - 2012-08-15 00:16 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-08-16 03:20 - 2012-08-16 03:20 - 00356352 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2012-08-15 00:13 - 2012-08-15 00:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-15 00:13 - 2012-08-15 00:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-02-24 16:23 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 21:34 - 2012-06-08 21:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-08-01 21:35 - 2014-08-01 21:35 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-12 20:39 - 2014-07-09 12:01 - 01459712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-08-12 20:39 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-01-25 04:11 - 2015-01-25 04:11 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\fbd210cb165d83831cc9332db8ab151a\PSIClient.ni.dll
2013-02-24 15:58 - 2012-07-18 08:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrea\Desktop\pizap.com14295450139501.jpg
DNS Servers: 85.119.89.2 - 85.119.88.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7E665B20-D2BF-4A41-A7D8-6A0AD2655075}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{F392FD9E-2C22-49FA-87B3-77CD613D3199}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{3CA588CE-5F9E-445F-904C-E5439798FE19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7482B3C3-9AAF-43C6-8D75-4D98380E1F04}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9974B31-A726-47E4-A374-E27B2F3B3343}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F38E8F33-29FD-40A2-9732-68486C46873A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{470A8685-B736-4940-BCFD-1E5C168CEDD6}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{8F9FBE18-72D2-49EC-90E6-FA7A364DB557}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{015EF290-0369-4E16-A70D-A4327BE15809}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9ED2B60B-62B3-4F28-9406-4CC14F3053DB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0E2A3CA3-4A82-43D1-B467-D8B76D99DB54}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{23B38F56-ACAC-4427-B2F0-4538451F7C9B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{5403611B-19EF-4E79-9EAE-878F0BEED830}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{89C55DD1-7F68-4511-9E07-9BEB2BE11C1A}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [TCP Query User{EFC5C7F0-8346-4CCF-B4C1-DCABF48C77B2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F0E748B3-C9EB-4685-B585-F10E68AF106D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{36D39719-C635-497E-A061-348697BE3D24}] => (Allow) C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{FC909631-74A6-4831-99EB-2BDFC7FC7A17}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{781C0E0C-23E0-409E-A68D-443BE5AE56A6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{898297C9-524E-4F68-B5CB-F1E246E22638}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7533FF52-402C-4E38-A24D-AA4FAFBA4C5B}] => (Allow) LPort=2869
FirewallRules: [{E963B7D9-FD76-49F1-AAD9-C309C339CCD0}] => (Allow) LPort=1900
FirewallRules: [{C4BF4CA1-BD8E-4221-8EA6-78F7B604CB07}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C305145B-0724-410C-8B8D-D463129FF1AF}] => (Allow) C:\Users\Andrea\Desktop\Alicia\Alicia.exe
FirewallRules: [{A71F7804-82E5-45F8-8082-F03E72705D68}] => (Allow) C:\Users\Andrea\Desktop\Alicia\Alicia.exe
FirewallRules: [{E1A367BA-84D2-49A9-8B63-DE3BC67B5478}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63AD48E2-A15C-495D-A056-8AFA331FA7C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E076DA68-E56A-42B1-94EE-591C25A3EE6E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FEEED921-F85A-4D89-BD51-74700A56238E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DF836ADC-072C-4C61-8995-ED096A4F9AFB}C:\users\andrea\desktop\utorrent.exe] => (Allow) C:\users\andrea\desktop\utorrent.exe
FirewallRules: [UDP Query User{9253E952-FDBA-4123-A0D6-303786FC383C}C:\users\andrea\desktop\utorrent.exe] => (Allow) C:\users\andrea\desktop\utorrent.exe
FirewallRules: [{1D5114F6-354C-460F-9B5E-A069641C59E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2015 09:38:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BlueSoleilCS.exe, verze: 9.0.716.0, časové razítko: 0x5029ea6a
Název chybujícího modulu: tl_filter.dll, verze: 0.0.0.0, časové razítko: 0x5029b6ce
Kód výjimky: 0xc0000094
Posun chyby: 0x0000d53d
ID chybujícího procesu: 0x7d0
Čas spuštění chybující aplikace: 0xBlueSoleilCS.exe0
Cesta k chybující aplikaci: BlueSoleilCS.exe1
Cesta k chybujícímu modulu: BlueSoleilCS.exe2
ID zprávy: BlueSoleilCS.exe3
Úplný název chybujícího balíčku: BlueSoleilCS.exe4
ID aplikace související s chybujícím balíčkem: BlueSoleilCS.exe5

Error: (05/10/2015 09:38:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ameisvc.exe, verze: 2011.3.8.0, časové razítko: 0x4d766999
Název chybujícího modulu: WINTRUST.dll, verze: 6.2.9200.16666, časové razítko: 0x51e0b5c5
Kód výjimky: 0xc0000005
Posun chyby: 0x00003b4c
ID chybujícího procesu: 0xdd4
Čas spuštění chybující aplikace: 0xameisvc.exe0
Cesta k chybující aplikaci: ameisvc.exe1
Cesta k chybujícímu modulu: ameisvc.exe2
ID zprávy: ameisvc.exe3
Úplný název chybujícího balíčku: ameisvc.exe4
ID aplikace související s chybujícím balíčkem: ameisvc.exe5

Error: (05/10/2015 09:16:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Manager.exe, verze: 2011.3.8.0, časové razítko: 0x4d766ca1
Název chybujícího modulu: WINTRUST.dll, verze: 6.2.9200.16666, časové razítko: 0x51e0b5c5
Kód výjimky: 0xc0000005
Posun chyby: 0x00003b4c
ID chybujícího procesu: 0x1594
Čas spuštění chybující aplikace: 0xManager.exe0
Cesta k chybující aplikaci: Manager.exe1
Cesta k chybujícímu modulu: Manager.exe2
ID zprávy: Manager.exe3
Úplný název chybujícího balíčku: Manager.exe4
ID aplikace související s chybujícím balíčkem: Manager.exe5

Error: (05/10/2015 09:13:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 37.0.2.5583, časové razítko: 0x552ef76c
Název chybujícího modulu: mozalloc.dll, verze: 37.0.2.5583, časové razítko: 0x552ee9ae
Kód výjimky: 0x80000003
Posun chyby: 0x00001aa1
ID chybujícího procesu: 0x1084
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (05/10/2015 09:10:16 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/10/2015 09:06:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ameisvc.exe, verze: 2011.3.8.0, časové razítko: 0x4d766999
Název chybujícího modulu: WINTRUST.dll, verze: 6.2.9200.16666, časové razítko: 0x51e0b5c5
Kód výjimky: 0xc0000005
Posun chyby: 0x00003b4c
ID chybujícího procesu: 0x1a24
Čas spuštění chybující aplikace: 0xameisvc.exe0
Cesta k chybující aplikaci: ameisvc.exe1
Cesta k chybujícímu modulu: ameisvc.exe2
ID zprávy: ameisvc.exe3
Úplný název chybujícího balíčku: ameisvc.exe4
ID aplikace související s chybujícím balíčkem: ameisvc.exe5

Error: (05/10/2015 09:02:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Manager.exe, verze: 2011.3.8.0, časové razítko: 0x4d766ca1
Název chybujícího modulu: WINTRUST.dll, verze: 6.2.9200.16666, časové razítko: 0x51e0b5c5
Kód výjimky: 0xc0000005
Posun chyby: 0x00003b4c
ID chybujícího procesu: 0x4a8
Čas spuštění chybující aplikace: 0xManager.exe0
Cesta k chybující aplikaci: Manager.exe1
Cesta k chybujícímu modulu: Manager.exe2
ID zprávy: Manager.exe3
Úplný název chybujícího balíčku: Manager.exe4
ID aplikace související s chybujícím balíčkem: Manager.exe5

Error: (05/10/2015 08:40:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BlueSoleilCS.exe, verze: 9.0.716.0, časové razítko: 0x5029ea6a
Název chybujícího modulu: tl_filter.dll, verze: 0.0.0.0, časové razítko: 0x5029b6ce
Kód výjimky: 0xc0000094
Posun chyby: 0x0000d53d
ID chybujícího procesu: 0x6f0
Čas spuštění chybující aplikace: 0xBlueSoleilCS.exe0
Cesta k chybující aplikaci: BlueSoleilCS.exe1
Cesta k chybujícímu modulu: BlueSoleilCS.exe2
ID zprávy: BlueSoleilCS.exe3
Úplný název chybujícího balíčku: BlueSoleilCS.exe4
ID aplikace související s chybujícím balíčkem: BlueSoleilCS.exe5

Error: (05/10/2015 08:38:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BlueSoleilCS.exe, verze: 9.0.716.0, časové razítko: 0x5029ea6a
Název chybujícího modulu: tl_filter.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x5029b6ce
Kód výjimky: 0xc0000094
Posun chyby: 0x1000d53d
ID chybujícího procesu: 0x7cc
Čas spuštění chybující aplikace: 0xBlueSoleilCS.exe0
Cesta k chybující aplikaci: BlueSoleilCS.exe1
Cesta k chybujícímu modulu: BlueSoleilCS.exe2
ID zprávy: BlueSoleilCS.exe3
Úplný název chybujícího balíčku: BlueSoleilCS.exe4
ID aplikace související s chybujícím balíčkem: BlueSoleilCS.exe5

Error: (05/10/2015 08:37:59 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

System errors:
=============
Error: (05/10/2015 09:38:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/10/2015 09:38:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Web'n'walk Manager mobile equipment installation service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/10/2015 09:10:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (05/10/2015 09:08:33 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (05/10/2015 09:06:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Web'n'walk Manager mobile equipment installation service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/10/2015 08:40:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (05/10/2015 08:38:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueSoleilCS byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/10/2015 08:37:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (05/10/2015 08:37:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:36:43, ‎10. ‎5. ‎2015) bylo neočekávané.

Error: (05/10/2015 08:37:13 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d0

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 46%
Total physical RAM: 3978.76 MB
Available physical RAM: 2117.06 MB
Total Pagefile: 6538.76 MB
Available Pagefile: 4355.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:682.11 GB) (Free:523.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:13.33 GB) (Free:2.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A50E1C7D)

Partition: GPT Partition Type.

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-24] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-08-31] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-07-09] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Google Update] => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-30] (Google Inc.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-19] (Electronic Arts)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [DAEMON Tools Lite] => "C:\Users\Andrea\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Andrea\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Andrea\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {2cfef542-8de4-11e4-bec7-f4b7e2407b2e} - "G:\autorun.exe" 
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {6786ab25-5068-11e3-be7d-f4b7e2407b2f} - "G:\PXRoute.exe" 
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\...\MountPoints2: {6786ab36-5068-11e3-be7d-f4b7e2407b2f} - "H:\Autorun.exe" 
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files => C:\Program Files C:\Program Files C:\Program Files File Not Found
AppInit_DLLs-x32: C:\Program Files C:\Program Files C:\Program Files => "C:\Program Files C:\Program Files C:\Program Files" File Not Found

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-2351530261-1594788566-2326651036-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Trovi search
FF Extension: Star Stable Online - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\plugin@starstable.com [2014-07-25]
FF Extension: MEGA - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\firefox@mega.co.nz.xpi [2015-01-27]
FF Extension: Dragon Branch - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\hci9cm60.default\Extensions\{4e5f8bc2-d16f-4c2c-9f65-4de08f473fcd}.xpi [2015-05-09]

CHR Extension: (Seznam Lištička - Email) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-02-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-02-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-02-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Service Mgr DragonBranch; C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb\plugincontainer.exe [556304 2015-05-10] ()
R2 Update Mgr DragonBranch; C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb\updater.exe [478992 2015-05-10] ()


C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb
C:\Program Files (x86)\Common Files\b56dff5a-df23-4e43-acde-a4f08b8dcffb
C:\Program Files (x86)\Skype\Toolbars
2015-05-10 09:41 - 2014-11-21 21:36 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4FDA.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\asw530B.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00224896 _____ () C:\Windows\system32\Drivers\asw531C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\asw524C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\asw534C.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\asw526D.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00065776 _____ () C:\Windows\system32\Drivers\asw52CC.tmp
2015-05-10 09:41 - 2014-08-01 21:36 - 00029208 _____ () C:\Windows\system32\Drivers\asw525C.tmp
2015-05-09 12:58 - 2015-05-09 12:58 - 00000330 _____ () C:\Windows\PFRO.log
2015-05-09 11:07 - 2015-05-08 22:53 - 00000353 _____ () C:\zoek-results2015-05-08-205308.log
2015-05-08 22:53 - 2015-05-08 22:15 - 00000389 _____ () C:\zoek-results2015-05-08-201555.log
2015-05-08 22:44 - 2015-05-08 22:44 - 00019095 _____ () C:\Users\Andrea\Desktop\AdwCleaner[S0].txt
2015-05-08 22:15 - 2015-05-09 11:07 - 00000401 _____ () C:\zoek-results.log
2015-05-08 22:15 - 2015-05-08 22:15 - 00018997 _____ () C:\Users\Andrea\Desktop\AdwCleaner[R0].txt
2015-05-08 22:12 - 2015-05-08 22:13 - 04180806 _____ () C:\Users\Andrea\Downloads\zoek.zip
2015-05-08 22:09 - 2015-05-09 11:07 - 00000379 _____ () C:\runcheck.txt
2015-05-08 22:09 - 2015-05-08 22:09 - 01308672 _____ () C:\Users\Andrea\Desktop\zoek.exe
2015-05-08 22:09 - 2015-05-08 22:09 - 00000000 ____D () C:\zoek_backup
2015-05-08 21:53 - 2015-05-09 12:57 - 00000000 ____D () C:\AdwCleaner
2015-05-08 21:53 - 2015-05-08 21:53 - 02204160 _____ () C:\Users\Andrea\Desktop\adwcleaner_4.203(1).exe
2015-05-08 21:53 - 2015-05-08 21:53 - 00015539 _____ () C:\Users\Andrea\Downloads\adwcleaner_4.203.exe
2015-05-08 21:32 - 2015-05-08 21:37 - 00000000 ____D () C:\Program Files\trend micro
2015-05-08 21:32 - 2015-05-08 21:32 - 00000000 ____D () C:\rsit
2015-05-08 21:31 - 2015-05-08 21:31 - 01222144 _____ () C:\Users\Andrea\Downloads\RSITx64.exe
2015-05-08 18:31 - 2015-05-08 18:31 - 13825818 _____ () C:\Users\Andrea\Downloads\cc-setup.exe
2015-05-08 18:29 - 2015-05-08 18:29 - 00733352 _____ () C:\Users\Andrea\Downloads\ccleaner-lista-centrumcz.exe
2015-04-24 07:01 - 2015-04-24 07:01 - 01785400 _____ () C:\Users\Andrea\Downloads\wrar520cz.exe
2015-04-18 17:27 - 2015-04-18 17:27 - 00000000 ____D () C:\Program Files (x86)\Dragon Branch
2015-04-18 17:27 - 2015-05-10 08:44 - 00000000 ____D () C:\ProgramData\b56dff5a-df23-4e43-acde-a4f08b8dcffb

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002Core.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2351530261-1594788566-2326651036-1002UA.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndrea.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

prosím o kontrolu notebooku dcery

prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery

Re: prosím o kontrolu notebooku dcery