Pravděpodobný vir

[luckastepankov]

Dobrý den,
potřebovala by jsem pomoct s odstraněním pravděpodobného viru. Tento vir mi zahlcuje notebook na 99% a jsou to procesy ve tvaru winnet32b.exe a inet32upd.exe. Nejsem si jistá, ale potřebovala bych pomoct s tímto problémem, který mi zahlcuje absolutně notebook děkuji za odpověď a pomoc...

[altrok]

Zdravim,


kousek nad Vasim prispevkem je velky oranzovy obdelnik s uvodnimi instrukcemi. Vlozte prosim log z RSIT/FRST a koukneme na to

[luckastepankov]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Lucie (administrator) on LUCKA on 21-05-2015 21:43:49
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
() C:\Windows\System32\cpuminer-gw64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Users\Lucie\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lucie\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Networking\winnet32b.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Networking\inet32upd.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Akamai Technologies, Inc.) C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391152 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [771056 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [769520 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe [1353504 2015-05-04] ()
HKLM-x32\...\Run: [cpuminer-gpu] => C:\Users\Lucie\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [96 2015-05-02] ()
HKLM-x32\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-05-08] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [] => [X]
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [GoogleChromeAutoLaunch_9752FD91EC81386F8187715A319E4BE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lucie\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lucie\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-17] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> 2FAFD15F1465F816A7B33D35E02C0ED8 URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> 58EBCBEDE00519DFF498F085EA2F3563 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> C0E293AB3CEC6EFC60696ED165C30F0A URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> E3717D58D03A54103C99350D15A39F74 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-17] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-17] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.seznam.cz/?clid=6826
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3203969364-2797722002-613951821-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lucie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-171529.xml [2015-01-29]
FF Extension: Seznam lištička - C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-05-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-02-13]

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/webhp?sourceid=ch ... 2&ie=UTF-8"
CHR Profile: C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-15]
CHR Extension: (Google Docs) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-15]
CHR Extension: (Google Drive) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-05-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-05-15]
CHR Extension: (YouTube) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-15]
CHR Extension: (Adblock Plus) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-17]
CHR Extension: (Google Search) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-15]
CHR Extension: (Google Sheets) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-15]
CHR Extension: (Bookmark Manager) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-17]
CHR Extension: (Blogger) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-04-09]
CHR Extension: (Google Wallet) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-15]
CHR Extension: (No Name) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-05-15]
CHR Extension: (Gmail) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-15]
CHR HKU\S-1-5-21-3203969364-2797722002-613951821-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-17]

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-17] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-10-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-10-18] (CyberLink)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
S2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-17] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-17] ()
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-01-29] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-08-19] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2015-05-02] (Ralink Technology, Corp.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2013-08-22] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

[luckastepankov]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 21:43 - 2015-05-21 21:44 - 00033073 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-05-21 21:43 - 2015-05-21 21:44 - 00000000 ____D () C:\FRST
2015-05-21 21:41 - 2015-05-21 21:42 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-05-21 21:37 - 2015-05-21 21:37 - 02108416 _____ (Farbar) C:\Users\Lucie\Desktop\FRST64.exe
2015-05-16 11:49 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-16 11:49 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-16 11:49 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-16 11:49 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-16 11:49 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-16 11:48 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-16 11:48 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-16 11:48 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-16 11:48 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-16 11:48 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-16 11:48 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-16 11:48 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-16 11:48 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-16 11:48 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-16 11:48 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-16 11:48 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-16 11:48 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-16 11:48 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-16 11:48 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-16 11:48 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-16 11:48 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-16 11:48 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-16 11:48 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-16 11:48 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-16 11:48 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-16 11:48 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-16 11:48 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-16 11:48 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-16 11:48 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-15 12:46 - 2015-05-05 19:59 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-15 12:46 - 2015-05-05 19:59 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-14 13:47 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 13:47 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:23 - 2015-05-15 18:10 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Popcorn-Time
2015-05-13 19:22 - 2015-05-13 19:22 - 00002263 _____ () C:\Users\Lucie\Desktop\Popcorn Time.lnk
2015-05-13 19:22 - 2015-05-13 19:22 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-05-13 19:20 - 2015-05-13 19:22 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Popcorn Time
2015-05-13 19:19 - 2015-05-13 19:20 - 23315064 _____ (Popcorn Official) C:\Users\Lucie\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
2015-05-13 18:47 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 18:47 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 18:47 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 18:47 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 18:47 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 18:47 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 18:47 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 18:47 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 18:47 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 18:47 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 18:47 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 18:47 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 18:47 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 18:47 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 18:47 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 18:47 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 18:47 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 18:47 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 18:47 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 18:47 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 18:47 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 18:47 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 18:47 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 18:47 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 18:47 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 18:47 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 18:47 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 18:47 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 18:47 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 18:47 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 18:47 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 18:47 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 18:47 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 18:47 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 18:47 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 18:47 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 18:47 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 18:47 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 18:47 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 18:39 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 18:39 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 18:39 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 18:38 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 18:38 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:38 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:38 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 18:38 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 18:38 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 18:38 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 18:38 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-09 10:06 - 2015-05-09 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-08 16:10 - 2015-05-08 16:10 - 00615936 _____ () C:\Windows\AutoKMS.exe
2015-05-08 16:10 - 2015-05-08 16:10 - 00000161 _____ () C:\Windows\AutoKMS.ini
2015-05-08 16:04 - 2015-05-08 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-05-08 16:04 - 2015-05-08 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-08 16:03 - 2015-05-08 16:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-08 16:02 - 2015-05-08 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-05-08 16:01 - 2015-05-16 13:08 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForLucie.job
2015-05-08 16:01 - 2015-05-16 11:43 - 00003158 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLucie
2015-05-07 22:58 - 2015-05-07 22:58 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-05-07 22:57 - 2015-05-07 22:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-05-07 21:32 - 2015-05-07 22:53 - 643694983 _____ () C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip
2015-05-07 20:19 - 2015-05-07 20:19 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-07 20:18 - 2015-05-21 18:59 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Seznam.cz
2015-05-07 20:18 - 2015-05-07 20:18 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\cpuminer
2015-05-07 19:50 - 2015-05-07 19:50 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2015-05-07 19:50 - 2015-05-07 19:50 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-05-07 19:20 - 2015-05-07 19:20 - 00003260 _____ () C:\Windows\System32\Tasks\{D4501CD2-1B32-45A0-8343-455A1A31174A}
2015-05-06 21:57 - 2015-05-06 21:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-05-06 21:57 - 2015-05-06 21:57 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-06 21:52 - 2015-05-06 21:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-05-06 21:45 - 2015-05-06 21:50 - 699004928 _____ () C:\Users\Lucie\Downloads\OfficeProfessionalPlus_x86_en-us.img
2015-05-06 21:29 - 2015-05-06 21:29 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-06 21:29 - 2015-05-06 21:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-06 21:18 - 2015-05-10 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-06 21:17 - 2015-05-08 16:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-06 20:37 - 2015-05-11 19:54 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Microsoft Help
2015-05-06 20:37 - 2015-05-07 22:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-06 20:36 - 2015-05-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-06 20:36 - 2015-05-06 20:36 - 00000000 __RHD () C:\MSOCache
2015-05-05 12:47 - 2015-05-05 12:47 - 00000421 _____ () C:\Windows\system32\cpuminer-conf.json
2015-05-04 19:27 - 2015-05-04 19:27 - 01353504 _____ () C:\Windows\system32\cpuminer-gw64.exe
2015-05-02 12:03 - 2015-05-02 12:03 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2015-05-02 11:55 - 2015-05-02 11:55 - 01205872 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\rtbth.sys
2015-05-02 11:55 - 2015-05-02 11:55 - 00040958 _____ () C:\Windows\system32\Drivers\rt3298.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 21:18 - 2014-08-15 17:58 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203969364-2797722002-613951821-1001
2015-05-21 21:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-21 21:12 - 2014-09-29 17:28 - 00099840 ___SH () C:\Users\Lucie\Desktop\Thumbs.db
2015-05-21 21:11 - 2014-08-17 22:10 - 00129024 ___SH () C:\Users\Lucie\Downloads\Thumbs.db
2015-05-21 21:08 - 2014-08-15 17:42 - 01498256 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 20:56 - 2014-08-15 18:30 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 20:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-21 20:15 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-21 20:13 - 2015-04-09 18:33 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 20:13 - 2015-04-09 18:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 20:02 - 2013-12-05 12:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-05-21 19:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-21 19:08 - 2014-08-15 18:31 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-21 18:56 - 2014-10-11 15:35 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Akamai
2015-05-21 18:56 - 2014-08-15 18:05 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9978E238-9EE6-4FD0-852B-4A2850405CE6}
2015-05-21 18:55 - 2015-01-29 18:09 - 00000000 ___RD () C:\Users\Lucie\Disk Google
2015-05-21 18:55 - 2014-08-19 10:20 - 00000000 ___DO () C:\Users\Lucie\OneDrive
2015-05-21 18:55 - 2014-08-17 11:36 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\DropboxMaster
2015-05-21 18:55 - 2014-08-17 11:34 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Dropbox
2015-05-21 18:55 - 2014-08-15 18:30 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 18:55 - 2014-08-15 17:54 - 00000000 ____D () C:\Users\Lucie\Documents\Youcam
2015-05-18 19:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-18 18:58 - 2013-08-22 16:46 - 00041606 _____ () C:\Windows\setupact.log
2015-05-18 18:58 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-18 18:58 - 2013-08-22 16:44 - 00524024 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-18 18:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-18 18:55 - 2013-08-22 15:25 - 01048576 ___SH () C:\Windows\system32\config\BBI
2015-05-18 18:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-17 10:43 - 2014-08-17 14:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-17 10:15 - 2014-08-17 14:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-16 11:41 - 2014-08-16 13:58 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-15 17:51 - 2014-08-15 18:30 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 17:51 - 2014-08-15 18:30 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 22:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 13:38 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 17:16 - 2014-08-15 17:52 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Packages
2015-05-11 15:47 - 2015-01-29 18:15 - 00000464 ____H () C:\Windows\Tasks\Norton Security Scan for Lucie.job
2015-05-10 09:52 - 2013-08-26 08:01 - 00027554 _____ () C:\Windows\PFRO.log
2015-05-10 09:29 - 2013-08-22 15:25 - 00000199 _____ () C:\Windows\win.ini
2015-05-09 08:47 - 2014-08-17 22:14 - 00000000 ____D () C:\Users\Lucie\Desktop\Filmy
2015-05-08 22:51 - 2015-01-29 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-08 22:33 - 2013-12-05 19:53 - 00769430 _____ () C:\Windows\system32\perfh005.dat
2015-05-08 22:33 - 2013-12-05 19:53 - 00167026 _____ () C:\Windows\system32\perfc005.dat
2015-05-08 22:33 - 2013-08-26 08:09 - 01886526 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 16:03 - 2013-08-26 08:12 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-08 16:02 - 2013-12-05 12:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-08 16:02 - 2013-12-05 12:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-07 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-07 22:57 - 2013-08-22 21:12 - 00000000 ____D () C:\Windows\ShellNew
2015-05-05 15:37 - 2014-08-17 11:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-02 12:10 - 2014-02-13 06:19 - 00005398 _____ () C:\Windows\system32\RaCoInst.log
2015-05-02 12:09 - 2013-09-01 05:49 - 00000000 ____D () C:\SWSetup
2015-05-02 12:04 - 2014-02-13 06:18 - 00000032 _____ () C:\Windows\0

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Users\Lucie\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Lucie\AppData\Local\Temp\COMAP.EXE
C:\Users\Lucie\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Lucie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzypzuq.dll
C:\Users\Lucie\AppData\Local\Temp\eauninstall.exe
C:\Users\Lucie\AppData\Local\Temp\Extract.exe
C:\Users\Lucie\AppData\Local\Temp\hf3i9ke3.dll
C:\Users\Lucie\AppData\Local\Temp\lite_installer.exe
C:\Users\Lucie\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Lucie\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Lucie\AppData\Local\Temp\primosdk.DLL
C:\Users\Lucie\AppData\Local\Temp\px.dll
C:\Users\Lucie\AppData\Local\Temp\pxafs.dll
C:\Users\Lucie\AppData\Local\Temp\PxCpyA64.exe
C:\Users\Lucie\AppData\Local\Temp\PxCpyI64.exe
C:\Users\Lucie\AppData\Local\Temp\pxdrv.dll
C:\Users\Lucie\AppData\Local\Temp\pxhpinst.exe
C:\Users\Lucie\AppData\Local\Temp\PxInsA64.exe
C:\Users\Lucie\AppData\Local\Temp\PxInsI64.exe
C:\Users\Lucie\AppData\Local\Temp\pxmas.dll
C:\Users\Lucie\AppData\Local\Temp\pxsetup.exe
C:\Users\Lucie\AppData\Local\Temp\pxsfs.dll
C:\Users\Lucie\AppData\Local\Temp\pxwave.dll
C:\Users\Lucie\AppData\Local\Temp\sender.exe
C:\Users\Lucie\AppData\Local\Temp\SetupProPlusRetail.x86.cs-CZ_ProPlusRetail_B9GN2-DXXQC-9DHKT-GGWCR-4X6XK_act_1_.exe
C:\Users\Lucie\AppData\Local\Temp\SP66088.exe
C:\Users\Lucie\AppData\Local\Temp\SP69229.exe
C:\Users\Lucie\AppData\Local\Temp\SP69543.exe
C:\Users\Lucie\AppData\Local\Temp\SP69545.exe
C:\Users\Lucie\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Lucie\AppData\Local\Temp\vxblock.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucie\Desktop" je 14690 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[luckastepankov]

Omlouvám se, ale log je příliš dlouhý a proto je zde 2 část a první...

[altrok]

Mate aktivni 2 antiviry (McAfee a Avast), coz muze zpusobovat az nestabilitu systemu (modre smrti apod.), takze jeden z nich odinstalujte, pak v nouzovem rezimu pouzijte oficialni odinstalator https://www.avast.com/cs-cz/uninstall-utility nebo https://service.mcafee.com/FAQDocument.aspx?id=TS101331
Doporucuji ponechat avast, ale konecne rozhodnuti je na Vas.

Predpokladam, ze BitCoiny netezite schvalne, takze je smazeme.

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.

Odinstalujte Seznam Software.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[luckastepankov]

# AdwCleaner v4.205 - Log vytvořen 21/05/2015 v 22:11:16
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-21.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Lucie - LUCKA
# Spuštěno z : C:\Users\Lucie\Desktop\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : 0131151432238418mcinstcleanup

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Lucie\AppData\Roaming\cpuminer
Soubor Smazáno : C:\Windows\System32\cpuminer-conf.json
Soubor Smazáno : C:\Windows\System32\cpuminer-gw64.exe
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utilitychest.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utilitychest.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.centrumbabylon.cz_0.localstorage
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.centrumbabylon.cz_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpuminer
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v43.0.2357.65


-\\ Chromium v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [2714 bytů] - [21/05/2015 22:08:24]
AdwCleaner[S0].txt - [2613 bytů] - [21/05/2015 22:11:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2671 bytů] ##########

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pri druhem a dalsim spusteni je pred zahajenim skenu nutne explicitne zatrhnout volbu Addition, aby byl tento log vytvoren.

[luckastepankov]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Lucie (administrator) on LUCKA on 21-05-2015 22:23:46
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Akamai Technologies, Inc.) C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Networking\inet32upd.exe
() C:\Users\Lucie\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotifications.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391152 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [771056 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [769520 2013-10-25] (Intel Corporation)
HKLM-x32\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
HKLM\...\Run: [cpuminer-gpu] => C:\Users\Lucie\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
HKLM-x32\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-05-08] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-02] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [] => [X]
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [GoogleChromeAutoLaunch_9752FD91EC81386F8187715A319E4BE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-17] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> 2FAFD15F1465F816A7B33D35E02C0ED8 URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> 58EBCBEDE00519DFF498F085EA2F3563 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> C0E293AB3CEC6EFC60696ED165C30F0A URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> E3717D58D03A54103C99350D15A39F74 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKU\S-1-5-21-3203969364-2797722002-613951821-1001 -> {D48C3E6A-4D2A-4FF0-BC71-9277634832B9} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-17] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-17] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.seznam.cz/?clid=6826
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3203969364-2797722002-613951821-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lucie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-171529.xml [2015-01-29]
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-171529.xml [2015-01-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-17]

Chrome:
=======
CHR Profile: C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-15]
CHR Extension: (Google Docs) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-15]
CHR Extension: (Google Drive) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-05-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-05-15]
CHR Extension: (YouTube) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-15]
CHR Extension: (Adblock Plus) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-17]
CHR Extension: (Google Search) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-15]
CHR Extension: (Google Sheets) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-15]
CHR Extension: (Bookmark Manager) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-17]
CHR Extension: (Blogger) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-04-09]
CHR Extension: (Google Wallet) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-15]
CHR Extension: (No Name) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-05-15]
CHR Extension: (Gmail) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-15]
CHR HKU\S-1-5-21-3203969364-2797722002-613951821-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-17]

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-17] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-10-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-10-18] (CyberLink)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-17] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-17] ()
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-01-29] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-08-19] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2015-05-02] (Ralink Technology, Corp.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2013-08-22] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

[luckastepankov]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 22:22 - 2015-05-21 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-05-21 22:08 - 2015-05-21 22:11 - 00000000 ____D () C:\AdwCleaner
2015-05-21 22:07 - 2015-05-21 22:07 - 02223104 _____ () C:\Users\Lucie\Desktop\adwcleaner_4.205.exe
2015-05-21 22:07 - 2015-05-21 22:07 - 00007605 _____ () C:\Users\Lucie\AppData\Local\Resmon.ResmonCfg
2015-05-21 21:43 - 2015-05-21 22:24 - 00028511 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-05-21 21:43 - 2015-05-21 22:23 - 00000000 ____D () C:\FRST
2015-05-21 21:37 - 2015-05-21 21:37 - 02108416 _____ (Farbar) C:\Users\Lucie\Desktop\FRST64.exe
2015-05-16 11:49 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-16 11:49 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-16 11:49 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-16 11:49 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-16 11:49 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-16 11:48 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-16 11:48 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-16 11:48 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-16 11:48 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-16 11:48 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-16 11:48 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-16 11:48 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-16 11:48 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-16 11:48 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-16 11:48 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-16 11:48 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-16 11:48 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-16 11:48 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-16 11:48 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-16 11:48 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-16 11:48 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-16 11:48 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-16 11:48 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-16 11:48 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-16 11:48 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-16 11:48 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-16 11:48 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-16 11:48 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-16 11:48 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-15 12:46 - 2015-05-05 19:59 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-15 12:46 - 2015-05-05 19:59 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-14 13:47 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 13:47 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:23 - 2015-05-15 18:10 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Popcorn-Time
2015-05-13 19:22 - 2015-05-13 19:22 - 00002263 _____ () C:\Users\Lucie\Desktop\Popcorn Time.lnk
2015-05-13 19:22 - 2015-05-13 19:22 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-05-13 19:20 - 2015-05-13 19:22 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Popcorn Time
2015-05-13 19:19 - 2015-05-13 19:20 - 23315064 _____ (Popcorn Official) C:\Users\Lucie\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
2015-05-13 18:47 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 18:47 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 18:47 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 18:47 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 18:47 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 18:47 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 18:47 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 18:47 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 18:47 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 18:47 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 18:47 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 18:47 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 18:47 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 18:47 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 18:47 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 18:47 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 18:47 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 18:47 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 18:47 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 18:47 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 18:47 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 18:47 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 18:47 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 18:47 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 18:47 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 18:47 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 18:47 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 18:47 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 18:47 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 18:47 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 18:47 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 18:47 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 18:47 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 18:47 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 18:47 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 18:47 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 18:47 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 18:47 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 18:47 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 18:39 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 18:39 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 18:39 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 18:38 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 18:38 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:38 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:38 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 18:38 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 18:38 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 18:38 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 18:38 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-09 10:06 - 2015-05-09 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-08 16:10 - 2015-05-08 16:10 - 00615936 _____ () C:\Windows\AutoKMS.exe
2015-05-08 16:10 - 2015-05-08 16:10 - 00000161 _____ () C:\Windows\AutoKMS.ini
2015-05-08 16:04 - 2015-05-08 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-05-08 16:04 - 2015-05-08 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-08 16:03 - 2015-05-08 16:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2015-05-08 16:02 - 2015-05-08 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2015-05-08 16:01 - 2015-05-16 13:08 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForLucie.job
2015-05-08 16:01 - 2015-05-16 11:43 - 00003158 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForLucie
2015-05-07 22:58 - 2015-05-07 22:58 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-05-07 22:57 - 2015-05-07 22:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2015-05-07 21:32 - 2015-05-07 22:53 - 643694983 _____ () C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip
2015-05-07 20:19 - 2015-05-21 22:06 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-07 20:18 - 2015-05-21 22:06 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Seznam.cz
2015-05-07 19:50 - 2015-05-07 19:50 - 00002687 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2015-05-07 19:50 - 2015-05-07 19:50 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-05-07 19:20 - 2015-05-07 19:20 - 00003260 _____ () C:\Windows\System32\Tasks\{D4501CD2-1B32-45A0-8343-455A1A31174A}
2015-05-06 21:57 - 2015-05-06 21:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-05-06 21:57 - 2015-05-06 21:57 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-06 21:52 - 2015-05-06 21:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-05-06 21:45 - 2015-05-06 21:50 - 699004928 _____ () C:\Users\Lucie\Downloads\OfficeProfessionalPlus_x86_en-us.img
2015-05-06 21:29 - 2015-05-06 21:29 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-05-06 21:29 - 2015-05-06 21:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-05-06 21:18 - 2015-05-10 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-06 21:17 - 2015-05-08 16:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-06 20:37 - 2015-05-11 19:54 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Microsoft Help
2015-05-06 20:37 - 2015-05-07 22:57 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-06 20:36 - 2015-05-14 13:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-06 20:36 - 2015-05-06 20:36 - 00000000 __RHD () C:\MSOCache
2015-05-02 12:03 - 2015-05-02 12:03 - 00000000 ____D () C:\Program Files (x86)\Ralink Corporation
2015-05-02 11:55 - 2015-05-02 11:55 - 01205872 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\rtbth.sys
2015-05-02 11:55 - 2015-05-02 11:55 - 00040958 _____ () C:\Windows\system32\Drivers\rt3298.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 22:20 - 2014-08-15 17:58 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3203969364-2797722002-613951821-1001
2015-05-21 22:18 - 2014-08-15 17:42 - 01602342 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 22:17 - 2015-01-29 18:09 - 00000000 ___RD () C:\Users\Lucie\Disk Google
2015-05-21 22:17 - 2014-08-19 10:20 - 00000000 ___DO () C:\Users\Lucie\OneDrive
2015-05-21 22:17 - 2014-08-17 11:36 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\DropboxMaster
2015-05-21 22:17 - 2014-08-17 11:34 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Dropbox
2015-05-21 22:17 - 2014-08-15 17:54 - 00000000 ____D () C:\Users\Lucie\Documents\Youcam
2015-05-21 22:15 - 2014-08-15 18:30 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 22:12 - 2014-02-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-05-21 22:12 - 2013-08-26 08:01 - 00028670 _____ () C:\Windows\PFRO.log
2015-05-21 22:12 - 2013-08-22 16:46 - 00041722 _____ () C:\Windows\setupact.log
2015-05-21 22:12 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 22:11 - 2013-08-22 15:25 - 01048576 ___SH () C:\Windows\system32\config\BBI
2015-05-21 22:02 - 2013-12-05 12:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-05-21 22:02 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-05-21 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-21 21:56 - 2014-08-15 18:30 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 21:12 - 2014-09-29 17:28 - 00099840 ___SH () C:\Users\Lucie\Desktop\Thumbs.db
2015-05-21 21:11 - 2014-08-17 22:10 - 00129024 ___SH () C:\Users\Lucie\Downloads\Thumbs.db
2015-05-21 20:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-21 20:15 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-21 20:13 - 2015-04-09 18:33 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 20:13 - 2015-04-09 18:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 19:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-21 19:08 - 2014-08-15 18:31 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-21 18:56 - 2014-10-11 15:35 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Akamai
2015-05-21 18:56 - 2014-08-15 18:05 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9978E238-9EE6-4FD0-852B-4A2850405CE6}
2015-05-18 19:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-18 18:58 - 2013-08-22 16:44 - 00524024 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-18 18:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-18 18:53 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-17 10:43 - 2014-08-17 14:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-17 10:15 - 2014-08-17 14:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-16 11:41 - 2014-08-16 13:58 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-15 17:51 - 2014-08-15 18:30 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 17:51 - 2014-08-15 18:30 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 22:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 13:38 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 17:16 - 2014-08-15 17:52 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Packages
2015-05-11 15:47 - 2015-01-29 18:15 - 00000464 ____H () C:\Windows\Tasks\Norton Security Scan for Lucie.job
2015-05-10 09:29 - 2013-08-22 15:25 - 00000199 _____ () C:\Windows\win.ini
2015-05-08 22:51 - 2015-01-29 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-08 22:33 - 2013-12-05 19:53 - 00769430 _____ () C:\Windows\system32\perfh005.dat
2015-05-08 22:33 - 2013-12-05 19:53 - 00167026 _____ () C:\Windows\system32\perfc005.dat
2015-05-08 22:33 - 2013-08-26 08:09 - 01886526 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 16:03 - 2013-08-26 08:12 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-08 16:02 - 2013-12-05 12:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-05-08 16:02 - 2013-12-05 12:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-07 22:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-07 22:57 - 2013-08-22 21:12 - 00000000 ____D () C:\Windows\ShellNew
2015-05-05 15:37 - 2014-08-17 11:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-02 12:10 - 2014-02-13 06:19 - 00005398 _____ () C:\Windows\system32\RaCoInst.log
2015-05-02 12:09 - 2013-09-01 05:49 - 00000000 ____D () C:\SWSetup
2015-05-02 12:04 - 2014-02-13 06:18 - 00000032 _____ () C:\Windows\0

==================== Files in the root of some directories =======

2015-05-21 22:07 - 2015-05-21 22:07 - 0007605 _____ () C:\Users\Lucie\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Lucie\AppData\Local\Temp\0131151432238418mcinst.exe
C:\Users\Lucie\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Lucie\AppData\Local\Temp\COMAP.EXE
C:\Users\Lucie\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Lucie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp99ugx.dll
C:\Users\Lucie\AppData\Local\Temp\eauninstall.exe
C:\Users\Lucie\AppData\Local\Temp\Extract.exe
C:\Users\Lucie\AppData\Local\Temp\hf3i9ke3.dll
C:\Users\Lucie\AppData\Local\Temp\lite_installer.exe
C:\Users\Lucie\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Lucie\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Lucie\AppData\Local\Temp\primosdk.DLL
C:\Users\Lucie\AppData\Local\Temp\px.dll
C:\Users\Lucie\AppData\Local\Temp\pxafs.dll
C:\Users\Lucie\AppData\Local\Temp\PxCpyA64.exe
C:\Users\Lucie\AppData\Local\Temp\PxCpyI64.exe
C:\Users\Lucie\AppData\Local\Temp\pxdrv.dll
C:\Users\Lucie\AppData\Local\Temp\pxhpinst.exe
C:\Users\Lucie\AppData\Local\Temp\PxInsA64.exe
C:\Users\Lucie\AppData\Local\Temp\PxInsI64.exe
C:\Users\Lucie\AppData\Local\Temp\pxmas.dll
C:\Users\Lucie\AppData\Local\Temp\pxsetup.exe
C:\Users\Lucie\AppData\Local\Temp\pxsfs.dll
C:\Users\Lucie\AppData\Local\Temp\pxwave.dll
C:\Users\Lucie\AppData\Local\Temp\Quarantine.exe
C:\Users\Lucie\AppData\Local\Temp\sender.exe
C:\Users\Lucie\AppData\Local\Temp\SetupProPlusRetail.x86.cs-CZ_ProPlusRetail_B9GN2-DXXQC-9DHKT-GGWCR-4X6XK_act_1_.exe
C:\Users\Lucie\AppData\Local\Temp\SP66088.exe
C:\Users\Lucie\AppData\Local\Temp\SP69229.exe
C:\Users\Lucie\AppData\Local\Temp\SP69543.exe
C:\Users\Lucie\AppData\Local\Temp\SP69545.exe
C:\Users\Lucie\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Lucie\AppData\Local\Temp\sqlite3.dll
C:\Users\Lucie\AppData\Local\Temp\vxblock.dll
C:\Users\Lucie\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucie\Desktop" je 2468 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[luckastepankov]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Lucie at 2015-05-21 22:25:42
Running from C:\Users\Lucie\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3203969364-2797722002-613951821-500 - Administrator - Disabled)
Guest (S-1-5-21-3203969364-2797722002-613951821-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3203969364-2797722002-613951821-1003 - Limited - Enabled)
Lucie (S-1-5-21-3203969364-2797722002-613951821-1001 - Administrator - Enabled) => C:\Users\Lucie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Photoshop Lightroom 2.3 64-bit (HKLM\...\{AA45E50C-1447-48CD-9B49-61B82ED1F95C}) (Version: 2.3.1 - Adobe)
Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe)
Adobe Photoshop Lightroom 4 64-bit (HKLM\...\{669A82E0-43E2-4645-8A2E-1A3DE78F8312}) (Version: 4.0.1 - Adobe)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{3E4F8F22-14D3-074D-0A72-5EE998D3CFAB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Andy OS (HKLM-x32\...\ANDY OS) (Version: 1.1 - andyroid.net)
Antický Řím 1.0 (HKLM-x32\...\{Anticky Rim}_is1) (Version: - Špidla Data Processing, s.r.o.)
Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{011580CB-3D7F-47A6-A5D2-1287A4E43C73}) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3418 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA:SanAndreas_CZ (HKLM-x32\...\GTA:SanAndreas_CZ) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{1D7EB7E7-0B5D-4A23-A383-7EF133090026}) (Version: 2.3.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Mediatek Bluetooth (HKLM\...\{904C579C-9366-D3B7-7F31-4879401DBD4A}) (Version: 11.0.756.0 - Mediatek)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.1.0.28 - Symantec Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Název společnosti:)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Popcorn Time (HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Popcorn Time) (Version: - Popcorn Official)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Save-o-gram Instagram Downloader 2.9 (HKLM-x32\...\D7372C31-9347-4c81-94DD-0AB7906B9E9A_is1) (Version: - Genesis Mobile)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3203969364-2797722002-613951821-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3203969364-2797722002-613951821-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3203969364-2797722002-613951821-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3203969364-2797722002-613951821-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Lucie\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

11-05-2015 18:44:06 Windows Update
17-05-2015 10:12:40 Windows Update
21-05-2015 20:11:09 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0863C065-EAA3-434A-8915-EC6EDB38BC3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-07] (Microsoft Corporation)
Task: {132E1186-7472-4EED-9D37-46EE487773B4} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {13E3585D-95C4-43C4-B2A5-B838D6399DB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1865FF86-F6A5-4960-859B-F856AF1C35D8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {43977F1F-ECA2-4469-8193-31E9A05C59F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-07] (Microsoft Corporation)
Task: {4BD11701-9F6C-4FAB-8634-D66C3D4F7951} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-17] (Microsoft Corporation)
Task: {51035844-7EAE-44CE-B3CA-93A9B5F9D372} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {6666F6FA-1332-4ADC-B363-80C6173BC9F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-17] (AVAST Software)
Task: {6FB1BCC0-119B-4324-82D9-414379119623} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {72288126-E7B6-45F8-B40A-BC150F64D5CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-15] (Google Inc.)
Task: {752E1090-8B56-441B-9857-5639424A9D7A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {7853FB29-EA68-4791-BF7B-4AE61B082EB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2013-08-29] (Hewlett-Packard Company)
Task: {7EC2C228-34C3-4D05-8724-3D942D666BD5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {85ADD480-8338-4D49-8F17-D9ED91418067} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {8BFADE8F-E5AA-4502-85D4-8F30482AD80A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {90ADD30E-596C-481D-B2D5-FC382ED45E4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-15] (Google Inc.)
Task: {A5AC6143-C50B-4A85-98A3-9E0C6AA2913F} - System32\Tasks\Norton Security Scan for Lucie => C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\Nss.exe [2014-01-27] (Symantec Corporation)
Task: {AB0DF649-B0D4-41EE-BE4D-3FE1B8CAFF6D} - System32\Tasks\{D4501CD2-1B32-45A0-8343-455A1A31174A} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" -c /uninstall PROPLUSR /dll OSETUP.DLL
Task: {C35DFF59-93B4-4075-93D1-422E6C9C0566} - System32\Tasks\HPCeeScheduleForLucie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {C8694886-2900-43FF-A09A-D38966B20D9B} - System32\Tasks\avastBCLRestartS-1-5-21-3203969364-2797722002-613951821-1001 => Chrome.exe
Task: {DDCD1B6D-D789-4B89-B244-D764D21CA44E} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {E7A0226C-9B07-49BF-9E18-9D9D16CDE3B4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {EAEA99DB-4E0B-4D3C-B9B4-BAF50F66184A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe

[altrok]

Odinstalujte starou a zranitelnou verzi javy Java 7 Update 67. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
  C:\Windows\system32\cpuminer-gw64.exe
  HKLM\...\Run: [cpuminer-gpu] => C:\Users\Lucie\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
  C:\Users\Lucie\AppData\Roaming\cpuminer
  HKLM-x32\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-05-08] ()
  C:\Windows\AutoKMS.exe
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
  HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
  HKLM\...\Policies\Explorer: [NoFolderOptions] 0
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [] => [X]
  HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
  HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
  Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-16] ()
  Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-16] ()
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  2015-05-21 22:22 - 2015-05-21 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
  2015-05-21 22:08 - 2015-05-21 22:11 - 00000000 ____D () C:\AdwCleaner
  2015-05-21 22:07 - 2015-05-21 22:07 - 02223104 _____ () C:\Users\Lucie\Desktop\adwcleaner_4.205.exe
  2015-05-21 21:43 - 2015-05-21 22:24 - 00028511 _____ () C:\Users\Lucie\Desktop\FRST.txt
  2015-05-08 16:10 - 2015-05-08 16:10 - 00615936 _____ () C:\Windows\AutoKMS.exe
  2015-05-08 16:10 - 2015-05-08 16:10 - 00000161 _____ () C:\Windows\AutoKMS.ini
  2015-05-07 21:32 - 2015-05-07 22:53 - 643694983 _____ () C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip
  2015-05-21 22:12 - 2014-02-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\mcafee
  
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
  Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
  Hosts:
  EmptyTemp:
  End
  

[luckastepankov]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Lucie at 2015-05-21 22:48:15 Run:1
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
C:\Windows\system32\cpuminer-gw64.exe
HKLM\...\Run: [cpuminer-gpu] => C:\Users\Lucie\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
C:\Users\Lucie\AppData\Roaming\cpuminer
HKLM-x32\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-05-08] ()
C:\Windows\AutoKMS.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [] => [X]
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-16] ()

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-05-21 22:22 - 2015-05-21 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-05-21 22:08 - 2015-05-21 22:11 - 00000000 ____D () C:\AdwCleaner
2015-05-21 22:07 - 2015-05-21 22:07 - 02223104 _____ () C:\Users\Lucie\Desktop\adwcleaner_4.205.exe
2015-05-21 21:43 - 2015-05-21 22:24 - 00028511 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-05-08 16:10 - 2015-05-08 16:10 - 00615936 _____ () C:\Windows\AutoKMS.exe
2015-05-08 16:10 - 2015-05-08 16:10 - 00000161 _____ () C:\Windows\AutoKMS.ini
2015-05-07 21:32 - 2015-05-07 22:53 - 643694983 _____ () C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip
2015-05-21 22:12 - 2014-02-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\mcafee

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => value Deleted successfully.
"C:\Windows\system32\cpuminer-gw64.exe" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer-gpu => value Deleted successfully.
"C:\Users\Lucie\AppData\Roaming\cpuminer" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => Value not found.
C:\Windows\AutoKMS.exe => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value Deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value Deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value Deleted successfully.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value Deleted successfully.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => value Deleted successfully.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value Deleted successfully.
C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => Moved successfully.
C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => Moved successfully.

[altrok]

Pokud je tohle opravdu cely obsah fixlogu, krok s fixlistem (stejny obsah) zopakujte.

[luckastepankov]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Lucie at 2015-05-21 22:59:24 Run:2
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [cpuminer] => C:\Windows\system32\cpuminer-gw64.exe
C:\Windows\system32\cpuminer-gw64.exe
HKLM\...\Run: [cpuminer-gpu] => C:\Users\Lucie\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
C:\Users\Lucie\AppData\Roaming\cpuminer
HKLM-x32\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2015-05-08] ()
C:\Windows\AutoKMS.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [] => [X]
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Lucie\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-16] ()
Startup: C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-05-16] ()

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-05-21 22:22 - 2015-05-21 22:23 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-05-21 22:08 - 2015-05-21 22:11 - 00000000 ____D () C:\AdwCleaner
2015-05-21 22:07 - 2015-05-21 22:07 - 02223104 _____ () C:\Users\Lucie\Desktop\adwcleaner_4.205.exe
2015-05-21 21:43 - 2015-05-21 22:24 - 00028511 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-05-08 16:10 - 2015-05-08 16:10 - 00615936 _____ () C:\Windows\AutoKMS.exe
2015-05-08 16:10 - 2015-05-08 16:10 - 00000161 _____ () C:\Windows\AutoKMS.ini
2015-05-07 21:32 - 2015-05-07 22:53 - 643694983 _____ () C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip
2015-05-21 22:12 - 2014-02-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\mcafee

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLucie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Lucie.job => C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe
Hosts:
EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => Value not found.
"C:\Windows\system32\cpuminer-gw64.exe" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer-gpu => Value not found.
"C:\Users\Lucie\AppData\Roaming\cpuminer" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => Value not found.
"C:\Windows\AutoKMS.exe" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value not found.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value not found.
HKU\S-1-5-21-3203969364-2797722002-613951821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Value not found.
C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe not found.
C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
C:\Users\Lucie\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\Lucie\Desktop\adwcleaner_4.205.exe" => File/Directory not found.
"C:\Users\Lucie\Desktop\FRST.txt" => File/Directory not found.
"C:\Windows\AutoKMS.exe" => File/Directory not found.
"C:\Windows\AutoKMS.ini" => File/Directory not found.
"C:\Users\Lucie\Downloads\Microsoft-office-2010-v-češtině-+-aktivátor...-by-elmaros.zip" => File/Directory not found.
"C:\Program Files\Common Files\mcafee" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\Tasks\HPCeeScheduleForLucie.job not found.
C:\Windows\Tasks\Norton Security Scan for Lucie.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 57.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 22:59:35 ====