VIRY.CZ

Dobrý den,
chtěl bych poprosit o kontrolu logu. Poslední dobou často pozoruji zpomalení.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by jiri (administrator) on TIELK on 17-07-2015 19:56:48
Running from C:\Users\jiri\Desktop
Loaded Profiles: jiri (Available Profiles: jiri)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SkypEmoticons) C:\Users\jiri\AppData\Roaming\SkypEmoticons\SE.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dropbox, Inc.) C:\Users\jiri\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\Run: [SE] => C:\Users\jiri\AppData\Roaming\SkypEmoticons\SE.exe [5679008 2014-12-10] (SkypEmoticons)
HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\Run: [Dropbox Update] => C:\Users\jiri\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
Startup: C:\Users\jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001 -> {52C86353-1964-4281-BF00-B85F667908C7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8507C9EC-32BE-497A-B856-8C5A719579E4}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-06]
CHR Extension: (YouTube) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-06]
CHR Extension: (Adblock Plus) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-17]
CHR Extension: (Google Search) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-06]
CHR Extension: (AdBlock) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-06]
CHR Extension: (Gmail) - C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U4 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-06-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-06-30] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [295400 2015-06-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 19:56 - 2015-07-17 20:00 - 00014454 _____ C:\Users\jiri\Desktop\FRST.txt
2015-07-17 19:56 - 2015-07-17 19:57 - 00000000 ____D C:\FRST
2015-07-17 19:55 - 2015-07-17 19:55 - 02133504 _____ (Farbar) C:\Users\jiri\Desktop\FRST64.exe
2015-07-17 19:53 - 2015-07-17 19:53 - 00112640 _____ C:\Users\jiri\Desktop\FRSTLauncher.exe
2015-07-17 19:45 - 2015-07-17 19:45 - 02001540 _____ C:\Users\jiri\Downloads\pc-decrapifier-3.0.0 (1).exe
2015-07-17 19:44 - 2015-07-17 19:44 - 02001540 _____ C:\Users\jiri\Downloads\pc-decrapifier-3.0.0.exe
2015-07-17 19:18 - 2015-07-17 19:18 - 00001082 _____ C:\Users\jiri\Downloads\airbank_1222850013_2015-07-17_19-18.csv
2015-07-16 19:17 - 2015-07-16 19:17 - 00004942 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TIELK-jiri Tielk
2015-07-16 18:13 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 18:13 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 18:13 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 18:13 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 18:13 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 18:13 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 18:13 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 18:13 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 18:13 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-16 18:13 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 18:13 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 18:13 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 18:13 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-16 18:13 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-16 18:02 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-16 18:02 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-16 17:37 - 2015-07-16 17:37 - 00003156 _____ C:\Windows\System32\Tasks\{BEB1A543-5DD8-4EDD-8126-9E2782D2B803}
2015-07-16 17:12 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 17:12 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 17:07 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 17:07 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 17:07 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 17:07 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 17:07 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 17:07 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 17:07 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 17:07 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 17:07 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 17:07 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 17:07 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 17:07 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 17:07 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 17:07 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 17:07 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 17:07 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 17:06 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 17:04 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 17:04 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 17:04 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 17:04 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 17:04 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 17:04 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 17:04 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 17:04 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 17:04 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 17:04 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 17:04 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 17:04 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 17:04 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 17:02 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 17:02 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 17:02 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 17:02 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 17:02 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 17:02 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 17:02 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 17:02 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 17:02 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 17:01 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-16 17:01 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-16 17:01 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-16 17:01 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-16 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-16 17:01 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-16 16:48 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 16:48 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 16:48 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 16:48 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 16:48 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 16:48 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 16:48 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 16:48 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 16:48 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 16:48 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 16:48 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-16 16:41 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 16:41 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 16:41 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 16:41 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 16:41 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-16 16:41 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 16:41 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 16:41 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-16 16:41 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 16:41 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-16 16:41 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-16 16:41 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 16:41 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 16:41 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-16 16:41 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 16:41 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 16:41 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 16:41 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 16:41 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 16:41 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 16:41 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-16 16:41 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 16:41 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 16:41 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-16 16:41 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 16:41 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-16 16:41 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-16 16:41 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 16:41 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 16:41 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 16:41 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-16 16:41 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 16:41 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 16:33 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 16:33 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 16:28 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 19:14 - 2015-07-16 20:13 - 00000348 _____ C:\Windows\setupact.log
2015-07-15 19:14 - 2015-07-15 19:14 - 00000000 _____ C:\Windows\setuperr.log
2015-07-14 21:11 - 2015-07-14 21:11 - 00023377 _____ C:\Users\jiri\Downloads\The.Fosters.S03E06.HDTV.BATV.en.zip
2015-07-14 21:11 - 2015-07-14 14:07 - 00111438 ____N C:\Users\jiri\Downloads\The.Fosters.S03E06.HDTV.BATV.en..srt
2015-07-14 20:18 - 2015-07-14 20:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-14 20:18 - 2015-07-14 20:18 - 00000000 ____D C:\Program Files\MSBuild
2015-07-14 20:18 - 2015-07-14 20:18 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-14 20:18 - 2015-07-14 20:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-14 20:09 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-07-14 20:09 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-07-14 18:01 - 2015-07-14 18:26 - 364396636 _____ C:\Users\jiri\Downloads\the-fosters-2013-s03e06-internal-hdtv-xvid-fum.avi
2015-07-13 21:50 - 2015-07-13 21:50 - 00033718 _____ C:\Users\jiri\Downloads\Cinderella0000256131.zip
2015-07-13 21:44 - 2015-07-15 18:47 - 00000000 ____D C:\Users\jiri\Desktop\Cinderella (2015) [1080p]
2015-07-13 21:30 - 2015-07-13 21:30 - 00557117 _____ (Ladislav Havlát ) C:\Users\jiri\Downloads\rajce-downloader-1-0-0-0-setup.exe
2015-07-13 19:52 - 2015-07-13 19:52 - 00008621 _____ C:\Users\jiri\Downloads\Rozpočet.xlsx
2015-07-11 20:35 - 2015-07-11 20:35 - 00000000 ____D C:\Users\jiri\AppData\Local\Deployment
2015-07-11 20:35 - 2015-07-11 20:35 - 00000000 ____D C:\Users\jiri\AppData\Local\Apps\2.0
2015-07-11 20:34 - 2015-07-11 20:34 - 00675936 _____ () C:\Users\jiri\Downloads\GitHubSetup.exe
2015-07-11 11:51 - 2015-07-11 11:51 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-10 20:42 - 2015-07-17 15:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-10 20:25 - 2015-07-10 20:26 - 00000000 ____D C:\Users\jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-26 09:49 - 2015-06-26 09:49 - 00293296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-06-21 21:19 - 2015-06-21 21:19 - 00000000 ____D C:\Users\jiri\AppData\Local\Adobe_Systems_Incorporate
2015-06-21 21:17 - 2015-07-15 09:40 - 00000000 ____D C:\Users\jiri\Documents\My Digital Editions
2015-06-21 21:16 - 2015-06-21 21:17 - 08466632 _____ (Adobe Systems Incorporated) C:\Users\jiri\Downloads\ADE_4.0_Installer.exe
2015-06-21 18:43 - 2015-06-21 18:43 - 00000000 ____D C:\Users\jiri\AppData\Local\GWX
2015-06-18 21:23 - 2015-07-17 19:28 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001UA.job
2015-06-18 21:23 - 2015-07-16 21:28 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001Core.job
2015-06-18 21:23 - 2015-06-18 21:23 - 00003870 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001UA
2015-06-18 21:23 - 2015-06-18 21:23 - 00003490 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001Core
2015-06-18 21:22 - 2015-06-18 21:23 - 00000000 ____D C:\Users\jiri\AppData\Local\Dropbox
2015-06-18 21:22 - 2015-06-18 21:22 - 00000000 ____D C:\ProgramData\Dropbox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 19:38 - 2014-12-10 20:38 - 00001342 _____ C:\Windows\Tasks\TJBI.job
2015-07-17 19:37 - 2014-12-10 20:37 - 00001346 _____ C:\Windows\Tasks\PXOZYG.job
2015-07-17 19:33 - 2014-12-06 14:28 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-17 19:21 - 2014-12-06 14:01 - 01240850 _____ C:\Windows\WindowsUpdate.log
2015-07-17 19:00 - 2014-12-10 21:25 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-17 19:00 - 2014-12-07 12:46 - 00000000 ____D C:\ProgramData\MFAData
2015-07-17 18:51 - 2015-01-27 22:56 - 00000398 _____ C:\Windows\Tasks\update-sys.job
2015-07-17 18:20 - 2014-12-06 14:23 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1848993905-3544832549-2625717029-1001
2015-07-17 18:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-17 18:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-17 18:14 - 2014-12-07 23:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-17 18:13 - 2014-12-07 23:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-17 18:11 - 2014-12-18 21:16 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-17 18:10 - 2014-12-18 21:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 18:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-17 18:05 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-07-17 18:04 - 2014-12-09 18:09 - 00000000 ____D C:\Windows\system32\MRT
2015-07-17 17:48 - 2015-04-05 19:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 17:48 - 2015-04-05 19:40 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-17 17:10 - 2015-01-27 22:56 - 00000398 _____ C:\Windows\Tasks\update-S-1-5-21-1848993905-3544832549-2625717029-1001.job
2015-07-17 15:50 - 2014-12-28 16:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 15:01 - 2014-12-06 14:27 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F71E4A02-13E8-45FB-BF70-5EC6DA50C3A1}
2015-07-17 14:56 - 2014-12-07 22:52 - 00000000 ____D C:\Users\jiri\AppData\Roaming\vlc
2015-07-16 19:25 - 2014-12-06 14:38 - 01261568 ___SH C:\Users\jiri\Desktop\Thumbs.db
2015-07-16 18:56 - 2014-12-07 14:34 - 00000000 ___RD C:\Users\jiri\Dropbox
2015-07-16 18:56 - 2014-12-07 14:27 - 00000000 ____D C:\Users\jiri\AppData\Roaming\Dropbox
2015-07-16 18:55 - 2014-12-06 14:18 - 00000000 __RDO C:\Users\jiri\SkyDrive
2015-07-16 18:54 - 2014-12-06 14:28 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-16 18:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-16 18:24 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-16 18:24 - 2013-08-22 16:44 - 00482952 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 18:21 - 2013-08-22 15:25 - 01048576 ___SH C:\Windows\system32\config\BBI
2015-07-16 18:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 17:51 - 2014-12-06 14:12 - 00000000 ____D C:\Users\jiri
2015-07-15 19:02 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-15 10:15 - 2014-12-10 20:31 - 00000000 ____D C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii
2015-07-15 09:40 - 2014-12-28 16:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-14 21:40 - 2014-12-06 23:01 - 00005384 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-14 21:12 - 2014-12-26 15:05 - 00340480 ___SH C:\Users\jiri\Downloads\Thumbs.db
2015-07-14 21:01 - 2014-12-06 14:30 - 00002497 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 20:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-07-14 20:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 19:53 - 2014-12-06 14:15 - 00000000 ____D C:\Users\jiri\AppData\Local\Packages
2015-07-12 22:34 - 2014-12-07 00:14 - 00000000 ____D C:\Users\jiri\AppData\Roaming\Skype
2015-07-11 22:55 - 2014-12-07 00:14 - 00000000 ____D C:\ProgramData\Skype
2015-07-11 11:50 - 2014-12-07 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-10 19:16 - 2015-04-17 16:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-03 08:43 - 2014-12-09 18:09 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-17 19:13 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData

==================== Files in the root of some directories =======

2014-12-10 20:34 - 2014-12-10 21:02 - 0000342 _____ () C:\Users\jiri\AppData\Roaming\LiveSupport.exe_log.txt
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\jiri\AppData\Roaming\PXOZYG
2014-12-10 20:34 - 2014-12-10 21:02 - 0000096 _____ () C:\Users\jiri\AppData\Roaming\regsvr32.exe_log.txt
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\jiri\AppData\Roaming\TJBI
2015-01-27 22:56 - 2015-01-27 22:56 - 0000003 _____ () C:\Users\jiri\AppData\Local\updater.log
2015-01-27 22:56 - 2015-04-22 17:59 - 0000424 _____ () C:\Users\jiri\AppData\Local\UserProducts.xml
2015-04-26 19:13 - 2015-04-26 19:13 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip

Some files in TEMP:
====================
C:\Users\jiri\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpecx3g9.dll
C:\Users\jiri\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm6zpqt.dll
C:\Users\jiri\AppData\Local\Temp\msvcp120.dll
C:\Users\jiri\AppData\Local\Temp\msvcr120.dll
C:\Users\jiri\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\jiri\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-11 16:31

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by jiri at 2015-07-17 20:01:24
Running from C:\Users\jiri\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1848993905-3544832549-2625717029-500 - Administrator - Disabled)
Guest (S-1-5-21-1848993905-3544832549-2625717029-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1848993905-3544832549-2625717029-1003 - Limited - Enabled)
jiri (S-1-5-21-1848993905-3544832549-2625717029-1001 - Administrator - Enabled) => C:\Users\jiri

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 8.0 Professional Edition (HKLM-x32\...\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 8.00.1126.4607 - ABBYY Software House)
Adobe Reader XI (11.0.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6081 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4392 - AVG Technologies CZ, s.r.o.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Czech language for ABBYY FineReader 8.0 Professional Edition (HKLM-x32\...\{EA8B4177-020E-481F-B7F4-B3492CA06E25}) (Version: 8.00.1126.00 - ABBYY Software House)
Dropbox (HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1848993905-3544832549-2625717029-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jiri\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

11-07-2015 16:32:42 Windows Update
14-07-2015 19:58:06 Windows Modules Installer
16-07-2015 17:32:24 Windows Modules Installer
17-07-2015 19:47:42 PC Decrapifier Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AC72F5E-9D5E-41D1-B040-401FFD370FAA} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe <==== ATTENTION
Task: {0D3CA7D9-AE25-4404-BA2B-ED59EDCE3FBE} - System32\Tasks\update-S-1-5-21-1848993905-3544832549-2625717029-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {0DF6113C-0569-4900-93ED-BA1F8CD8AA8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {11CD20C6-CF93-4675-B8E9-3FA845B7AAED} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001UA => C:\Users\jiri\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {18291986-EA87-4C4A-805D-5ACF5DBB6FED} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-12-10] ()
Task: {683C53E7-FB44-49F8-8686-40BE4CD99E50} - System32\Tasks\DoctorPC_Popup => C:\Program Files (x86)\Doctor PC\Splash.exe <==== ATTENTION
Task: {76010E39-77DF-408E-AE39-FE8930523DE8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001Core => C:\Users\jiri\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {7A95F116-3586-413B-A811-E766724A6E3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {89FCCAF5-DED2-4249-8F77-36730112DF79} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {A34BB050-8D88-42FD-954F-FF32FC6C9B21} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A8083E29-928B-4C59-8573-73234D419045} - System32\Tasks\Microsoft Office 15 Sync Maintenance for TIELK-jiri Tielk => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation)
Task: {AA1BFE1C-EFF3-4CF2-BE34-EBAC0F199BA7} - System32\Tasks\{BEB1A543-5DD8-4EDD-8126-9E2782D2B803} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" -c /AppMode=SETUP /Uninstall /UDS=1
Task: {BE726A8C-7C5D-4539-9D83-F3474B60B67E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DAF5F564-B9B5-485D-AF9F-B7D191BFECF3} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {E4750FDA-953B-4B62-955B-AAC355D1033C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {E635F780-1B33-4036-B633-29D29E2A1F09} - System32\Tasks\PXOZYG => C:\Users\jiri\AppData\Roaming\PXOZYG.exe <==== ATTENTION
Task: {EDBF4119-2E74-4F0E-A53C-A755BECD95AC} - System32\Tasks\0215tb_RML => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_0215tb.exe
Task: {EF1EA840-90AD-4F24-B759-B3E11CD40A8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-06] (Google Inc.)
Task: {F2038606-8D6C-4B19-96AD-FCC727D96E55} - System32\Tasks\TJBI => C:\Users\jiri\AppData\Roaming\TJBI.exe <==== ATTENTION
Task: {FF1BF897-0ECD-4104-B5F2-DBFA3105185E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0215tb_RML.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_0215tb.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001Core.job => C:\Users\jiri\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1848993905-3544832549-2625717029-1001UA.job => C:\Users\jiri\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PXOZYG.job => C:\Users\jiri\AppData\Roaming\PXOZYG.exe <==== ATTENTION
Task: C:\Windows\Tasks\TJBI.job => C:\Users\jiri\AppData\Roaming\TJBI.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-1848993905-3544832549-2625717029-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-30 09:02 - 2014-01-30 09:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-16 18:56 - 2015-07-16 18:56 - 00043008 _____ () c:\users\jiri\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpecx3g9.dll
2015-07-10 20:24 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-07-10 20:24 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-07-10 20:24 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-07-10 20:24 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-07-10 20:25 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-10 20:25 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-10 20:25 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\jiri\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-14 21:00 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 21:00 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-14 21:00 - 2015-07-13 23:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\jiri\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\jiri\Desktop\WP_20150706_009.jpg:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\Control Panel\Desktop\\Wallpaper -> D:\2012\Iceland\Iceland 2012\2012_08_01\DSC02131.JPG
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\...\StartupApproved\Run: => "ares"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{67747A5E-70E9-4F72-B125-EB0CC8B0940E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{906F5D4E-D841-4232-9B67-91C0CB842D6E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9118BBE2-AD14-4F87-AAF3-A7A9390D045E}C:\users\jiri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiri\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B47F61FF-7EAB-4C26-AFA9-62A1F037F4F1}C:\users\jiri\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jiri\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{7E5B4C7C-45F5-485E-860E-5528F53FD623}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C3EE1D70-3ADC-4216-8147-95178731A226}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9E72B07A-C488-4F4E-9C6D-3204F80B0BA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6C7B4348-392B-4A2B-9E79-440A108830F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2A505708-9B6D-40A5-A9BB-2C5D4E5D360E}] => (Allow) C:\Users\jiri\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6ACBECA6-2C7D-4F93-8196-71AED27D84F6}] => (Allow) C:\Users\jiri\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{377D2B02-8F1C-454F-88FE-4D70506CEAFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8565049A-D69C-472D-AF03-7EA959D01F7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6F83256A-102C-4754-9B9C-FA79ADF60CC8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9E457AAD-9D05-4C08-B6AD-F919B4B3C307}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{143034CE-FB10-43F8-8E44-467F31A6F582}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{94C135E6-7698-4668-A692-1AA761D3CF20}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8F226095-0578-4DA6-BCC7-DB4F234017AE}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{FA297C73-1331-4EA3-A619-C3FEBEA9E5B8}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{629DEE02-397A-4049-878E-B0BB2B356A53}C:\users\jiri\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jiri\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7F8DF8CF-BBBC-4EC7-A136-761F9D679CE9}C:\users\jiri\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jiri\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{3C530F24-DE67-48BF-A5DB-44319D0C8E5C}F:\ares\ares.exe] => (Allow) F:\ares\ares.exe
FirewallRules: [UDP Query User{74124BA1-B058-4EA9-80E4-AF9CC114A746}F:\ares\ares.exe] => (Allow) F:\ares\ares.exe
FirewallRules: [{5E41A698-851F-4E5D-AC30-00EB38B37A8A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{51CC944B-EEBC-4BE9-B84E-A577F1C3904D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5023D482-513D-41BE-84F7-AFB77A4037D0}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{7255519B-399A-41E5-B3CA-19FD94668DF2}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{B80CAADF-05BC-4712-B7D5-828BD7A55A6E}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{4B852ACF-A2FE-47CA-A44E-BFDE1A93D4D9}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{1D9D3A36-5745-449F-9B47-B23BC5BA4AD2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{37DE475F-D817-4F4A-BB1F-E78E84F45D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E143E5F5-340F-455C-B61C-233290D22A84}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9BD00604-534E-450B-8D02-81B6C6A9D8C9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C8692AA0-A4D6-474E-AA4F-A7D855795B7F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{961980E5-E48F-4E47-9F98-D652C897FF73}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [TCP Query User{72779A96-2D2F-4A03-974B-D3DE83102D4A}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{B5ADE32E-2746-4DE9-816E-A28C896B55A1}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{41BCCD90-3869-45BD-B430-40E9C01631C5}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{484E91DF-FB03-4B60-A0B4-5E8C3BAAFE29}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [{5122B703-A426-467E-9459-618043D0666B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{687367C2-4DBC-40E0-B1AD-A6DED56EACC8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A0942AB8-8451-4905-B346-C948A7445542}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{65E63A15-3DDB-4B46-AB03-04A85DAAD38A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{AECC63E4-30CA-4D64-85E7-6E33B38585F7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{81F6F251-154D-41C8-A4A3-A06AB6E5B60D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{94370D85-A7C7-4E03-B804-F3AA176DE8FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2015 07:54:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 07:36:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 07:22:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 07:06:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 06:51:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 06:45:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 06:33:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 06:19:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/17/2015 06:13:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4fc

Start Time: 01d0c0aa3f74575a

Termination Time: 4294967295

Application Path: C:\Windows\system32\backgroundTaskHost.exe

Report Id: b31c78cc-2c9e-11e5-82aa-c8600017b54a

Faulting package full name: 12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37t

Faulting package-relative application ID: App

Error: (07/17/2015 06:04:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Activation of app 12199Asparion.AsparionClock_f89vgcf3qm37t!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (07/16/2015 07:07:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/16/2015 07:07:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/16/2015 07:06:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/16/2015 06:24:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (07/16/2015 05:51:16 PM) (Source: DCOM) (EventID: 10010) (User: TIELK)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (07/15/2015 07:17:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (07/15/2015 07:14:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:47:03 PM on ‎7/‎15/‎2015 was unexpected.

Error: (07/15/2015 06:48:34 PM) (Source: DCOM) (EventID: 10010) (User: TIELK)
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (07/15/2015 09:38:56 AM) (Source: DCOM) (EventID: 10001) (User: TIELK)
Description: "C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca31App.AppXckhq7ex47a0jh2z0wj5cd086mqkeegzy.mcaUnavailableUnavailable

Error: (07/14/2015 08:25:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:03:28 PM on ‎7/‎14/‎2015 was unexpected.


Microsoft Office:
=========================
Error: (07/17/2015 07:54:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 07:36:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 07:22:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 07:06:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 06:51:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 06:45:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 06:33:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142

Error: (07/17/2015 06:19:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (07/17/2015 06:13:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.174154fc01d0c0aa3f74575a4294967295C:\Windows\system32\backgroundTaskHost.exeb31c78cc-2c9e-11e5-82aa-c8600017b54a12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tApp

Error: (07/17/2015 06:04:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TIELK)
Description: 12199Asparion.AsparionClock_f89vgcf3qm37t!App-2144927142


CodeIntegrity Errors:
===================================
Date: 2015-07-16 18:24:59.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-07-15 19:17:18.130
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-21 12:48:22.224
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\jiri\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-21 12:48:18.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B815 @ 1.60GHz
Percentage of memory in use: 87%
Total physical RAM: 1952.12 MB
Available physical RAM: 248.31 MB
Total Virtual: 4000.12 MB
Available Virtual: 1300.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200.09 GB) (Free:121.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:97.66 GB) (Free:4.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=200.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)

==================== End of log ============================

Zdravim

Aplikujte MBAM dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=144868

Mimochodem, nejde mi nějak odstranit AVG z počítače. Nevíte co s tím?

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 7/22/2015
Cas skenování: 7:14 PM
Protokol: log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.22.04
Databáze rootkitu: v2015.07.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: jiri

Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 543082
Uplynulý cas: 4 hod, 0 min, 7 sek

Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíce registru: 64
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [5478ad371c6e072fc568f6d0e51db34d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [5775f9ebf2988caa4891b2dca16305fb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [319b677d7b0f072f7c5d96f82cd822de],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [9b318c587119d95dcb0ff39bbc48ef11],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [bc102abae1a961d5716999f5c34123dd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [3d8f35af2f5b93a33c9ef69803014cb4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [13b910d46d1db68091498e00aa5a39c7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [fbd1eef66b1fff3798427b1335cf9f61],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [b814ca1ad0ba85b1b228d1bd24e0a35d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [16b60ada6b1f72c48d4dff8fa36159a7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [14b8a3410c7e0234c317f39b28dc55ab],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [379584605139fe3829b1325c679d56aa],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [a3296183117955e1eded305e15efd42c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [05c7e2023951a59113c7deb05fa5e31d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [16b68361573362d432a8b9d547bdd52b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [cc00eafa4842f046895175196b999868],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [428a3aaae9a15dd9f7e3494550b49d63],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [ac20a0440a80d066eded612d81831ae6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [616bd21211791026f6e41876b450be42],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [deee15cf4e3cf046a5353955ff0557a9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [4b81e6fe7812280e4793bbd3d13342be],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [c20a20c41872cc6ad109eda1956f23dd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [07c5469e6e1cc17513c7f29cf113b848],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [48845391b1d934027b5f3a5422e2ab55],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [4a821dc7b5d5e84ee6f4345aec1836ca],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [d1fbecf8d1b93cfa22b84d4147bdf40c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [8c40e5ffd8b27db9687235594fb5eb15],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [eddf816397f3c37317a6870f7f85e21e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [9c3031b3a8e2ac8a71689ef000040df3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [6369eff5e4a6db5b4198602ebd47e11f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [b616f1f35634af8779616f1f1de78f71],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [c804e9fb9ceed85e607ac2cc38cc0000],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, , [13b929bbff8bb581ce0c6c222cd8669a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, , [4488c321d9b142f48c4e90fe50b4a858],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [1eae0cd8484255e10fcbcfbff50f45bb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [7656db094b3f85b15981afdf26de659b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [cb0108dc90fa03337862dfafb74d4cb4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [08c4c1230b7f38fe5f7b315dea1a46ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [4e7ece163357142255854d41679d7090],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [e1eb2fb58109a4923c9ee8a616ee17e9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [05c707ddc7c33204dffbb7d7ed175ba5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [f4d8ce16f2984beb1ac0216dbc4810f0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [a428b92b5337c076ac2e1579ff05ee12],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [4389eef64e3cfe388d4d1a744fb546ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [1daf667ecac08ea8d505fb93fd0724dc],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [e3e901e3860460d6f3e7206e6a9ae41c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [d6f69b49b8d276c002d8ef9fc341db25],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [98348e5654369a9c6377523c17edea16],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [ac20e9fbcebc1a1cd00af39b56ae768a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [8c40b52fb1d9c571f5e5d9b5778d946c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [cdffd410fe8c330320ba850902024db3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [8a427d6793f778beb822404ee024857b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [8c4040a41e6c78bed3070e80dc28659b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [f1db7d676921e25406d4305ea16315eb],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [fecea73dc5c5ee48ceef4f4726deb24e],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [725a6e76a1e970c6e6946b268e767789],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [626a766eb3d7f5419adfe825689b9d63],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{525C8329-D698-45DC-B815-A7117AC1DEBD}, , [428aba2ad8b28caa31a9f59e2ed6946c],
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\OPTIMIZER PRO, , [be0ee004eaa089ad8ed40d89a36104fc],

Hodnoty registru: 6
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [eddf816397f3c37317a6870f7f85e21e]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, , [498337addbafdf574e983dcf07fc9769]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [fecea73dc5c5ee48ceef4f4726deb24e]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [626a766eb3d7f5419adfe825689b9d63]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{525C8329-D698-45DC-B815-A7117AC1DEBD}|AppName, f4725313-a7fa-4561-9ae0-2765209f9eb2-2.exe-buttonutil.exe, , [428aba2ad8b28caa31a9f59e2ed6946c]
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-1848993905-3544832549-2625717029-1001\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, http://www.safeshopgate.com/r?s=1210005 ... AFEEF7ABFF, , [be0ee004eaa089ad8ed40d89a36104fc]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.MultiPlug, C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii, , [f9d3c420bdcdfc3a66246926da2a12ee],

Soubory: 4
PUP.Optional.MultiPlug, C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii\lsdb.js, , [f9d3c420bdcdfc3a66246926da2a12ee],
PUP.Optional.MultiPlug, C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii\background.html, , [f9d3c420bdcdfc3a66246926da2a12ee],
PUP.Optional.MultiPlug, C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii\content.js, , [f9d3c420bdcdfc3a66246926da2a12ee],
PUP.Optional.MultiPlug, C:\ProgramData\kioiammmhdbblcdlkafppdopkgancdii\manifest.json, , [f9d3c420bdcdfc3a66246926da2a12ee],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Na AVG zkuste jejich remover http://download.avg.com/filedir/util/su ... 5_5501.exe

Nalezy MBAMu smazte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.208 - Logfile created 23/07/2015 at 17:29:46
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : jiri - TIELK
# Running from : C:\Users\jiri\Desktop\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\4335285852704692826
Folder Deleted : C:\ProgramData\Avg_Update_0215tb
Folder Deleted : C:\ProgramData\Avg_Update_1214tb
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\DeltaFix
Folder Deleted : C:\Users\jiri\AppData\Local\globalUpdate
Folder Deleted : C:\Users\jiri\AppData\Local\Doctor_PC
Folder Deleted : C:\Users\jiri\AppData\Roaming\SkypEmoticons
File Deleted : C:\Users\jiri\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\jiri\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\jiri\AppData\Roaming\PXOZYG
File Deleted : C:\Users\jiri\AppData\Roaming\TJBI

***** [ Scheduled tasks ] *****

Task Deleted : DoctorPC_Popup
Task Deleted : DoctorPC_Start
Task Deleted : update-sys
Task Deleted : PXOZYG
Task Deleted : TJBI
Task Deleted : update-S-1-5-21-1848993905-3544832549-2625717029-1001

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\jiri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.134


*************************

AdwCleaner[R0].txt - [4901 bytes] - [23/07/2015 17:26:36]
AdwCleaner[S0].txt - [4571 bytes] - [23/07/2015 17:29:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4630 bytes] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by jiri on Fri 07/24/2015 at 22:23:29.10.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jiri\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7/24/2015 10:26:49 PM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\90c690fe-bbc2-4b16-995c-8e1770e9e2da deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\Users\jiri\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\jiri\AppData\Local\EmieSiteList deleted successfully
C:\Users\jiri\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1848993905-3544832549-2625717029-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C162FFF-9E5E-4D78-9CD5-F7E4945D71E} deleted successfully
HKEY_USERS\S-1-5-21-1848993905-3544832549-2625717029-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BC04717-6B29-4067-9ECF-FAAB888BAED} deleted successfully
HKEY_USERS\S-1-5-21-1848993905-3544832549-2625717029-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BE8C99-CDF4-45AA-B0F5-C627E8594B9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\90c690fe-bbc2-4b16-995c-8e1770e9e2da not found
C:\PROGRA~2\Seznam.cz not found
C:\Users\jiri\AppData\Local\909 deleted
C:\Users\jiri\.android deleted
C:\Users\jiri\AppData\Local\updater.log deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\tasks\0215tb_RML.job deleted
C:\windows\SysNative\tasks\0215tb_RML deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.2.1.1\DXGIODScreenshot.dll" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.2.1.1\Lightshot.dll" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.2.1.1\Lightshot.exe" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.2.1.1\uploader.dll" deleted
"C:\PROGRA~2\Skillbrains" deleted
"C:\PROGRA~2\Skillbrains\lightshot" deleted
"C:\PROGRA~2\Skillbrains\lightshot\5.2.1.1" deleted

==== Chromium Look ======================

AdBlock - jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Chrome Hotword Shared Module - jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

==== Chromium Startpages ======================

C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Preferences
C1E247EE61FAEA371A70CB91F9F44773D06E844CB","startup_urls":"40E33FF55863C264AFD8C497C330C3D2AE8242F23836E84C8138938DBD8E865B"},"software_reporter":{"prompt_reason":"CCD93E42F860A91C4C3457D9F10132C3CD7BC2DED700ACD485C9FAEA5CB3E165","prompt_seed":"A1D433FA0A17D1FE0EE382032D15E4303D26BC9C42656F1295CEA9361F94980E","prompt_version":"82C9FA0AC0141FF634123F381CE389C610978BCCF891BFCB834F48D0A3A42E2D"},"sync":{"remaining_rollback_tries":"37E97299618983AACACEA4610B5678AE7ECFC0519C377D1A58B9B79274659899"}},"super_mac":"D1FCC9ECA3D6BDBBCB9A3004F05709C0406ABB837CC568A12A09BD2356A17790"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"}}},"session":{"startup_urls":["http://www.google.com/","http://www.seznam.cz/"]},"software_reporter":{"prompt_reason":0,"prompt_version":"2.6.2"},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{52C86353-1964-4281-BF00-B85F667908C7} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"

==== Reset Google Chrome ======================

C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jiri\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jiri\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\jiri\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\jiri\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\jiri\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=72 folders=10 4801349 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\jiri\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\jiri\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Fri 07/24/2015 at 22:48:12.62 ======================

Dejte novy log z FRST