VIRY.CZ

Dobrý večer,

dostal se mi pod ruku nb, ovšem...mrknete a uvidíte sami...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Markéta87 at 2015-08-10 20:00:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 298 GB (59%) free of 502 GB
Total RAM: 8067 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:14, on 10.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Safe mode with network support

Running processes:
C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\trend micro\Markéta87.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... 6104716104
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91072394_hao_pg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hppp ... 6104716104
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91072394_hao_pg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe" /regrun
O4 - HKLM\..\Run: [RSDTRAY] "C:\Program Files (x86)\Rising\RSD\popwndexe.exe"
O4 - HKLM\..\Run: [RavTRAY] "C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE" -system
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [dslToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [apphide] C:\Program Files (x86)\baidu\baidu.exe
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236] "C:\Users\MARKTA~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Markéta87\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{47DC912E-5B20-4E6E-8D73-DF9A69BB67CD}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C5AE75F-D994-485E-A2C2-47645F62F9EC}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{89B36F93-BE81-4B67-97E3-1452E9C6C373}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2E5BD5D-F8FB-4E77-92DE-1CF111C4B79F}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{47DC912E-5B20-4E6E-8D73-DF9A69BB67CD}: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{47DC912E-5B20-4E6E-8D73-DF9A69BB67CD}: NameServer = 52.18.92.32,8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Wire Professional Version (comyninu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Check Service (fchk32) - Unknown owner - C:\Program Files\fchk32\fchk32.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Keypad Optical Character Recognition (hutipezi) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Key In Bold Italic (hyverumu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - Unknown owner - C:\Program Files (x86)\MiuiTab\ProtectService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: jolugepba - Unknown owner - C:\ProgramData\EroBisis\onuwci.exe
O23 - Service: kalghuir - Unknown owner - C:\ProgramData\EroBisis\onuaci.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Rsd Service (RsMgrSvc) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
O23 - Service: Rav Service (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files (x86)\Rising\RAV\ravmond.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: TAOFrame - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TAOFrame.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\ZWinManProZ\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Apple Mobile Device32 (wmpmde) - Unknown owner - C:\Users\Markéta87\AppData\Local\AppleMobile\apple.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 17703 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe" -r
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"H:\Downloads\RSITx64.exe"
"H:\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\2hJnGubrrm8Bt9QUin4iHET.job - C:\Users\Mark�ta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe --c=mJcrZtyUA4fkZfM4a1KcIKPrgv2tpdGgsi1IpPOG2Cn0m2n/JpSYVw0/HbgVZWDujosUtLKRW03ecTWZQO4JvsQd0OJtAW0GfJdu16vYiINJUc1hFdlVVkuuPnTChwBxqriiEdobl87Vj4YfgS8NSVUNtheec0fNG/OgIa6TmAti/72aDKWxGJ9xxGA4mZcGHk1dQrxYaUcPSDzW/J+fHTHelK0ifMyAz/AO4pN67Z5vQ5SehjO4UUcgCbkaiOVP/mXQShGWa03SzMQ+aOld6RbLYQU1WEqpL/O+POPdQonELap1PtcrmgOTMhMvGMZkZZf+89He3Q4oxLL3HpRM9Q==
C:\Windows\tasks\5QK3ByCuNkdKrFCy.job - C:\Users\Mark�ta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe --c=t1wS9iUtP23HRlfcU0mT3ND+IyVSOBef0lLb1qAGLdAsUYWLnKDgM2t6ZUKk9ALlR8GFrHSObyIVGyfv5Ze53xLiRCZcZvD+DCmPSD5awM09OWhr0Wo0/iPjldJP0nR6/JOmoEcATKB/qvLAxVBdfc9eZHbuAXjaBUo963VMcu4PgcM1YXDb03aSxb89BCJLKzim37VkTtu9MQZYFIPv77fFi34cmD/b83Vbu2ro0cIbY/JKN3nAF1FvQiBwNa6iZ+2y6Jer913VLXl/L/oKaNy/iRrIqfISZ+LBuqAEyX0Vbgjn1EPMI8wZJVlxdChO8r1bUkJHasSdQ7Udf6l7Rg==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\cMKwNkW3O2DUMi1t.job - C:\Users\Mark�ta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe --c=HBAdnhvVbYpAr5cZWmQqXLnteHJev4v14RFSflNWapEQGQ2CqcycerlY8UuPKwTdAjo9Qd/z2rXYhkJCe2l5UFvsEOJLWbayo3nCm6feLuPkNNcTBUm9yP2G+FTJwLoep0CBPZfCcx79fNjWLtPghQEKZalTd1buDsfWJh1HE2Bmf0Rcqx5ka8yO37d0bKc8WskRFZrX6WADiMTjwZci17OGQIZD+irupDxr2biT0yylypaozCsvg4LVoaH1BqLgi9CbKbYlFAccmO/iuNDOj1T8RkrS9abqR6xe9qBqRmcNZ1da+HW0QSk1wvjUpMf9gaOM3sy6kIbooq8KM659hg==
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job - C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job - C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job - C:\Users\Markéta87\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ItrzQT15XoSWTWWNWxOWOPc.job - C:\Users\Mark�ta87\AppData\Roaming\ItrzQT15XoSWTWWNWxOWOPc.exe --c=RyOqRR3ipRNOJiYW85ZYYv8JscIpNwyOeX0dpFx1q6zqZ6TqiIrHi47ZN7+4PhNE5OGf/d8FxQpbBlDPc0qzmDNl25zQ2ydYJZN6QOeml/2HVidoDu4+abfBK5w0xMGb6PryiZrJxIBiAPNWBkkNZ/+FwKTjD3PmwOAP65ohZygEPwI+atLS7JX1pg9FIuTZL88DiMKxJmZozbpUhnTiJfGZpikGo0p99hzR7aVr3frzMABDWXflUu09mWu7OSbutICbI3Q1GrzQR+7zSgpaIP8FKIDXtbSDfcVM3dxzAjVceUeUQv+hmVjHnTf0yZbkkqrM2d0UL0J0qHIQznJv/w==
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
C:\Windows\tasks\Tempo Runner onudci.job -
C:\Windows\tasks\Y8wVuTUVeKAiTYXDJY8YIZg4.job - C:\Users\Mark�ta87\AppData\Roaming\Y8wVuTUVeKAiTYXDJY8YIZg4.exe --c=qbzcEhfHko66RECbGAFXxO/kJaBFzqpMWVtIzORyg6yeq/4sZAwvbhCYwjqP+9tgAmMOPhMoIVyuHzIRB4r7JLT76GksiiuoJSimp8XCwYEsosPxS8duNHs8R0BcwJgOdNhT70PT++UaMFdWIpy2uURJGW8tnwHbZJnQspSCzfxAJfiC3BaoKhENbNAxpZSlUlxdx+1A9wOQWuXLTuiru1r8OMQ4aLSD0Sqr0YgG1sbXKLrN97cpKXH6gHYUY7LOHR/znyP/CdWOreEdznDh/JIYbi2SOJyqa/8Ho8LxL37YHwwDPn//mX6Lj8k5kxrwWM0TrTkG+JveYzziBMR2Sg==
C:\Windows\tasks\YP8Vuoi3i.job - C:\Users\Mark�ta87\AppData\Roaming\YP8Vuoi3i.exe --c=iD7hn6MMr7UV63bu2iYHLO/6YYOkisvam7RqOKXHFqUdqXyja8+Wa3Ly4KxzasoOvU+MxQFG1nOF1S7iS0aHSFuVTENWgM16lGtHtyLxi3+kIc69hU16so03UjqqtGOc86mFstiAurSuqJH4rKsnHBAw4rooonBOfk7gFDidrVw/1J5nmJ9GHdMCsch5IQo1yoAD85mxnj7MZV9PzvGohOKdi3kN0DYtPB/Z45nT4y2BQd76FeXPmpd79LXyxbBc/LhfsKrDP7FLjUW0gk5Nzo4dlcKQmovEAmYjTUKvKUfg1ANHDjVpbR6iqAjhbVsPi0VS56cbhuB6aIXSSDOgFA==

=========Mozilla firefox=========

ProfilePath - C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@iqiyi.com/npWebPlayer]
"Description"=pps-webplayer-plugin
"Path"=C:\IQIYI Video\LStyle\npWebPlayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr]
"Description"=QQPCMgr Detector
"Path"=C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\npQMExtensionsMozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rising.com.cn/nprising]
"Description"=
"Path"=C:\Program Files (x86)\Rising\RAV\nprising.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer]
"Description"=pps-webplayer-plugin
"Path"=C:\IQIYI Video\LStyle\npWebPlayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\extensions\
firefoxdav@icloud.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}]
电脑管家网页防火墙 - C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TSWebMon64.dat [2015-08-06 413536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-04-17 2878728]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-19 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-19 439064]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-11-16 11585408]
"SmartAudio"=C:\Program Files\CONEXANT\SA3\SACpl.exe [2012-06-13 1647616]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-11-21 43816]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-11-21 43816]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"Dropbox Update"=C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23 134512]
"apphide"=C:\Program Files (x86)\baidu\baidu.exe [2015-07-22 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236"=C:\Users\MARKTA~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2015-08-10 534528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget]
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2012-02-01 968048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2012-03-07 577024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellStage]
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2012-02-01 2195824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet]
c:\Program Files\Dell\QuickSet\QuickSet.exe [2013-03-05 5762408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Markéta87\AppData\Local\Viber\Viber.exe [2013-12-02 936456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Markéta87^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\MARKTA~1\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-07-24 39179912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-11 642728]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-05-15 60712]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2015-07-11 157992]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe [2015-08-06 355296]
"RSDTRAY"=C:\Program Files (x86)\Rising\RSD\popwndexe.exe [2012-09-25 126808]
"RavTRAY"=C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE [2014-05-15 111000]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2012-01-27 165184]
"dslToasterLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe [2012-01-27 450880]

C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-19 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\QQPCRTP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-10 19:59:02 ----D---- C:\rsit
2015-08-10 16:55:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-06 21:58:31 ----A---- C:\Windows\ntbtlog.txt
2015-08-06 21:52:45 ----A---- C:\Windows\SYSWOW64\drivers\TS888x64.sys
2015-08-06 21:49:14 ----D---- C:\ProgramData\TXQMPC
2015-08-06 21:43:16 ----D---- C:\Program Files (x86)\AnyProtectEx
2015-08-06 21:43:15 ----SHD---- C:\Users\Markéta87\AppData\Roaming\AnyProtectEx
2015-08-06 21:42:23 ----D---- C:\ProgramData\KingSoft
2015-08-06 21:41:45 ----RSH---- C:\rising.ini
2015-08-06 21:41:44 ----N---- C:\Windows\SYSWOW64\vpatch.dll
2015-08-06 21:41:38 ----RD---- C:\RavBin
2015-08-06 21:41:37 ----A---- C:\Windows\SYSWOW64\BsMain.ini
2015-08-06 21:41:31 ----N---- C:\Windows\system32\ravext64.dll
2015-08-06 21:41:30 ----N---- C:\Windows\SYSWOW64\ravext.dll
2015-08-06 21:41:30 ----N---- C:\Windows\SYSWOW64\bsmain.exe
2015-08-06 21:41:12 ----N---- C:\Windows\system32\drivers\sysmon.sys
2015-08-06 21:41:12 ----N---- C:\Windows\system32\drivers\rsutils.sys
2015-08-06 21:41:12 ----N---- C:\Windows\system32\drivers\rsndisp.sys
2015-08-06 21:40:49 ----D---- C:\ProgramData\Rising
2015-08-06 21:40:49 ----D---- C:\Program Files (x86)\Rising
2015-08-06 21:39:16 ----A---- C:\Windows\system32\drivers\TAOAccelerator64.sys
2015-08-06 21:39:13 ----D---- C:\Program Files\Common Files\Tencent
2015-08-06 21:38:53 ----A---- C:\Windows\system32\drivers\TAOKernel64.sys
2015-08-06 21:38:40 ----A---- C:\Windows\system32\drivers\TFsFltX64.sys
2015-08-06 21:37:50 ----D---- C:\Program Files (x86)\Tencent
2015-08-06 21:37:46 ----D---- C:\Users\Markéta87\AppData\Roaming\Tencent
2015-08-06 21:37:45 ----D---- C:\ProgramData\Tencent
2015-08-06 21:04:42 ----D---- C:\ppsfile
2015-08-06 21:04:07 ----D---- C:\IQIYI Video
2015-08-06 21:04:06 ----D---- C:\Users\Markéta87\AppData\Roaming\IQIYI Video
2015-08-06 21:04:03 ----D---- C:\ProgramData\IQIYI Video
2015-08-06 21:01:53 ----D---- C:\ProgramData\IHProtectUpDate
2015-08-06 21:01:29 ----D---- C:\Program Files (x86)\MiuiTab
2015-08-06 21:01:20 ----D---- C:\ProgramData\ZWinManProZ
2015-08-06 21:01:17 ----A---- C:\Windows\prleth.sys
2015-08-06 21:01:17 ----A---- C:\Windows\hgfs.sys
2015-08-06 21:00:44 ----D---- C:\Program Files (x86)\baidu
2015-08-06 20:51:27 ----D---- C:\Program Files\fchk32
2015-08-06 20:50:57 ----D---- C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
2015-08-06 20:50:30 ----D---- C:\ProgramData\EroBisis
2015-08-06 20:47:50 ----D---- C:\Program Files (x86)\globalUpdate
2015-08-06 20:47:14 ----D---- C:\Program Files (x86)\Seznam.cz
2015-08-06 20:46:55 ----D---- C:\Users\Markéta87\AppData\Roaming\Seznam.cz
2015-08-06 20:46:52 ----D---- C:\Users\Markéta87\AppData\Roaming\Opera Software
2015-08-06 20:46:19 ----D---- C:\Program Files (x86)\Opera
2015-07-28 19:37:41 ----A---- C:\Windows\system32\invagent.dll
2015-07-28 19:37:41 ----A---- C:\Windows\system32\generaltel.dll
2015-07-28 19:37:41 ----A---- C:\Windows\system32\devinv.dll
2015-07-28 19:37:41 ----A---- C:\Windows\system32\appraiser.dll
2015-07-28 19:37:41 ----A---- C:\Windows\system32\aeinv.dll
2015-07-28 19:37:41 ----A---- C:\Windows\system32\acmigration.dll
2015-07-28 19:37:40 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-28 19:37:40 ----A---- C:\Windows\system32\aepdu.dll
2015-07-21 17:38:43 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 17:38:43 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 17:38:43 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 17:38:43 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 17:38:43 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 17:38:42 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 17:38:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 17:38:42 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 17:38:42 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 17:38:42 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 17:33:28 ----D---- C:\Program Files\iPod
2015-07-21 17:33:26 ----D---- C:\Program Files\iTunes
2015-07-21 17:33:26 ----D---- C:\Program Files (x86)\iTunes
2015-07-20 18:14:22 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-20 18:14:22 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-20 18:14:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-20 18:14:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-20 18:14:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-20 18:14:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-20 18:14:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-20 18:14:20 ----A---- C:\Windows\system32\wucltux.dll
2015-07-20 18:14:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-20 18:14:20 ----A---- C:\Windows\system32\wuapp.exe
2015-07-20 18:14:20 ----A---- C:\Windows\system32\wuapi.dll
2015-07-20 18:14:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wups2.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wups.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wudriver.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-20 18:14:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-20 18:14:17 ----A---- C:\Windows\system32\win32k.sys
2015-07-20 18:14:10 ----A---- C:\Windows\system32\gdi32.dll
2015-07-20 18:14:05 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-20 18:14:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-20 18:14:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-20 18:14:03 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-20 18:14:03 ----A---- C:\Windows\system32\jscript9.dll
2015-07-20 18:14:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-20 18:14:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-20 18:14:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-20 18:14:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-20 18:14:00 ----A---- C:\Windows\system32\urlmon.dll
2015-07-20 18:13:59 ----A---- C:\Windows\system32\ieui.dll
2015-07-20 18:13:59 ----A---- C:\Windows\system32\ieframe.dll
2015-07-20 18:13:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-20 18:13:58 ----A---- C:\Windows\system32\mshtml.dll
2015-07-20 18:13:58 ----A---- C:\Windows\system32\iertutil.dll
2015-07-20 18:13:55 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-20 18:13:55 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-20 18:13:55 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-20 18:13:54 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-20 18:13:54 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-20 18:13:54 ----A---- C:\Windows\system32\wintrust.dll
2015-07-20 18:13:54 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-20 18:13:54 ----A---- C:\Windows\system32\crypt32.dll
2015-07-20 18:13:49 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-20 18:13:49 ----A---- C:\Windows\system32\ole32.dll
2015-07-20 18:13:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-20 18:13:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-20 18:13:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-20 18:13:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-20 18:13:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-20 18:13:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-20 18:13:43 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-20 18:13:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-20 18:13:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-20 18:13:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-20 18:13:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-20 18:13:43 ----A---- C:\Windows\system32\iernonce.dll
2015-07-20 18:13:43 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-20 18:13:42 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-20 18:13:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-20 18:13:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-20 18:13:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-20 18:13:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-20 18:13:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-20 18:13:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-20 18:13:41 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-20 18:13:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-20 18:13:38 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-20 18:13:38 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-20 18:13:38 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-20 18:13:37 ----A---- C:\Windows\system32\iesetup.dll
2015-07-20 18:13:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-20 18:13:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-20 18:13:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-20 18:13:34 ----A---- C:\Windows\system32\vbscript.dll
2015-07-20 18:13:34 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-20 18:13:33 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-20 18:13:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-20 18:13:28 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-20 18:13:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-20 18:13:27 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-20 18:13:27 ----A---- C:\Windows\system32\jscript.dll
2015-07-20 18:13:25 ----A---- C:\Windows\system32\wininet.dll
2015-07-20 18:13:24 ----A---- C:\Windows\system32\msrating.dll
2015-07-20 18:13:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-20 18:13:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-20 18:13:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-20 18:13:09 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-20 18:13:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-20 18:13:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-20 18:13:09 ----A---- C:\Windows\system32\kerberos.dll
2015-07-20 18:13:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-20 18:13:09 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-20 18:13:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-20 18:13:08 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-20 18:13:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-20 18:13:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\wdigest.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\sspicli.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\schannel.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\secur32.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\msobjs.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\msaudite.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\lsass.exe
2015-07-20 18:13:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-20 18:13:07 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\credssp.dll
2015-07-20 18:13:07 ----A---- C:\Windows\system32\auditpol.exe
2015-07-20 18:13:07 ----A---- C:\Windows\system32\adtschema.dll
2015-07-20 18:12:57 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-20 18:12:57 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-20 18:12:57 ----A---- C:\Windows\system32\msiexec.exe
2015-07-20 18:12:57 ----A---- C:\Windows\system32\msi.dll
2015-07-20 18:12:57 ----A---- C:\Windows\system32\consent.exe
2015-07-20 18:12:57 ----A---- C:\Windows\system32\authui.dll
2015-07-20 18:12:56 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-20 18:12:56 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-20 18:12:56 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-20 18:12:56 ----A---- C:\Windows\system32\msimsg.dll
2015-07-20 18:12:56 ----A---- C:\Windows\system32\msihnd.dll
2015-07-20 18:12:56 ----A---- C:\Windows\system32\appinfo.dll

======List of files/folders modified in the last 1 month======

2015-08-10 20:00:41 ----D---- C:\Program Files\trend micro
2015-08-10 19:57:08 ----D---- C:\Windows\Temp
2015-08-10 19:56:19 ----RD---- C:\Program Files (x86)
2015-08-10 19:56:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-10 17:00:04 ----D---- C:\Users
2015-08-10 16:28:42 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2015-08-10 16:24:04 ----D---- C:\Windows\Tasks
2015-08-10 16:24:04 ----D---- C:\Program Files (x86)\AMD APP
2015-08-06 22:26:26 ----D---- C:\Windows\system32\Tasks
2015-08-06 22:26:02 ----D---- C:\Windows\system32\config
2015-08-06 22:21:47 ----D---- C:\Windows
2015-08-06 22:19:24 ----D---- C:\Windows\SysWOW64
2015-08-06 22:18:43 ----D---- C:\Windows\system32\drivers
2015-08-06 22:04:15 ----RSD---- C:\Windows\Fonts
2015-08-06 21:52:45 ----D---- C:\Windows\SYSWOW64\drivers
2015-08-06 21:50:58 ----D---- C:\Windows\Prefetch
2015-08-06 21:49:14 ----D---- C:\ProgramData
2015-08-06 21:46:52 ----D---- C:\Users\Markéta87\AppData\Roaming\Azureus
2015-08-06 21:41:31 ----D---- C:\Windows\System32
2015-08-06 21:39:13 ----D---- C:\Program Files\Common Files
2015-08-06 21:38:39 ----D---- C:\Program Files (x86)\Common Files
2015-08-06 21:38:21 ----D---- C:\Windows\winsxs
2015-08-06 21:24:02 ----SHD---- C:\Windows\Installer
2015-08-06 21:04:43 ----SHD---- C:\$RECYCLE.BIN
2015-08-06 20:51:27 ----D---- C:\Program Files
2015-08-06 20:27:04 ----SHD---- C:\System Volume Information
2015-08-06 20:24:24 ----D---- C:\Windows\inf
2015-08-06 20:24:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-31 19:10:58 ----D---- C:\Users\Markéta87\AppData\Roaming\Dropbox
2015-07-31 19:05:04 ----D---- C:\Windows\Minidump
2015-07-29 16:30:23 ----SD---- C:\Windows\system32\CompatTel
2015-07-28 19:33:48 ----D---- C:\Windows\SoftwareDistribution
2015-07-26 17:40:14 ----SD---- C:\Windows\system32\GWX
2015-07-21 18:59:50 ----D---- C:\Windows\rescache
2015-07-21 17:51:37 ----D---- C:\Windows\system32\catroot
2015-07-21 17:51:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-21 17:51:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-21 17:51:11 ----D---- C:\Windows\system32\cs-CZ
2015-07-21 17:51:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-21 17:51:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-21 17:51:10 ----D---- C:\Windows\system32\en-US
2015-07-21 17:51:10 ----D---- C:\Program Files\Internet Explorer
2015-07-21 17:51:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-21 17:51:09 ----D---- C:\Windows\system32\wbem
2015-07-21 17:51:09 ----D---- C:\Windows\system32\appraiser
2015-07-21 17:51:09 ----D---- C:\Windows\AppPatch
2015-07-21 17:46:41 ----D---- C:\ProgramData\Microsoft Help
2015-07-21 17:39:40 ----D---- C:\Windows\system32\MRT
2015-07-21 17:33:27 ----D---- C:\Program Files\Common Files\Apple
2015-07-20 19:23:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-20 18:11:53 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2000-01-01 35496]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-08-30 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-08-30 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sysmon;sysmon; C:\Windows\system32\DRIVERS\sysmon.sys [2014-09-10 119344]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-02-26 23760]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 ETD;Dell Touchpad; C:\Windows\system32\DRIVERS\ETD.sys [2014-04-14 359688]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2013-09-10 25528]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-05-31 99800]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2012-09-30 11523072]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-03-09 685160]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-11 34544]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 34816]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
S1 QMUdisk;tencent QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUdisk64.sys [2015-04-17 62264]
S1 rsutils;rsutils; C:\Windows\system32\DRIVERS\rsutils.sys [2014-08-15 69336]
S1 TAOKernelDriver;Tencent Auto Optimize Platform.; C:\Windows\System32\Drivers\TAOKernel64.sys [2015-08-06 174392]
S1 TSDefenseBt;TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TSDefenseBT64.sys [2015-08-06 28472]
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
S2 QQSysMonX64;QQSysMonX64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQSysMonX64.sys [2015-08-06 127800]
S2 TAOAccelerator;Tencent TAOAccelerator driver.; \??\C:\Windows\system32\Drivers\TAOAccelerator64.sys [2015-08-06 99640]
S2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2000-01-01 10679808]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2000-01-01 459264]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-07-18 198144]
S3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-07-18 198144]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-09-26 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-09-26 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-10-30 131968]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-11-06 1345920]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2013-12-20 1607328]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-09-10 35256]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-03-19 14745600]
S3 iscFlash;iscFlash; \??\C:\Users\MARKTA~1\AppData\Local\Temp\7zS9B26.tmp\iscflashx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys [2012-09-05 317584]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-08-06 16152]
S3 TFsFlt;TFsFlt; C:\Windows\system32\Drivers\TFsFltX64.sys [2015-08-06 87864]
S3 TS888x64;TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TS888x64.sys [2015-08-10 28984]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb3Hub;UoIP Hub; C:\Windows\system32\DRIVERS\usb3Hub.sys [2013-06-20 206744]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 QQPCRTP;QQPCMgr RTP Service; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe [2015-08-06 297608]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2000-01-01 239616]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-18 659472]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 60744]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-06 1120192]
S2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-11-06 1361856]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-06 1140672]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-23 135984]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 comyninu;Wire Professional Version; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\hnseEE69.tmp []
S2 CxUtilSvc;CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [2013-12-20 109184]
S2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-05-22 2573520]
S2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-05-22 201936]
S2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-06-09 237272]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 fchk32;Check Service; C:\Program Files\fchk32\fchk32.exe [2015-08-06 379392]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-06 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03 116648]
S2 hutipezi;Keypad Optical Character Recognition; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\knszBB12.tmpfs []
S2 hyverumu;Key In Bold Italic; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\jnstD616.tmp []
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
S2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe []
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-31 169432]
S2 jolugepba;jolugepba; C:\ProgramData\EroBisis\onuwci.exe [2015-07-29 124880]
S2 kalghuir;kalghuir; C:\ProgramData\EroBisis\onuaci.exe [2015-07-29 124880]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-31 368600]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 RsMgrSvc;Rsd Service; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [2014-09-02 179992]
S2 RsRavMon;Rav Service; C:\Program Files (x86)\Rising\RAV\ravmond.exe [2014-05-15 277552]
S2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2012-02-16 1695040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-06-11 20648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-20 268976]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-08-06 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-07-11 644904]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-10 148136]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-06-18 265936]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TAOFrame;TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TAOFrame.exe [2015-08-06 293728]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Provedeno...

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/11/2015 10:09:30 AM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Systém událostí COM+ (EventSystem) is not Running.
Startup Type set to: Automatic

* Centrum zabezpečení (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:


127.0.0.1 localhost
::1 localhost

Program finished at: 08/11/2015 10:12:41 AM
Execution time: 0 hours(s), 3 minute(s), and 10 seconds(s)

# AdwCleaner v4.208 - Log vytvořen 11/08/2015 v 10:17:54
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Markéta87 - MARKÉTA87-PC
# Spuštěno z : C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe
# Nastavení : Sken

***** [ Služby ] *****

Služba Nalezeno : globalUpdate
Služba Nalezeno : globalUpdatem
Služba Nalezeno : IHProtect Service
Služba Nalezeno : QQPCRTP
Služba Nalezeno : WindowsMangerProtect
Služba Nalezeno : TAOAccelerator
Služba Nalezeno : TSDefenseBt
Služba Nalezeno : QMUdisk
Služba Nalezeno : swdumon
Služba Nalezeno : TS888x64
Služba Nalezeno : QQSysMonX64
Služba Nalezeno : TFsFlt
Služba Nalezeno : TAOFrame
Služba Nalezeno : TAOKernelDriver

***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\IQIYI Video
Složka Nalezeno : C:\Program Files (x86)\AnyProtectEx
Složka Nalezeno : C:\Program Files (x86)\Common Files\tencent
Složka Nalezeno : C:\Program Files (x86)\globalUpdate
Složka Nalezeno : C:\Program Files (x86)\miuitab
Složka Nalezeno : C:\Program Files (x86)\tencent
Složka Nalezeno : C:\Program Files\Common Files\tencent
Složka Nalezeno : C:\ProgramData\IHProtectUpDate
Složka Nalezeno : C:\ProgramData\IQIYI Video
Složka Nalezeno : C:\ProgramData\smdmf
Složka Nalezeno : C:\ProgramData\tencent
Složka Nalezeno : C:\ProgramData\TXQMPC
Složka Nalezeno : C:\Users\Markéta87\AppData\Local\globalUpdate
Složka Nalezeno : C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Složka Nalezeno : C:\Users\Markéta87\AppData\Local\slimware utilities inc
Složka Nalezeno : C:\Users\Markéta87\AppData\Local\SysassistByHotWheel
Složka Nalezeno : C:\Users\Markéta87\AppData\Roaming\AnyProtectEx
Složka Nalezeno : C:\Users\Markéta87\AppData\Roaming\FirefoxToolbar
Složka Nalezeno : C:\Users\Markéta87\AppData\Roaming\IQIYI Video
Složka Nalezeno : C:\Users\Markéta87\AppData\Roaming\RHEng
Složka Nalezeno : C:\Users\Markéta87\AppData\Roaming\tencent
Složka Nalezeno : C:\Users\MARKTA~1\AppData\Local\Temp\tencent
Složka Nalezeno : C:\Users\Mark?a87\AppData\Roaming\tencent
Složka Nalezeno : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
Soubor Nalezeno : C:\Users\Markéta87\AppData\Roaming\ItrzQT15XoSWTWWNWxOWOPc
Soubor Nalezeno : C:\Users\Markéta87\AppData\Roaming\ItrzQT15XoSWTWWNWxOWOPc.exe
Soubor Nalezeno : C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\invalidprefs.js
Soubor Nalezeno : C:\Users\Markéta87\AppData\Roaming\Y8wVuTUVeKAiTYXDJY8YIZg4
Soubor Nalezeno : C:\Users\Markéta87\AppData\Roaming\Y8wVuTUVeKAiTYXDJY8YIZg4.exe
Soubor Nalezeno : C:\Windows\shost.bin
Soubor Nalezeno : C:\Windows\System32\drivers\swdumon.sys
Soubor Nalezeno : C:\Windows\System32\drivers\TAOAccelerator64.sys
Soubor Nalezeno : C:\Windows\System32\drivers\TAOKernel64.sys
Soubor Nalezeno : C:\Windows\System32\drivers\TFsFltX64.sys
Soubor Nalezeno : C:\Windows\SysWOW64\drivers\TS888x64.sys

***** [ Naplánované úlohy ] *****

Úloha Nalezeno : AmiUpdXp
Úloha Nalezeno : Crossbrowse
Úloha Nalezeno : globalUpdateUpdateTaskMachineCore
Úloha Nalezeno : globalUpdateUpdateTaskMachineUA
Úloha Nalezeno : amiupdaterExd
Úloha Nalezeno : amiupdaterExi
Úloha Nalezeno : ItrzQT15XoSWTWWNWxOWOPc
Úloha Nalezeno : ItrzQT15XoSWTWWNWxOWOPc
Úloha Nalezeno : Y8wVuTUVeKAiTYXDJY8YIZg4
Úloha Nalezeno : Y8wVuTUVeKAiTYXDJY8YIZg4
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-1-6
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-1-7
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-11
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-3
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-4
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-5
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-6
Úloha Nalezeno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-7
Úloha Nalezeno : f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6
Úloha Nalezeno : f706a8f7-287f-4a40-893c-ca55c01ea0aa-6
Úloha Nalezeno : f7dab28f-9769-4a5d-9f56-e45da253027f-1-6
Úloha Nalezeno : f7dab28f-9769-4a5d-9f56-e45da253027f-6
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-6
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-7
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-4
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-5
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-6
Úloha Nalezeno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Data Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Nalezeno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=14388 ... 6104716104
Klíč Nalezeno : HKCU\Software\AnyProtect
Klíč Nalezeno : HKCU\Software\APN PIP
Klíč Nalezeno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Nalezeno : HKCU\Software\ArenaHD
Klíč Nalezeno : HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : HKCU\Software\Crossbrowse
Klíč Nalezeno : HKCU\Software\GlobalUpdate
Klíč Nalezeno : HKCU\Software\HighDefAction
Klíč Nalezeno : HKCU\Software\HomeTab
Klíč Nalezeno : HKCU\Software\Kromtech
Klíč Nalezeno : HKCU\Software\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E39F6CA-D815-4561-8480-E6EEA1A7D9D3}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
Klíč Nalezeno : HKCU\Software\SearchProtectWS
Klíč Nalezeno : HKCU\Software\simplytech
Klíč Nalezeno : HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : HKCU\Software\SlimWare Utilities Inc
Klíč Nalezeno : HKCU\Software\SmdmF
Klíč Nalezeno : HKCU\Software\TNT2
Klíč Nalezeno : HKCU\Software\WajIEnhance
Klíč Nalezeno : HKCU\Software\WajIntEnhance
Klíč Nalezeno : HKCU\Software\YorkNewCin
Klíč Nalezeno : [x64] HKCU\Software\AnyProtect
Klíč Nalezeno : [x64] HKCU\Software\APN PIP
Klíč Nalezeno : [x64] HKCU\Software\ArenaHD
Klíč Nalezeno : [x64] HKCU\Software\AskPartnerNetwork
Klíč Nalezeno : [x64] HKCU\Software\Crossbrowse
Klíč Nalezeno : [x64] HKCU\Software\GlobalUpdate
Klíč Nalezeno : [x64] HKCU\Software\HighDefAction
Klíč Nalezeno : [x64] HKCU\Software\HomeTab
Klíč Nalezeno : [x64] HKCU\Software\Kromtech
Klíč Nalezeno : [x64] HKCU\Software\Linkey
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E39F6CA-D815-4561-8480-E6EEA1A7D9D3}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Nalezeno : [x64] HKCU\Software\SearchProtectWS
Klíč Nalezeno : [x64] HKCU\Software\simplytech
Klíč Nalezeno : [x64] HKCU\Software\Simplytech\HomeTab
Klíč Nalezeno : [x64] HKCU\Software\SlimWare Utilities Inc
Klíč Nalezeno : [x64] HKCU\Software\SmdmF
Klíč Nalezeno : [x64] HKCU\Software\TNT2
Klíč Nalezeno : [x64] HKCU\Software\WajIEnhance
Klíč Nalezeno : [x64] HKCU\Software\WajIntEnhance
Klíč Nalezeno : [x64] HKCU\Software\YorkNewCin
Klíč Nalezeno : HKLM\SOFTWARE\AIM Toolbar
Klíč Nalezeno : HKLM\SOFTWARE\ArenaHD
Klíč Nalezeno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Nalezeno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Nalezeno : HKLM\SOFTWARE\CLASSES\METNSD
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4-B672-4F3A-8CA2-53C4259235DE}
Klíč Nalezeno : HKLM\SOFTWARE\Conduit
Klíč Nalezeno : HKLM\SOFTWARE\Crossbrowse
Klíč Nalezeno : HKLM\SOFTWARE\GlobalUpdate
Klíč Nalezeno : HKLM\SOFTWARE\HighDefAction
Klíč Nalezeno : HKLM\SOFTWARE\IHProtect
Klíč Nalezeno : HKLM\SOFTWARE\Iminent
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Nalezeno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Nalezeno : HKLM\SOFTWARE\SearchProtect
Klíč Nalezeno : HKLM\SOFTWARE\searchult
Klíč Nalezeno : HKLM\SOFTWARE\SlimWare Utilities Inc
Klíč Nalezeno : HKLM\SOFTWARE\SmdmF
Klíč Nalezeno : HKLM\SOFTWARE\SpeedBit
Klíč Nalezeno : HKLM\SOFTWARE\SupDp
Klíč Nalezeno : HKLM\SOFTWARE\SupTab
Klíč Nalezeno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Nalezeno : HKLM\SOFTWARE\WajIntEnhance
Klíč Nalezeno : HKLM\SOFTWARE\YorkNewCin
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Klíč Nalezeno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Nalezeno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5CD76C57-6893-478A-B776-47E7C82504BE}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Klíč Nalezeno : [x64] HKLM\SOFTWARE\YorkNewCin

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909

Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91072394_hao_pg
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91072394_hao_pg
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104
Nastavení Nalezeno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

-\\ Mozilla Firefox v39.0.3 (x86 cs)

[z49tvocj.default] - Řádek Nalezeno : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&t ... 6104716104");
[z49tvocj.default] - Řádek Nalezeno : user_pref("browser.search.order.1", "default-search.net");
[z49tvocj.default] - Řádek Nalezeno : user_pref("browser.search.selectedEngine", "mystartsearch");
[z49tvocj.default] - Řádek Nalezeno : user_pref("extensions.crossrider.bic", "14f17fa8035e9a29b3e1c1866804568e");

-\\ Google Chrome v44.0.2403.130

[C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Web data] - Nalezeno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Nalezeno [Homepage] : hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R1].txt - [23272 bytů] - [11/08/2015 10:17:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [23331 bytů] ##########

# AdwCleaner v4.208 - Log vytvořen 11/08/2015 v 10:18:51
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Markéta87 - MARKÉTA87-PC
# Spuštěno z : C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
[#] Služba Smazáno : IHProtect Service
[#] Služba Smazáno : QQPCRTP
[#] Služba Smazáno : WindowsMangerProtect
[#] Služba Smazáno : TAOAccelerator
[#] Služba Smazáno : TSDefenseBt
[#] Služba Smazáno : QMUdisk
[#] Služba Smazáno : swdumon
[#] Služba Smazáno : TS888x64
[#] Služba Smazáno : QQSysMonX64
[#] Služba Smazáno : TFsFlt
[#] Služba Smazáno : TAOFrame
[#] Služba Smazáno : TAOKernelDriver

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\IQIYI Video
Složka Smazáno : C:\ProgramData\smdmf
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\ProgramData\IQIYI Video
[!] Složka Smazáno : C:\ProgramData\tencent
Složka Smazáno : C:\ProgramData\TXQMPC
Složka Smazáno : C:\Program Files (x86)\AnyProtectEx
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\tencent
Složka Smazáno : C:\Program Files (x86)\miuitab
Složka Smazáno : C:\Program Files (x86)\Common Files\tencent
Složka Smazáno : C:\Users\MARKTA~1\AppData\Local\Temp\tencent
Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Složka Smazáno : C:\Program Files\Common Files\tencent
Složka Smazáno : C:\Users\Markéta87\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Markéta87\AppData\Local\slimware utilities inc
Složka Smazáno : C:\Users\Markéta87\AppData\Local\SysassistByHotWheel
Složka Smazáno : C:\Users\Markéta87\AppData\Roaming\AnyProtectEx
Složka Smazáno : C:\Users\Markéta87\AppData\Roaming\FirefoxToolbar
Složka Smazáno : C:\Users\Markéta87\AppData\Roaming\RHEng
Složka Smazáno : C:\Users\Markéta87\AppData\Roaming\IQIYI Video
Složka Smazáno : C:\Users\Markéta87\AppData\Roaming\tencent
Složka Smazáno : C:\Users\Mark?a87\AppData\Roaming\tencent
Složka Smazáno : C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Soubor Smazáno : C:\Windows\shost.bin
Soubor Smazáno : C:\Windows\SysWOW64\drivers\TS888x64.sys
Soubor Smazáno : C:\Windows\System32\drivers\swdumon.sys
Soubor Smazáno : C:\Windows\System32\drivers\TAOAccelerator64.sys
Soubor Smazáno : C:\Windows\System32\drivers\TAOKernel64.sys
Soubor Smazáno : C:\Windows\System32\drivers\TFsFltX64.sys
Soubor Smazáno : C:\Users\Markéta87\AppData\Roaming\ItrzQT15XoSWTWWNWxOWOPc
Soubor Smazáno : C:\Users\Markéta87\AppData\Roaming\ItrzQT15XoSWTWWNWxOWOPc.exe
Soubor Smazáno : C:\Users\Markéta87\AppData\Roaming\Y8wVuTUVeKAiTYXDJY8YIZg4
Soubor Smazáno : C:\Users\Markéta87\AppData\Roaming\Y8wVuTUVeKAiTYXDJY8YIZg4.exe
Soubor Smazáno : C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\invalidprefs.js
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : AmiUpdXp
Úloha Smazáno : Crossbrowse
Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
Úloha Smazáno : ItrzQT15XoSWTWWNWxOWOPc
Úloha Smazáno : Y8wVuTUVeKAiTYXDJY8YIZg4
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-1-6
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-1-7
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-11
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-3
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-4
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-5
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-6
Úloha Smazáno : 2baf08be-a43a-44ab-950f-a58cdf6142a1-7
Úloha Smazáno : f706a8f7-287f-4a40-893c-ca55c01ea0aa-1-6
Úloha Smazáno : f706a8f7-287f-4a40-893c-ca55c01ea0aa-6
Úloha Smazáno : f7dab28f-9769-4a5d-9f56-e45da253027f-1-6
Úloha Smazáno : f7dab28f-9769-4a5d-9f56-e45da253027f-6
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-6
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-7
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-4
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-5
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-6
Úloha Smazáno : fad96ebe-31a4-4408-b15f-f66aebe7dfaa-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Klíč Smazáno : HKLM\SOFTWARE\CLASSES\METNSD
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Klíč Smazáno : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4-B672-4F3A-8CA2-53C4259235DE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5CD76C57-6893-478A-B776-47E7C82504BE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0E39F6CA-D815-4561-8480-E6EEA1A7D9D3}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\AnyProtect
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\SmdmF
Klíč Smazáno : HKCU\Software\WajIEnhance
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\WajIntEnhance
Klíč Smazáno : HKCU\Software\SearchProtectWS
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKCU\Software\Linkey
Klíč Smazáno : HKCU\Software\YorkNewCin
Klíč Smazáno : HKCU\Software\HighDefAction
Klíč Smazáno : HKCU\Software\ArenaHD
Klíč Smazáno : HKCU\Software\Kromtech
Klíč Smazáno : HKCU\Software\SlimWare Utilities Inc
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Iminent
Klíč Smazáno : HKLM\SOFTWARE\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\SmdmF
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\SpeedBit
Klíč Smazáno : HKLM\SOFTWARE\AIM Toolbar
Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : HKLM\SOFTWARE\searchult
Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17909

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v39.0.3 (x86 cs)

[z49tvocj.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&t ... 6104716104");
[z49tvocj.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.order.1", "default-search.net");
[z49tvocj.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "mystartsearch");
[z49tvocj.default\prefs.js] - Řádek Smazáno : user_pref("extensions.crossrider.bic", "14f17fa8035e9a29b3e1c1866804568e");

-\\ Google Chrome v44.0.2403.130

[C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Homepage] : hxxp://www.mystartsearch.com/?type=hppp&ts=143 ... 6104716104

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R1].txt - [23594 bytů] - [11/08/2015 10:17:54]
AdwCleaner[S1].txt - [19196 bytů] - [11/08/2015 10:18:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [19255 bytů] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Mark‚ta87 on Łt 11.08.2015 at 15:44:08,14.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\MARKTA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 15:45:41,77 =====

--- Create Environment Variables 15:45:42,58
--- Create System Restore Point 15:46:11,52
--- Checking Input 15:46:11,91
--- Reset Hosts File 15:46:20,71
--- AU AppData Check 15:46:20,92
--- Remove From Windows Installer 15:46:24,26
--- Empty Folders Check 15:47:02,78
--- Registry HKLM Software Check 15:47:02,79
--- IE Startpage Check 15:47:16,04
--- Program Files DB Check 15:47:31,26
--- C:\Users\Default\AppData\ DB Check 15:48:07,18
--- C:\Users\Default User\AppData\ DB Check 15:48:07,18
--- C:\Windows\SysNative\config\systemprofile\AppData\ DB Check 15:48:07,18
--- C:\Windows\sysWoW64\config\systemprofile\AppData\ DB Check 15:48:07,18
--- C:\Windows\serviceprofiles\networkservice\AppData\ DB Check 15:48:07,18
--- C:\Windows\serviceprofiles\Localservice\AppData\ DB Check 15:48:07,18
--- C:\Users\MARKTA~1 DB Check 15:49:35,64
--- C:\PROGRA~3 DB Check 15:49:50,12
--- C:\Users\Default\AppData\Local DB Check 15:49:52,27
--- C:\Users\Default User\AppData\Local DB Check 15:49:52,27
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 15:49:52,27
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 15:49:52,27
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 15:49:52,27

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by Markéta87 (administrator) on MARKÉTA87-PC (11-08-2015 18:34:50)
Running from C:\Users\Markéta87\Desktop
Loaded Profiles: Markéta87 (Available Profiles: Markéta87)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(forum.viry.cz) C:\Users\Markéta87\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2878728 2014-04-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKLM-x32\...\Run: [RavTRAY] => C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE [111000 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2012-01-27] (Softthinks)
HKLM-x32\...\RunOnce: [dslToasterLauncher] => C:\Program Files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe [450880 2012-01-27] (SoftThinks)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [Dropbox Update] => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [69632 2015-07-22] ()
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236] => C:\Users\Markéta87\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-08-10] () <===== ATTENTION
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt [1388 2015-08-11] ()
Startup: C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMGCShellExt64.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
BootExecute: autocheck autochk * bsmain

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4226178262-95834032-4014968802-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{47DC912E-5B20-4E6E-8D73-DF9A69BB67CD}: [NameServer] 52.18.92.32,8.8.8.8
Tcpip\..\Interfaces\{6C5AE75F-D994-485E-A2C2-47645F62F9EC}: [NameServer] 52.18.92.32,8.8.8.8
Tcpip\..\Interfaces\{6C5AE75F-D994-485E-A2C2-47645F62F9EC}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 52.18.92.32,8.8.8.8
Tcpip\..\Interfaces\{89B36F93-BE81-4B67-97E3-1452E9C6C373}: [NameServer] 52.18.92.32,8.8.8.8
Tcpip\..\Interfaces\{E2E5BD5D-F8FB-4E77-92DE-1CF111C4B79F}: [NameServer] 52.18.92.32,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\npQMExtensionsMozilla.dll [No File]
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4226178262-95834032-4014968802-1001: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
FF Plugin HKU\S-1-5-21-4226178262-95834032-4014968802-1001: facebook.com/fbDesktopPlugin -> C:\Users\Markéta87\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Extension: iCloud Bookmarks - C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\Extensions\firefoxdav@icloud.com [2015-05-29]
FF Extension: Adblock Plus - C:\Users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-10]

Chrome:
=======
CHR Profile: C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Markéta87\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2013-12-20] (Conexant Systems, Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-06-09] (Dell Inc.)
S2 fchk32; C:\Program Files\fchk32\fchk32.exe [379392 2015-08-06] () [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-31] (Intel Corporation)
S2 jolugepba; C:\ProgramData\EroBisis\onuwci.exe [124880 2015-07-29] () [File not signed]
S2 kalghuir; C:\ProgramData\EroBisis\onuaci.exe [124880 2015-07-29] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [179992 2014-09-02] (Beijing Rising Information Technology Co., Ltd.)
S2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-09-26] (Microsoft Corporation)
S2 wmpmde; C:\Users\Markéta87\AppData\Local\AppleMobile\apple.exe [38400 2015-08-06] () [File not signed]
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)
S2 comyninu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\hnseEE69.tmp [X]
S2 hutipezi; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\knszBB12.tmpfs [X]
S2 hyverumu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\jnstD616.tmp [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35496 2000-01-01] (Advanced Micro Devices, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-31] (Intel Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [69336 2014-08-15] (Beijing Rising Information Technology Co., Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated)
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys [119344 2014-09-10] (Beijing Rising Information Technology Co., Ltd.)
S3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 iscFlash; \??\C:\Users\MARKTA~1\AppData\Local\Temp\7zS9B26.tmp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 18:34 - 2015-08-11 18:35 - 00019672 _____ C:\Users\Markéta87\Desktop\FRST.txt
2015-08-11 18:34 - 2015-08-11 18:34 - 00029696 _____ C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
2015-08-11 18:34 - 2015-08-11 18:34 - 00015327 _____ C:\Users\Markéta87\Desktop\LM.bat
2015-08-11 18:33 - 2015-08-11 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\Markéta87\Desktop\FRSTLauncher.exe
2015-08-11 18:31 - 2015-08-11 18:34 - 00000000 ____D C:\FRST
2015-08-11 18:31 - 2015-08-11 18:31 - 02171392 _____ (Farbar) C:\Users\Markéta87\Desktop\FRST64.exe
2015-08-11 15:46 - 2015-08-11 15:47 - 00001639 _____ C:\zoek-results.log
2015-08-11 15:45 - 2015-08-11 15:45 - 04328652 _____ C:\Users\Markéta87\Desktop\zoek.rar
2015-08-11 15:44 - 2015-08-11 15:51 - 00002318 _____ C:\runcheck.txt
2015-08-11 15:44 - 2015-08-11 15:44 - 00000000 ____D C:\zoek_backup
2015-08-11 15:43 - 2015-08-11 15:43 - 01308672 _____ C:\Users\Markéta87\Desktop\zoek.exe
2015-08-11 10:28 - 2015-08-11 10:29 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onu6ci.job
2015-08-11 10:17 - 2015-08-11 10:38 - 00000000 ____D C:\AdwCleaner
2015-08-11 10:17 - 2015-08-11 10:17 - 02248704 _____ C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe
2015-08-11 10:09 - 2015-08-11 10:37 - 00002976 _____ C:\Users\Markéta87\Desktop\Rkill.txt
2015-08-11 10:08 - 2015-08-11 10:08 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Markéta87\Desktop\rkill.com
2015-08-10 19:59 - 2015-08-10 19:59 - 00000000 ____D C:\rsit
2015-08-10 17:00 - 2015-08-10 17:00 - 00000000 ____D C:\Users\Mark茅ta87
2015-08-10 16:55 - 2015-08-10 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 22:20 - 2015-08-06 22:26 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onudci.job
2015-08-06 22:19 - 2015-08-06 22:19 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806221924.log
2015-08-06 21:56 - 2015-08-06 22:26 - 00002408 _____ C:\Windows\System32\Tasks\Tempo Runner onudci
2015-08-06 21:52 - 2015-08-06 21:52 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806215224.log
2015-08-06 21:43 - 2015-08-06 21:42 - 00613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp
2015-08-06 21:42 - 2015-08-06 21:42 - 00000000 ____D C:\ProgramData\KingSoft
2015-08-06 21:41 - 2015-08-06 22:20 - 00000000 ___RD C:\RavBin
2015-08-06 21:41 - 2015-08-06 21:41 - 00000150 __RSH C:\rising.ini
2015-08-06 21:41 - 2015-08-06 21:41 - 00000134 _____ C:\Windows\SysWOW64\BsMain.ini
2015-08-06 21:41 - 2014-09-10 08:11 - 00119344 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-08-06 21:41 - 2014-08-15 03:22 - 00069336 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-08-06 21:41 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-06 21:41 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-08-06 21:41 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-08-06 21:41 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-08-06 21:41 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\ProgramData\Rising
2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-06 21:39 - 2015-08-06 21:39 - 00000000 ____D C:\Users\Mark閠a87
2015-08-06 21:38 - 2015-08-06 21:38 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-08-06 21:24 - 2015-08-06 21:24 - 00001020 _____ C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job
2015-08-06 21:04 - 2015-08-06 22:05 - 00000000 ____D C:\Users\Markéta87\AppData\Local\Unity
2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\Users\Public\QiYi
2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\ppsfile
2015-08-06 21:03 - 2015-08-06 21:03 - 00001006 _____ C:\Windows\Tasks\YP8Vuoi3i.job
2015-08-06 21:01 - 2015-08-06 21:02 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\prleth.sys
2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-06 21:00 - 2015-08-06 21:00 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-06 20:51 - 2015-08-10 16:28 - 00000000 ____D C:\Program Files\fchk32
2015-08-06 20:51 - 2015-08-06 20:51 - 00002396 _____ C:\Users\Markéta87\Desktop\DownloadManager.lnk
2015-08-06 20:51 - 2015-08-06 20:51 - 00000000 ____D C:\Users\Markéta87\AppData\Local\AppleMobile
2015-08-06 20:50 - 2015-08-06 22:26 - 00000000 ____D C:\ProgramData\EroBisis
2015-08-06 20:50 - 2015-08-06 22:23 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
2015-08-06 20:49 - 2015-08-06 20:49 - 00001034 _____ C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job
2015-08-06 20:49 - 2015-08-06 20:49 - 00001020 _____ C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job
2015-08-06 20:47 - 2015-08-06 20:47 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-08-06 20:46 - 2015-08-10 16:25 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Seznam.cz
2015-08-06 20:46 - 2015-08-06 20:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-06 20:46 - 2015-08-06 20:46 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Opera Software
2015-08-06 20:46 - 2015-08-06 20:46 - 00000000 ____D C:\Users\Markéta87\AppData\Local\Opera Software
2015-07-31 19:07 - 2015-07-31 19:07 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150731190750.log
2015-07-31 19:05 - 2015-07-31 19:05 - 00291112 _____ C:\Windows\Minidump\073115-24960-01.dmp
2015-07-31 19:04 - 2015-07-31 19:04 - 838565844 _____ C:\Windows\MEMORY.DMP
2015-07-30 17:50 - 2015-07-30 17:50 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 19:37 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 19:37 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 19:37 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 19:37 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 19:37 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 19:37 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 19:37 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 19:37 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-23 16:00 - 2015-07-23 16:00 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150723160039.log
2015-07-21 17:52 - 2015-08-11 18:28 - 00017552 _____ C:\Windows\PFRO.log
2015-07-21 17:38 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 17:38 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 17:38 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 17:38 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 17:38 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 17:38 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 17:38 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 17:38 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 17:38 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 17:38 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 17:35 - 2015-07-21 17:35 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-21 17:35 - 2015-07-21 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-21 17:33 - 2015-07-21 17:35 - 00000000 ____D C:\Program Files\iTunes
2015-07-21 17:33 - 2015-07-21 17:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-21 17:33 - 2015-07-21 17:33 - 00000000 ____D C:\Program Files\iPod
2015-07-20 18:14 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-20 18:14 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-20 18:14 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-20 18:14 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-20 18:14 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-20 18:14 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-20 18:14 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-20 18:14 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-20 18:14 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-20 18:14 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-20 18:14 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-20 18:14 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-20 18:14 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-20 18:14 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-20 18:14 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-20 18:14 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-20 18:14 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-20 18:14 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-20 18:14 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-20 18:14 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-20 18:14 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-20 18:14 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-20 18:14 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-20 18:14 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-20 18:14 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-20 18:13 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-20 18:13 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-20 18:13 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-20 18:13 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-20 18:13 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-20 18:13 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-20 18:13 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-20 18:13 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-20 18:13 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-20 18:13 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-20 18:13 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-20 18:13 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-20 18:13 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-20 18:13 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-20 18:13 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-20 18:13 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-20 18:13 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-20 18:13 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-20 18:13 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-20 18:13 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-20 18:13 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-20 18:13 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-20 18:13 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-20 18:13 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-20 18:13 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-20 18:13 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-20 18:13 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-20 18:13 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-20 18:13 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-20 18:13 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-20 18:13 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-20 18:13 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-20 18:13 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-20 18:13 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-20 18:13 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-20 18:13 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-20 18:13 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-20 18:13 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-20 18:13 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-20 18:13 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-20 18:13 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-20 18:13 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-20 18:13 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-20 18:13 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-20 18:13 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-20 18:13 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-20 18:13 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-20 18:13 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-20 18:13 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-20 18:13 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-20 18:13 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-20 18:13 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-20 18:13 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-20 18:13 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-20 18:13 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-20 18:13 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-20 18:13 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-20 18:13 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-20 18:13 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-20 18:13 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-20 18:13 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-20 18:13 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-20 18:13 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-20 18:13 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-20 18:13 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-20 18:13 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-20 18:13 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-20 18:13 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-20 18:13 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-20 18:13 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-20 18:13 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-20 18:13 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-20 18:13 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-20 18:13 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-20 18:13 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-20 18:13 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-20 18:13 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-20 18:13 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-20 18:13 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-20 18:13 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-20 18:12 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-20 18:12 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-20 18:12 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-20 18:12 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-20 18:12 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-20 18:12 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-20 18:12 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-20 18:12 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-20 18:12 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-20 18:12 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-20 18:12 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-20 18:12 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-13 19:44 - 2015-07-13 10:43 - 00194048 ____N C:\Users\Markéta87\Desktop\pomocna_simulace_uver_od_burinky-2.xls
2015-07-13 19:44 - 2015-07-13 10:43 - 00055296 ____N C:\Users\Markéta87\Desktop\kb-Novotná -urokova-kalkulacka.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-11 10:29 - 2013-09-26 16:26 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-08-11 10:29 - 2013-09-26 16:26 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-08-11 10:28 - 2014-02-14 14:06 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 10:28 - 2014-02-10 12:51 - 00000418 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2015-08-11 10:28 - 2013-09-26 16:16 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-08-11 10:26 - 2015-06-08 19:14 - 00000560 _____ C:\Windows\setupact.log
2015-08-11 10:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-10 20:00 - 2014-02-05 22:43 - 00000000 ____D C:\Program Files\trend micro
2015-08-10 19:56 - 2014-02-11 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-10 16:41 - 2013-09-26 08:44 - 01276081 _____ C:\Windows\WindowsUpdate.log
2015-08-10 16:24 - 2013-12-19 18:59 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-08-10 16:21 - 2014-02-11 19:24 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-10 16:21 - 2014-02-11 19:24 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-10 16:21 - 2013-12-13 15:56 - 00001355 _____ C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-06 22:20 - 2013-12-19 18:42 - 00002852 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2015-08-06 22:17 - 2015-06-23 19:53 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job
2015-08-06 22:16 - 2009-07-14 06:45 - 00419312 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-06 22:07 - 2014-10-11 23:02 - 00109688 _____ C:\Users\Markéta87\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-06 22:02 - 2014-02-03 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-06 21:51 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-06 21:51 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-06 21:46 - 2013-12-18 17:18 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Azureus
2015-08-06 21:43 - 2014-02-20 22:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 21:42 - 2014-11-03 22:37 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job
2015-08-06 21:39 - 2013-12-13 15:55 - 00000000 ____D C:\Users\Markéta87\AppData\Local\VirtualStore
2015-08-06 21:02 - 2014-02-14 14:06 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-06 20:52 - 2014-10-18 18:37 - 00000000 __SHD C:\Users\Markéta87\AppData\Local\EmieUserList
2015-08-06 20:52 - 2014-10-18 18:37 - 00000000 __SHD C:\Users\Markéta87\AppData\Local\EmieSiteList
2015-08-06 20:24 - 2010-11-21 11:27 - 00669830 _____ C:\Windows\system32\perfh005.dat
2015-08-06 20:24 - 2010-11-21 11:27 - 00141956 _____ C:\Windows\system32\perfc005.dat
2015-08-06 20:24 - 2009-07-14 07:13 - 01586648 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-06 17:57 - 2015-06-23 19:53 - 00000882 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job
2015-08-06 17:55 - 2015-06-23 21:53 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-07-31 19:10 - 2013-12-13 17:13 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Dropbox
2015-07-31 19:08 - 2015-04-10 19:25 - 00000000 ___RD C:\Users\Markéta87\iCloudDrive
2015-07-31 19:05 - 2013-12-19 11:56 - 00000000 ____D C:\Windows\Minidump
2015-07-29 16:30 - 2014-05-06 21:51 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-26 17:40 - 2015-04-04 22:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 18:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-21 17:51 - 2015-04-04 22:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-21 17:51 - 2014-12-11 17:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-21 17:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-21 17:46 - 2013-12-13 19:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-21 17:39 - 2013-12-16 12:53 - 00000000 ____D C:\Windows\system32\MRT
2015-07-21 17:33 - 2014-01-09 15:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-20 19:23 - 2014-10-11 23:02 - 00000000 ____D C:\Users\Markéta87\AppData\Local\Adobe
2015-07-20 19:23 - 2013-09-26 15:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 19:23 - 2013-09-26 15:49 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-20 19:23 - 2013-09-26 15:49 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-20 19:22 - 2013-09-26 16:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-20 19:21 - 2015-05-24 13:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:57 - 2014-02-03 18:38 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-20 17:57 - 2014-02-03 18:38 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-20 17:52 - 2015-06-23 19:53 - 00003912 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA
2015-07-20 17:52 - 2015-06-23 19:53 - 00003516 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe
2014-04-25 19:02 - 2014-04-25 20:25 - 0031442 _____ () C:\Users\Markéta87\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
2013-12-13 16:33 - 2014-01-12 21:32 - 0001722 _____ () C:\Users\Markéta87\AppData\Roaming\mscasjrl.dat
2013-12-13 16:33 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\msfvxv.dat
2013-12-13 16:35 - 2014-01-12 21:32 - 0001641 _____ () C:\Users\Markéta87\AppData\Roaming\msvscfu.dat
2013-12-13 16:35 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\mswlhxqo.dat
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i.exe
2015-08-11 18:34 - 2015-08-11 18:34 - 0029696 _____ () C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
2015-08-06 21:43 - 2015-08-06 21:42 - 0613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp
2015-01-14 19:12 - 2015-01-14 19:16 - 0042247 _____ () C:\Users\Markéta87\AppData\Local\WiDiSetupLog.20150114.181226.wdl

Files to move or delete:
====================
C:\Users\Markéta87\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


Some files in TEMP:
====================
C:\Users\Markéta87\AppData\Local\Temp\1457.exe
C:\Users\Markéta87\AppData\Local\Temp\2069.exe
C:\Users\Markéta87\AppData\Local\Temp\4071.exe
C:\Users\Markéta87\AppData\Local\Temp\5250.exe
C:\Users\Markéta87\AppData\Local\Temp\5699.exe
C:\Users\Markéta87\AppData\Local\Temp\7140.exe
C:\Users\Markéta87\AppData\Local\Temp\7za.exe
C:\Users\Markéta87\AppData\Local\Temp\9247.exe
C:\Users\Markéta87\AppData\Local\Temp\bediiieaia.exe
C:\Users\Markéta87\AppData\Local\Temp\bitool.dll
C:\Users\Markéta87\AppData\Local\Temp\DaS_21.exe
C:\Users\Markéta87\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_mbklr.dll
C:\Users\Markéta87\AppData\Local\Temp\failover.exe
C:\Users\Markéta87\AppData\Local\Temp\hijackthis.exe
C:\Users\Markéta87\AppData\Local\Temp\i4jdel0.exe
C:\Users\Markéta87\AppData\Local\Temp\install1804741.exe
C:\Users\Markéta87\AppData\Local\Temp\IQIYIsetup_l_spl004@kb005.exe
C:\Users\Markéta87\AppData\Local\Temp\Jo Nesbo Police__10924_i1574732305_il710576.exe
C:\Users\Markéta87\AppData\Local\Temp\NirCmd.exe
C:\Users\Markéta87\AppData\Local\Temp\nst210C.exe
C:\Users\Markéta87\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Markéta87\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Markéta87\AppData\Local\Temp\PEVZ.EXE
C:\Users\Markéta87\AppData\Local\Temp\qqpcmgr_v10.7.16066.216_71745_Silence.exe
C:\Users\Markéta87\AppData\Local\Temp\Quarantine.exe
C:\Users\Markéta87\AppData\Local\Temp\remove.exe
C:\Users\Markéta87\AppData\Local\Temp\ryvm7kua.dll
C:\Users\Markéta87\AppData\Local\Temp\sed.exe
C:\Users\Markéta87\AppData\Local\Temp\setup.exe
C:\Users\Markéta87\AppData\Local\Temp\setup3.exe
C:\Users\Markéta87\AppData\Local\Temp\shortcut.exe
C:\Users\Markéta87\AppData\Local\Temp\sqlite3.dll
C:\Users\Markéta87\AppData\Local\Temp\swreg.exe
C:\Users\Markéta87\AppData\Local\Temp\swxcacls.exe
C:\Users\Markéta87\AppData\Local\Temp\tsb1yz2i.dll
C:\Users\Markéta87\AppData\Local\Temp\Uninstall.exe
C:\Users\Markéta87\AppData\Local\Temp\wget.exe
C:\Users\Markéta87\AppData\Local\Temp\zoek-delete.exe
C:\Users\Markéta87\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Mark茅ta87\AppData\Local\Temp\TempQMDTLSDKSetup20141114.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-02 09:59

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by Markéta87 (2015-08-11 18:35:46)
Running from C:\Users\Markéta87\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4226178262-95834032-4014968802-500 - Administrator - Disabled)
Guest (S-1-5-21-4226178262-95834032-4014968802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4226178262-95834032-4014968802-1002 - Limited - Enabled)
Markéta87 (S-1-5-21-4226178262-95834032-4014968802-1001 - Administrator - Enabled) => C:\Users\Markéta87

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

adblocker (HKLM-x32\...\{28757020-B5E0-4BDC-8F70-269F23A1C127}) (Version: 1.1.0.31 - adblocker) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{DBFBFCF5-DAFA-FBE2-F0D4-9BF130FE22D0}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{06A333EA-4E9D-4848-865F-FE5A1E12AB30}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.46.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Custom Help (Version: 15.08.0000.0172 - Intel Corporation) Hidden
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.16.1 - ELAN Microelectronic Corp.)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-0081-0405-1000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Video Editor version 1.4.5.1010 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.5.1010 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1550 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1211-148929CC1385}) (Version: 2.6.1211.0294 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{BE7E45FA-7F97-4155-87CF-2DEA398995DA}) (Version: 4.2.21.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{8A99C2B8-2B40-46B2-B900-621DC8E177CF}) (Version: 12.2.1.16 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monitor technologie Intel(R) Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 cs)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 cs)) (Version: 24.6.0 - Mozilla)
MPC-HC 1.7.1 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.1.0 - MPC-HC Team)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhoneClean 3.1.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.1.0 - iMobie Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
PowerXpressHybrid (x32 Version: 1.00.0000 - Název společnosti:) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.54.309.2012 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16500 - Nero AG)
SyncUP (x32 Version: 1.12.11500.11.105 - Nero AG) Hidden
The Godfather™ II (HKLM-x32\...\{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}) (Version: 1.0.764.0 - Electronic Arts)
The Saboteur™ (HKLM-x32\...\{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}) (Version: 1.0.0.0 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Viber (HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4226178262-95834032-4014968802-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226178262-95834032-4014968802-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-4226178262-95834032-4014968802-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-4226178262-95834032-4014968802-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
CustomCLSID: HKU\S-1-5-21-4226178262-95834032-4014968802-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File

==================== Restore Points =========================

22-07-2015 17:22:37 Windows Update
26-07-2015 17:40:38 Windows Update
29-07-2015 16:28:08 Windows Update
02-08-2015 09:59:24 Windows Update
06-08-2015 07:05:26 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-08-11 15:46 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {033D4871-6B42-4233-8198-CE84A86629E4} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {11EA60C9-3E2B-4CF6-B3CB-DD713F954C47} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {18408365-5E41-42BE-83F4-F30DAF092F64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-20] (Adobe Systems Incorporated)
Task: {20EE4BD3-7169-4D5B-9AB7-C48E1173B1BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {49E88158-2957-4F4E-B457-1BA34C6D79B2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {51858964-EEF6-47EF-B9E9-A75BC2E62360} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {56275E1A-FF93-497F-B436-7449F97EC3FF} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {6F4C7200-4CA1-4994-A899-07DE020B2802} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {77EB8710-2D32-462D-A9C6-754768F3FCF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {78B433D5-9D9E-4F48-8E0B-D4AE62E42E04} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core => C:\Users\Markéta87\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-03] (Facebook Inc.)
Task: {82264201-3651-4677-A5EA-845C01007ECC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {8B4F0B88-7FB3-4CFA-B832-83AB626A6170} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {A55E2B27-75AC-4ADF-8555-0520762E04F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03] (Google Inc.)
Task: {B2D24A55-BC88-4624-B355-C5051E35C148} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {BB588D4F-4E88-4C8D-8435-2E1A14D5D82A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {C1AB92E7-CC13-4981-B702-3278CB8C8916} - System32\Tasks\{E43AF900-1795-4C62-8833-E95C032150D5} => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [2012-01-27] (Dell)
Task: {CCD3EE5A-6A00-49C3-89CD-ABEE715505D8} - System32\Tasks\Tempo Runner onudci => C:\ProgramData\EroBisis\onuaci.exe [2015-07-29] ()
Task: {D89466CD-F8A8-4CC4-B31E-CF87C42067DC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {F0B23A63-FD42-4520-98B1-0C9C33889B6D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job => C:\Users\Mark�ta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe <==== ATTENTION
Task: C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job => C:\Users\Mark�ta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job => C:\Users\Mark�ta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\Tempo Runner onu6ci.job => C:\ProgramData\EroBisis\onuaci.exe+/dgad C:\ProgramData\EroBisis\onu6ci.exe
Task: C:\Windows\Tasks\Tempo Runner onudci.job => 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\YP8Vuoi3i.job => C:\Users\Mark�ta87\AppData\Roaming\YP8Vuoi3i.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\dell.com -> dell.com

IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 52.18.92.32 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Markéta87^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: QuickSet => c:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Viber => "C:\Users\Markéta87\AppData\Local\Viber\Viber.exe" StartMinimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{007D94F3-690F-4612-BC27-A7A7EEB57CFC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0A1949B8-6CF7-45A8-92F2-1B9DAB0EE827}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EEFE7202-B83F-46C5-8BB2-87AF226CE857}] => (Allow) LPort=2869
FirewallRules: [{9ECD95F6-04AC-40B0-90FB-4AEFBE18150C}] => (Allow) LPort=1900
FirewallRules: [{FDFEDD71-829F-4390-837E-CB5C3F29EECC}] => (Allow) LPort=9700
FirewallRules: [{59EE315B-8811-43F2-A7E2-B85DC40EB746}] => (Allow) LPort=9701
FirewallRules: [{A3581998-3F2D-45E1-AB93-B1624F7B19DC}] => (Allow) LPort=9702
FirewallRules: [{C82386E7-7122-41CF-827D-2D4CECAE566D}] => (Allow) LPort=9700
FirewallRules: [{DC4A4358-4CD1-4EE7-BDED-884935D49CE5}] => (Allow) C:\Users\Markéta87\AppData\Local\Viber\Viber.exe
FirewallRules: [{EE067FE4-0CFE-456E-B37F-3099C11CA90E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{E744A69C-0586-49A1-B56F-40A2BA644EB1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{F26791BA-CBD2-4A8F-B53D-E342E93F5CDC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{25E50F6A-5CB9-4D0D-B935-68AB88EB43F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{713C251A-A3D8-4325-95E2-B08A57E64D17}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C5F2BCD-5B4E-4CC5-8C61-26BD06A77943}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9524516-6945-4BDC-8BD5-402CDA6EDB84}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{ACAD6E12-8425-47F9-840C-83B9FB92DA0A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{223225DE-AF67-4B5C-AFAA-C56ACEBB5D07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{17B3A5C4-4EF8-467E-9476-84893DE8E271}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4875FFD4-67CC-40E7-8CD9-2A5C19CDFD3B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{A5275CDC-7070-4B44-9361-1C78310DB1A7}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{9E10D0FD-89C9-4BB3-ACCA-C323A147263F}] => (Allow) C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{ED059E87-C79F-43DD-94C6-3A5C31997C98}C:\users\markéta87\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markéta87\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{204D0430-948A-486B-881A-4530C21466FE}C:\users\markéta87\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\markéta87\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{63E26F0E-F31C-4A55-9961-59C407776FDF}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{450AA142-E81F-44EC-8C47-0E638F6116B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5E13C9AA-B068-40A2-a4AF-A24758A869DE}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{242BE609-BDDD-4ED8-A797-1B9F7E77E042}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{28BFB284-EE04-4D96-92A2-79511178ED99}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{FF4A5CFC-5DE8-48F8-987C-6DB990FA6E6E}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{DA0DCAD2-48C2-4D37-B18C-88E4D62E5E81}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{013DC9B8-870D-4A5E-9BCF-F91A71A52485}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{3D8F4F14-765F-4930-807D-ECABCDFCFD17}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{BB24D7E6-1D4E-4C0C-AF56-C6EB293A7A7F}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{EFCB3887-1C7F-4110-ADBE-055E79BDA721}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{0841CFB4-6532-469B-AB79-F7CC470C3986}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{2F749E93-4570-4601-82F2-1FED881B53D7}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{00B1A733-42A1-4BE6-B8DF-1363DA8A57C9}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{3D2395CD-02CF-4101-92D9-22EEAE6D5DE1}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{B1930EB7-36D8-4794-90DC-A97D53A1D5CB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCmgrInstallGuide.exe
FirewallRules: [{F6776267-251E-4CF8-A01C-E9965108415F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe
FirewallRules: [{806BA7E1-F030-42DA-861E-78BFF03C2F82}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCMgr.exe
FirewallRules: [{9895529C-DA2F-4D76-BDC3-71C399EB5E7D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
FirewallRules: [{89856A2A-F349-4E87-9FB4-03D107A18151}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMDL.exe
FirewallRules: [{09D03DBC-AB45-4C1D-89FB-888D3D1FD3DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\bugreport.exe
FirewallRules: [{1573280B-8010-405E-80C5-C24A62BF3186}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCFileOpen.exe
FirewallRules: [{2A90B148-A3CD-4B4A-8DE9-01892880823C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLeakScan.exe
FirewallRules: [{349B57DA-4F00-4699-B2C6-3F5B4F3C066D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPConfig.exe
FirewallRules: [{D15495D4-E4CC-40C6-AB13-68A23227DD98}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftMgr.exe
FirewallRules: [{4CB9B5FE-A27C-47D0-9212-96C82E22BDC6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{CAEF55A0-E7D2-4194-957A-DF5F01FA60EE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCBTU.exe
FirewallRules: [{BC3E9919-BA92-44AE-8F9D-97B1EF9FFC65}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCClinic.exe
FirewallRules: [{C6B7F880-C9BA-4716-B6C2-8B76A0DC7AF3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLaunch.exe
FirewallRules: [{526F04F5-D6F9-4BE5-8EB2-3F97BEC22C93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{0ACAC300-17F9-4528-B34B-7E4F68B5A626}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftGame.exe
FirewallRules: [{45FBAA17-ED7C-41B1-B626-1A20648787F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSysOptimize.exe
FirewallRules: [{4FD7C6F4-B00C-4074-9BD5-5476A8C58521}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCUpdateAVLib.exe
FirewallRules: [{7529AFD0-B4FA-47D7-8EC2-A174FBD0A7AC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQRepair.exe
FirewallRules: [{F79E6020-2132-4BA1-BEBE-27BAF724FCDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\Uninst.exe
FirewallRules: [{6E2A4CC3-B607-4F13-B20A-C1CBA7B40572}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCPatch.exe
FirewallRules: [{CCCC9CC0-C176-46AC-81C1-97AABF6B75F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TpkUpdate.exe
FirewallRules: [{5D5D31AA-646A-4F97-87C5-31BF44BC9D7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMRouterMgr.exe
FirewallRules: [{3D30B992-E1CC-43C3-9A43-336D9DE58B09}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMAccountProtection.exe
FirewallRules: [{76D3C782-1EC1-46D8-BE69-EF64FDB31BE5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{C99114C8-57E9-4045-AD8C-9F4CE14BE68C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{3D210778-74AB-4FC1-9379-ED0CB48F9EE2}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{6C7FB8DC-706F-43D6-B3D0-D7EB285F2878}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2015 06:29:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 03:46:11 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Popis = zoek.exe restore point; Chyba = 0x8007043c).

Error: (08/11/2015 10:41:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 10:32:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 10:28:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.1.0.0, časové razítko: 0x53a1e6e1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869, časové razítko: 0x556366fd
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000000b3dd
ID chybujícího procesu: 0xbc0
Čas spuštění chybující aplikace: 0xZeroConfigService.exe0
Cesta k chybující aplikaci: ZeroConfigService.exe1
Cesta k chybujícímu modulu: ZeroConfigService.exe2
ID zprávy: ZeroConfigService.exe3

Error: (08/11/2015 10:27:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 10:22:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 10:19:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (08/11/2015 10:15:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2015 10:03:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/11/2015 06:35:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:35:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:35:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:31:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:31:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:31:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:30:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:30:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:30:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (08/11/2015 06:29:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1068


Microsoft Office:
=========================

CodeIntegrity:
===================================
Date: 2015-08-10 16:27:00.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:22.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:20.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:15.325
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:14.752
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:13.886
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:12.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:23:10.502
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:22:45.890
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 22:22:45.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\CX64AP71.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 11%
Total physical RAM: 8067.36 MB
Available physical RAM: 7099.75 MB
Total Virtual: 16132.92 MB
Available Virtual: 15211.72 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:489.79 GB) (Free:290.39 GB) NTFS
Drive h: (Disk) (Fixed) (Total:429.92 GB) (Free:215.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 1B177756)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=489.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=429.9 GB) - (Type=OF Extended)

==================== End of log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
  HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe" /regrun
  HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
  HKLM-x32\...\Run: [RavTRAY] => C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE [111000 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [Dropbox Update] => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [69632 2015-07-22] ()
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236] => C:\Users\Markéta87\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-08-10] () <===== ATTENTION
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt [1388 2015-08-11] ()
  Startup: C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-10]
  ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMGCShellExt64.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
  BootExecute: autocheck autochk * bsmain
  
  HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  
  FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\npQMExtensionsMozilla.dll [No File]
  FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
  FF Plugin HKU\S-1-5-21-4226178262-95834032-4014968802-1001: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
  FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-10]
  
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  
  S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  S2 fchk32; C:\Program Files\fchk32\fchk32.exe [379392 2015-08-06] () [File not signed]
  S2 jolugepba; C:\ProgramData\EroBisis\onuwci.exe [124880 2015-07-29] () [File not signed]
  S2 kalghuir; C:\ProgramData\EroBisis\onuaci.exe [124880 2015-07-29] () [File not signed]
  S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [179992 2014-09-02] (Beijing Rising Information Technology Co., Ltd.)
  S2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
  S2 comyninu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\hnseEE69.tmp [X]
  S2 hutipezi; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\knszBB12.tmpfs [X]
  S2 hyverumu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\jnstD616.tmp [X]
  S3 iscFlash; \??\C:\Users\MARKTA~1\AppData\Local\Temp\7zS9B26.tmp\iscflashx64.sys [X]
  
  C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
  C:\ProgramData\EroBisis
  C:\Program Files\fchk32
  C:\Program Files (x86)\Tencent
  C:\Program Files (x86)\baidu
  C:\Program Files (x86)\Rising
  C:\Program Files (x86)\Skype\Toolbars
  2015-08-11 18:34 - 2015-08-11 18:35 - 00019672 _____ C:\Users\Markéta87\Desktop\FRST.txt
  2015-08-11 18:34 - 2015-08-11 18:34 - 00029696 _____ C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
  2015-08-11 18:34 - 2015-08-11 18:34 - 00015327 _____ C:\Users\Markéta87\Desktop\LM.bat
  2015-08-11 18:33 - 2015-08-11 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\Markéta87\Desktop\FRSTLauncher.exe
  2015-08-11 15:46 - 2015-08-11 15:47 - 00001639 _____ C:\zoek-results.log
  2015-08-11 15:45 - 2015-08-11 15:45 - 04328652 _____ C:\Users\Markéta87\Desktop\zoek.rar
  2015-08-11 15:44 - 2015-08-11 15:51 - 00002318 _____ C:\runcheck.txt
  2015-08-11 15:44 - 2015-08-11 15:44 - 00000000 ____D C:\zoek_backup
  2015-08-11 15:43 - 2015-08-11 15:43 - 01308672 _____ C:\Users\Markéta87\Desktop\zoek.exe
  2015-08-11 10:28 - 2015-08-11 10:29 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onu6ci.job
  2015-08-11 10:17 - 2015-08-11 10:38 - 00000000 ____D C:\AdwCleaner
  2015-08-11 10:17 - 2015-08-11 10:17 - 02248704 _____ C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe
  2015-08-11 10:09 - 2015-08-11 10:37 - 00002976 _____ C:\Users\Markéta87\Desktop\Rkill.txt
  2015-08-11 10:08 - 2015-08-11 10:08 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Markéta87\Desktop\rkill.com
  2015-08-10 19:59 - 2015-08-10 19:59 - 00000000 ____D C:\rsit
  2015-08-06 22:20 - 2015-08-06 22:26 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onudci.job
  2015-08-06 22:19 - 2015-08-06 22:19 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806221924.log
  2015-08-06 21:56 - 2015-08-06 22:26 - 00002408 _____ C:\Windows\System32\Tasks\Tempo Runner onudci
  2015-08-06 21:52 - 2015-08-06 21:52 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806215224.log
  2015-08-06 21:43 - 2015-08-06 21:42 - 00613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp
  2015-08-06 21:41 - 2014-09-10 08:11 - 00119344 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
  2015-08-06 21:41 - 2014-08-15 03:22 - 00069336 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
  2015-08-06 21:41 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
  2015-08-06 21:41 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
  2015-08-06 21:41 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
  2015-08-06 21:41 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
  2015-08-06 21:41 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
  2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\ProgramData\Rising
  2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\Program Files (x86)\Rising
  2015-08-06 21:38 - 2015-08-06 21:38 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
  2015-08-06 21:24 - 2015-08-06 21:24 - 00001020 _____ C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job
  2015-08-06 21:04 - 2015-08-06 22:05 - 00000000 ____D C:\Users\Markéta87\AppData\Local\Unity
  2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\Users\Public\QiYi
  2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\ppsfile
  2015-08-06 21:03 - 2015-08-06 21:03 - 00001006 _____ C:\Windows\Tasks\YP8Vuoi3i.job
  2015-08-06 21:01 - 2015-08-06 21:02 - 00000000 ____D C:\ProgramData\ZWinManProZ
  2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\prleth.sys
  2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\hgfs.sys
  2015-08-06 21:00 - 2015-08-06 21:00 - 00000000 ____D C:\Program Files (x86)\baidu
  2015-08-06 20:51 - 2015-08-10 16:28 - 00000000 ____D C:\Program Files\fchk32
  015-08-06 20:50 - 2015-08-06 22:23 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
  2015-08-06 20:49 - 2015-08-06 20:49 - 00001034 _____ C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job
  2015-08-06 20:49 - 2015-08-06 20:49 - 00001020 _____ C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job
  2015-07-31 19:07 - 2015-07-31 19:07 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150731190750.log
  2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET
  2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe
  2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy
  2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe
  2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t
  2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe
  2013-12-13 16:33 - 2014-01-12 21:32 - 0001722 _____ () C:\Users\Markéta87\AppData\Roaming\mscasjrl.dat
  2013-12-13 16:33 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\msfvxv.dat
  2013-12-13 16:35 - 2014-01-12 21:32 - 0001641 _____ () C:\Users\Markéta87\AppData\Roaming\msvscfu.dat
  2013-12-13 16:35 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\mswlhxqo.dat
  2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i
  2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i.exe
  2015-08-11 18:34 - 2015-08-11 18:34 - 0029696 _____ () C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
  2015-08-06 21:43 - 2015-08-06 21:42 - 0613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp
  
  AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
  AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
  AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
  AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}
  
  Task: C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job => C:\Users\Mark�ta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe <==== ATTENTION
  Task: C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job => C:\Users\Mark�ta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe <==== ATTENTION
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job => C:\Users\Mark�ta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe <==== ATTENTION
  Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
  Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
  Task: C:\Windows\Tasks\Tempo Runner onu6ci.job => C:\ProgramData\EroBisis\onuaci.exe+/dgad C:\ProgramData\EroBisis\onu6ci.exe
  Task: C:\Windows\Tasks\Tempo Runner onudci.job => 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  Task: C:\Windows\Tasks\YP8Vuoi3i.job => C:\Users\Mark�ta87\AppData\Roaming\YP8Vuoi3i.exe <==== ATTENTION
  
  FirewallRules: [{EEFE7202-B83F-46C5-8BB2-87AF226CE857}] => (Allow) LPort=2869
  FirewallRules: [{9ECD95F6-04AC-40B0-90FB-4AEFBE18150C}] => (Allow) LPort=1900
  FirewallRules: [{FDFEDD71-829F-4390-837E-CB5C3F29EECC}] => (Allow) LPort=9700
  FirewallRules: [{59EE315B-8811-43F2-A7E2-B85DC40EB746}] => (Allow) LPort=9701
  FirewallRules: [{A3581998-3F2D-45E1-AB93-B1624F7B19DC}] => (Allow) LPort=9702
  FirewallRules: [{C82386E7-7122-41CF-827D-2D4CECAE566D}] => (Allow) LPort=9700
  FirewallRules: [{5E13C9AA-B068-40A2-a4AF-A24758A869DE}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
  FirewallRules: [{242BE609-BDDD-4ED8-A797-1B9F7E77E042}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
  FirewallRules: [{28BFB284-EE04-4D96-92A2-79511178ED99}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
  FirewallRules: [{FF4A5CFC-5DE8-48F8-987C-6DB990FA6E6E}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
  FirewallRules: [{DA0DCAD2-48C2-4D37-B18C-88E4D62E5E81}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
  FirewallRules: [{013DC9B8-870D-4A5E-9BCF-F91A71A52485}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
  FirewallRules: [{3D8F4F14-765F-4930-807D-ECABCDFCFD17}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
  FirewallRules: [{BB24D7E6-1D4E-4C0C-AF56-C6EB293A7A7F}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
  FirewallRules: [{EFCB3887-1C7F-4110-ADBE-055E79BDA721}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
  FirewallRules: [{0841CFB4-6532-469B-AB79-F7CC470C3986}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
  FirewallRules: [{2F749E93-4570-4601-82F2-1FED881B53D7}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
  FirewallRules: [{00B1A733-42A1-4BE6-B8DF-1363DA8A57C9}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
  FirewallRules: [{3D2395CD-02CF-4101-92D9-22EEAE6D5DE1}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
  FirewallRules: [{B1930EB7-36D8-4794-90DC-A97D53A1D5CB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCmgrInstallGuide.exe
  FirewallRules: [{F6776267-251E-4CF8-A01C-E9965108415F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe
  FirewallRules: [{806BA7E1-F030-42DA-861E-78BFF03C2F82}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCMgr.exe
  FirewallRules: [{9895529C-DA2F-4D76-BDC3-71C399EB5E7D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
  FirewallRules: [{89856A2A-F349-4E87-9FB4-03D107A18151}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMDL.exe
  FirewallRules: [{09D03DBC-AB45-4C1D-89FB-888D3D1FD3DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\bugreport.exe
  FirewallRules: [{1573280B-8010-405E-80C5-C24A62BF3186}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCFileOpen.exe
  FirewallRules: [{2A90B148-A3CD-4B4A-8DE9-01892880823C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLeakScan.exe
  FirewallRules: [{349B57DA-4F00-4699-B2C6-3F5B4F3C066D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPConfig.exe
  FirewallRules: [{D15495D4-E4CC-40C6-AB13-68A23227DD98}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftMgr.exe
  FirewallRules: [{4CB9B5FE-A27C-47D0-9212-96C82E22BDC6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe
  FirewallRules: [{CAEF55A0-E7D2-4194-957A-DF5F01FA60EE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCBTU.exe
  FirewallRules: [{BC3E9919-BA92-44AE-8F9D-97B1EF9FFC65}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCClinic.exe
  FirewallRules: [{C6B7F880-C9BA-4716-B6C2-8B76A0DC7AF3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLaunch.exe
  FirewallRules: [{526F04F5-D6F9-4BE5-8EB2-3F97BEC22C93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUpdate\QQPCMgrUpdate.exe
  FirewallRules: [{0ACAC300-17F9-4528-B34B-7E4F68B5A626}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftGame.exe
  FirewallRules: [{45FBAA17-ED7C-41B1-B626-1A20648787F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSysOptimize.exe
  FirewallRules: [{4FD7C6F4-B00C-4074-9BD5-5476A8C58521}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCUpdateAVLib.exe
  FirewallRules: [{7529AFD0-B4FA-47D7-8EC2-A174FBD0A7AC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQRepair.exe
  FirewallRules: [{F79E6020-2132-4BA1-BEBE-27BAF724FCDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\Uninst.exe
  FirewallRules: [{6E2A4CC3-B607-4F13-B20A-C1CBA7B40572}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCPatch.exe
  FirewallRules: [{CCCC9CC0-C176-46AC-81C1-97AABF6B75F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TpkUpdate.exe
  FirewallRules: [{5D5D31AA-646A-4F97-87C5-31BF44BC9D7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMRouterMgr.exe
  FirewallRules: [{3D30B992-E1CC-43C3-9A43-336D9DE58B09}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMAccountProtection.exe
  FirewallRules: [{76D3C782-1EC1-46D8-BE69-EF64FDB31BE5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
  FirewallRules: [{C99114C8-57E9-4045-AD8C-9F4CE14BE68C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
  FirewallRules: [{3D210778-74AB-4FC1-9379-ED0CB48F9EE2}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
  FirewallRules: [{6C7FB8DC-706F-43D6-B3D0-D7EB285F2878}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.ex
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:11-08-2015 02
Ran by Markéta87 (2015-08-11 22:00:18) Run:1
Running from C:\Users\Markéta87\Desktop
Loaded Profiles: Markéta87 (Available Profiles: Markéta87)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [RSDTRAY] => C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808 2012-09-25] (Beijing Rising Information Technology Co., Ltd.)
HKLM-x32\...\Run: [RavTRAY] => C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE [111000 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [Dropbox Update] => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [69632 2015-07-22] ()
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236] => C:\Users\Markéta87\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-08-10] () <===== ATTENTION
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt [1388 2015-08-11] ()
Startup: C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-10]
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMGCShellExt64.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Markéta87\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File
BootExecute: autocheck autochk * bsmain

HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\npQMExtensionsMozilla.dll [No File]
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
FF Plugin HKU\S-1-5-21-4226178262-95834032-4014968802-1001: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [2013-06-27] (Beijing Rising Information Technology Co., Ltd.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-10]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 fchk32; C:\Program Files\fchk32\fchk32.exe [379392 2015-08-06] () [File not signed]
S2 jolugepba; C:\ProgramData\EroBisis\onuwci.exe [124880 2015-07-29] () [File not signed]
S2 kalghuir; C:\ProgramData\EroBisis\onuaci.exe [124880 2015-07-29] () [File not signed]
S2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [179992 2014-09-02] (Beijing Rising Information Technology Co., Ltd.)
S2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
S2 comyninu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\hnseEE69.tmp [X]
S2 hutipezi; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\knszBB12.tmpfs [X]
S2 hyverumu; C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831\jnstD616.tmp [X]
S3 iscFlash; \??\C:\Users\MARKTA~1\AppData\Local\Temp\7zS9B26.tmp\iscflashx64.sys [X]

C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
C:\ProgramData\EroBisis
C:\Program Files\fchk32
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\baidu
C:\Program Files (x86)\Rising
C:\Program Files (x86)\Skype\Toolbars
2015-08-11 18:34 - 2015-08-11 18:35 - 00019672 _____ C:\Users\Markéta87\Desktop\FRST.txt
2015-08-11 18:34 - 2015-08-11 18:34 - 00029696 _____ C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
2015-08-11 18:34 - 2015-08-11 18:34 - 00015327 _____ C:\Users\Markéta87\Desktop\LM.bat
2015-08-11 18:33 - 2015-08-11 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\Markéta87\Desktop\FRSTLauncher.exe
2015-08-11 15:46 - 2015-08-11 15:47 - 00001639 _____ C:\zoek-results.log
2015-08-11 15:45 - 2015-08-11 15:45 - 04328652 _____ C:\Users\Markéta87\Desktop\zoek.rar
2015-08-11 15:44 - 2015-08-11 15:51 - 00002318 _____ C:\runcheck.txt
2015-08-11 15:44 - 2015-08-11 15:44 - 00000000 ____D C:\zoek_backup
2015-08-11 15:43 - 2015-08-11 15:43 - 01308672 _____ C:\Users\Markéta87\Desktop\zoek.exe
2015-08-11 10:28 - 2015-08-11 10:29 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onu6ci.job
2015-08-11 10:17 - 2015-08-11 10:38 - 00000000 ____D C:\AdwCleaner
2015-08-11 10:17 - 2015-08-11 10:17 - 02248704 _____ C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe
2015-08-11 10:09 - 2015-08-11 10:37 - 00002976 _____ C:\Users\Markéta87\Desktop\Rkill.txt
2015-08-11 10:08 - 2015-08-11 10:08 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Markéta87\Desktop\rkill.com
2015-08-10 19:59 - 2015-08-10 19:59 - 00000000 ____D C:\rsit
2015-08-06 22:20 - 2015-08-06 22:26 - 00000264 _____ C:\Windows\Tasks\Tempo Runner onudci.job
2015-08-06 22:19 - 2015-08-06 22:19 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806221924.log
2015-08-06 21:56 - 2015-08-06 22:26 - 00002408 _____ C:\Windows\System32\Tasks\Tempo Runner onudci
2015-08-06 21:52 - 2015-08-06 21:52 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150806215224.log
2015-08-06 21:43 - 2015-08-06 21:42 - 00613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp
2015-08-06 21:41 - 2014-09-10 08:11 - 00119344 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-08-06 21:41 - 2014-08-15 03:22 - 00069336 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-08-06 21:41 - 2014-07-30 04:44 - 00091928 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\vpatch.dll
2015-08-06 21:41 - 2014-01-02 09:37 - 00325400 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\ravext64.dll
2015-08-06 21:41 - 2013-12-30 09:33 - 00256280 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\ravext.dll
2015-08-06 21:41 - 2012-09-06 02:30 - 00240472 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\SysWOW64\bsmain.exe
2015-08-06 21:41 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\ProgramData\Rising
2015-08-06 21:40 - 2015-08-06 21:41 - 00000000 ____D C:\Program Files (x86)\Rising
2015-08-06 21:38 - 2015-08-06 21:38 - 00000000 ____D C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
2015-08-06 21:24 - 2015-08-06 21:24 - 00001020 _____ C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job
2015-08-06 21:04 - 2015-08-06 22:05 - 00000000 ____D C:\Users\Markéta87\AppData\Local\Unity
2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\Users\Public\QiYi
2015-08-06 21:04 - 2015-08-06 21:04 - 00000000 ____D C:\ppsfile
2015-08-06 21:03 - 2015-08-06 21:03 - 00001006 _____ C:\Windows\Tasks\YP8Vuoi3i.job
2015-08-06 21:01 - 2015-08-06 21:02 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\prleth.sys
2015-08-06 21:01 - 2015-08-06 21:01 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-06 21:00 - 2015-08-06 21:00 - 00000000 ____D C:\Program Files (x86)\baidu
2015-08-06 20:51 - 2015-08-10 16:28 - 00000000 ____D C:\Program Files\fchk32
015-08-06 20:50 - 2015-08-06 22:23 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831
2015-08-06 20:49 - 2015-08-06 20:49 - 00001034 _____ C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job
2015-08-06 20:49 - 2015-08-06 20:49 - 00001020 _____ C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job
2015-07-31 19:07 - 2015-07-31 19:07 - 00000228 _____ C:\Windows\SysWOW64\ToasterLauncherLog.20150731190750.log
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe
2013-12-13 16:33 - 2014-01-12 21:32 - 0001722 _____ () C:\Users\Markéta87\AppData\Roaming\mscasjrl.dat
2013-12-13 16:33 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\msfvxv.dat
2013-12-13 16:35 - 2014-01-12 21:32 - 0001641 _____ () C:\Users\Markéta87\AppData\Roaming\msvscfu.dat
2013-12-13 16:35 - 2014-01-16 22:14 - 0000027 _____ () C:\Users\Markéta87\AppData\Roaming\mswlhxqo.dat
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i.exe
2015-08-11 18:34 - 2015-08-11 18:34 - 0029696 _____ () C:\Users\Markéta87\AppData\Local\MSGBOX.EXE
2015-08-06 21:43 - 2015-08-06 21:42 - 0613255 _____ (CMI Limited) C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp

AV: ???????? (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AS: ???????? (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}

Task: C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job => C:\Users\Mark?ta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe <==== ATTENTION
Task: C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job => C:\Users\Mark?ta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job => C:\Users\Mark?ta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job => C:\Users\Markéta87\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => C:\Users\Markéta87\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\Tempo Runner onu6ci.job => C:\ProgramData\EroBisis\onuaci.exe+/dgad C:\ProgramData\EroBisis\onu6ci.exe
Task: C:\Windows\Tasks\Tempo Runner onudci.job => 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Task: C:\Windows\Tasks\YP8Vuoi3i.job => C:\Users\Mark?ta87\AppData\Roaming\YP8Vuoi3i.exe <==== ATTENTION

FirewallRules: [{EEFE7202-B83F-46C5-8BB2-87AF226CE857}] => (Allow) LPort=2869
FirewallRules: [{9ECD95F6-04AC-40B0-90FB-4AEFBE18150C}] => (Allow) LPort=1900
FirewallRules: [{FDFEDD71-829F-4390-837E-CB5C3F29EECC}] => (Allow) LPort=9700
FirewallRules: [{59EE315B-8811-43F2-A7E2-B85DC40EB746}] => (Allow) LPort=9701
FirewallRules: [{A3581998-3F2D-45E1-AB93-B1624F7B19DC}] => (Allow) LPort=9702
FirewallRules: [{C82386E7-7122-41CF-827D-2D4CECAE566D}] => (Allow) LPort=9700
FirewallRules: [{5E13C9AA-B068-40A2-a4AF-A24758A869DE}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{242BE609-BDDD-4ED8-A797-1B9F7E77E042}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{28BFB284-EE04-4D96-92A2-79511178ED99}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{FF4A5CFC-5DE8-48F8-987C-6DB990FA6E6E}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{DA0DCAD2-48C2-4D37-B18C-88E4D62E5E81}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe
FirewallRules: [{013DC9B8-870D-4A5E-9BCF-F91A71A52485}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe
FirewallRules: [{3D8F4F14-765F-4930-807D-ECABCDFCFD17}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{BB24D7E6-1D4E-4C0C-AF56-C6EB293A7A7F}] => (Allow) C:\Users\Markéta87\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{EFCB3887-1C7F-4110-ADBE-055E79BDA721}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{0841CFB4-6532-469B-AB79-F7CC470C3986}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{2F749E93-4570-4601-82F2-1FED881B53D7}] => (Allow) C:\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{00B1A733-42A1-4BE6-B8DF-1363DA8A57C9}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{3D2395CD-02CF-4101-92D9-22EEAE6D5DE1}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{B1930EB7-36D8-4794-90DC-A97D53A1D5CB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCmgrInstallGuide.exe
FirewallRules: [{F6776267-251E-4CF8-A01C-E9965108415F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe
FirewallRules: [{806BA7E1-F030-42DA-861E-78BFF03C2F82}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCMgr.exe
FirewallRules: [{9895529C-DA2F-4D76-BDC3-71C399EB5E7D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
FirewallRules: [{89856A2A-F349-4E87-9FB4-03D107A18151}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMDL.exe
FirewallRules: [{09D03DBC-AB45-4C1D-89FB-888D3D1FD3DF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\bugreport.exe
FirewallRules: [{1573280B-8010-405E-80C5-C24A62BF3186}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCFileOpen.exe
FirewallRules: [{2A90B148-A3CD-4B4A-8DE9-01892880823C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLeakScan.exe
FirewallRules: [{349B57DA-4F00-4699-B2C6-3F5B4F3C066D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPConfig.exe
FirewallRules: [{D15495D4-E4CC-40C6-AB13-68A23227DD98}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftMgr.exe
FirewallRules: [{4CB9B5FE-A27C-47D0-9212-96C82E22BDC6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{CAEF55A0-E7D2-4194-957A-DF5F01FA60EE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCBTU.exe
FirewallRules: [{BC3E9919-BA92-44AE-8F9D-97B1EF9FFC65}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCClinic.exe
FirewallRules: [{C6B7F880-C9BA-4716-B6C2-8B76A0DC7AF3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLaunch.exe
FirewallRules: [{526F04F5-D6F9-4BE5-8EB2-3F97BEC22C93}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{0ACAC300-17F9-4528-B34B-7E4F68B5A626}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftGame.exe
FirewallRules: [{45FBAA17-ED7C-41B1-B626-1A20648787F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSysOptimize.exe
FirewallRules: [{4FD7C6F4-B00C-4074-9BD5-5476A8C58521}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCUpdateAVLib.exe
FirewallRules: [{7529AFD0-B4FA-47D7-8EC2-A174FBD0A7AC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQRepair.exe
FirewallRules: [{F79E6020-2132-4BA1-BEBE-27BAF724FCDE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\Uninst.exe
FirewallRules: [{6E2A4CC3-B607-4F13-B20A-C1CBA7B40572}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCPatch.exe
FirewallRules: [{CCCC9CC0-C176-46AC-81C1-97AABF6B75F3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TpkUpdate.exe
FirewallRules: [{5D5D31AA-646A-4F97-87C5-31BF44BC9D7E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMRouterMgr.exe
FirewallRules: [{3D30B992-E1CC-43C3-9A43-336D9DE58B09}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMAccountProtection.exe
FirewallRules: [{76D3C782-1EC1-46D8-BE69-EF64FDB31BE5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{C99114C8-57E9-4045-AD8C-9F4CE14BE68C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{3D210778-74AB-4FC1-9379-ED0CB48F9EE2}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{6C7FB8DC-706F-43D6-B3D0-D7EB285F2878}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.ex

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Error: Restore point can only be created in normal mode.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\VirtualCloneDrive => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RSDTRAY => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RavTRAY => value removed successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Dropbox Update => value removed successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => value removed successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:742c012fce2d5ecac80c77287cb15236 => value removed successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report => value removed successfully
C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk => moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
"HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8"" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\Microsoft\Internet Explorer\Main\\First Home Page => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\MozillaPlugins\@iqiyi.com/npWebPlayer" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@rising.com.cn/nprising" => key removed successfully
C:\Program Files (x86)\Rising\RAV\nprising.dll => moved successfully.
"HKU\S-1-5-21-4226178262-95834032-4014968802-1001\Software\MozillaPlugins\@rising.com.cn/nprising" => key removed successfully
C:\Program Files (x86)\Rising\RAV\nprising.dll not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
fchk32 => service removed successfully
jolugepba => service removed successfully
kalghuir => service removed successfully
RsMgrSvc => service removed successfully
RsRavMon => service removed successfully
comyninu => service removed successfully
hutipezi => service removed successfully
hyverumu => service removed successfully
iscFlash => service removed successfully
C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831 => moved successfully.
C:\ProgramData\EroBisis => moved successfully.
C:\Program Files\fchk32 => moved successfully.
"C:\Program Files (x86)\Tencent" => File/Folder not found.
C:\Program Files (x86)\baidu => moved successfully.
C:\Program Files (x86)\Rising => moved successfully.
C:\Program Files (x86)\Skype\Toolbars => moved successfully.
C:\Users\Markéta87\Desktop\FRST.txt => moved successfully.
"C:\Users\Markéta87\AppData\Local\MSGBOX.EXE" => File/Folder not found.
"C:\Users\Markéta87\Desktop\LM.bat" => File/Folder not found.
"C:\Users\Markéta87\Desktop\FRSTLauncher.exe" => File/Folder not found.
C:\zoek-results.log => moved successfully.
C:\Users\Markéta87\Desktop\zoek.rar => moved successfully.
C:\runcheck.txt => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\Markéta87\Desktop\zoek.exe => moved successfully.
C:\Windows\Tasks\Tempo Runner onu6ci.job => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Markéta87\Desktop\adwcleaner_4.208.exe => moved successfully.
C:\Users\Markéta87\Desktop\Rkill.txt => moved successfully.
C:\Users\Markéta87\Desktop\rkill.com => moved successfully.
C:\rsit => moved successfully.
C:\Windows\Tasks\Tempo Runner onudci.job => moved successfully.
C:\Windows\SysWOW64\ToasterLauncherLog.20150806221924.log => moved successfully.
C:\Windows\System32\Tasks\Tempo Runner onudci => moved successfully.
C:\Windows\SysWOW64\ToasterLauncherLog.20150806215224.log => moved successfully.
C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp => moved successfully.
C:\Windows\system32\Drivers\sysmon.sys => moved successfully.
C:\Windows\system32\Drivers\rsutils.sys => moved successfully.
C:\Windows\SysWOW64\vpatch.dll => moved successfully.
C:\Windows\system32\ravext64.dll => moved successfully.
C:\Windows\SysWOW64\ravext.dll => moved successfully.
C:\Windows\SysWOW64\bsmain.exe => moved successfully.
C:\Windows\system32\Drivers\rsndisp.sys => moved successfully.
C:\ProgramData\Rising => moved successfully.
"C:\Program Files (x86)\Rising" => File/Folder not found.

"C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" folder move:

Could not move "C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Scheduled to move on reboot.

C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job => moved successfully.
C:\Users\Markéta87\AppData\Local\Unity => moved successfully.
C:\Users\Public\QiYi => moved successfully.
C:\ppsfile => moved successfully.
C:\Windows\Tasks\YP8Vuoi3i.job => moved successfully.
C:\ProgramData\ZWinManProZ => moved successfully.
C:\Windows\prleth.sys => moved successfully.
C:\Windows\hgfs.sys => moved successfully.
"C:\Program Files (x86)\baidu" => File/Folder not found.
"C:\Program Files\fchk32" => File/Folder not found.
015-08-06 20:50 - 2015-08-06 22:23 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1438887057-3710-8033-C2C04F515831 => Error: No automatic fix found for this entry.
C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job => moved successfully.
C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job => moved successfully.
C:\Windows\SysWOW64\ToasterLauncherLog.20150731190750.log => moved successfully.
C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET => moved successfully.
C:\Users\Markéta87\AppData\Roaming\2hJnGubrrm8Bt9QUin4iHET.exe => moved successfully.
C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy => moved successfully.
C:\Users\Markéta87\AppData\Roaming\5QK3ByCuNkdKrFCy.exe => moved successfully.
C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t => moved successfully.
C:\Users\Markéta87\AppData\Roaming\cMKwNkW3O2DUMi1t.exe => moved successfully.
C:\Users\Markéta87\AppData\Roaming\mscasjrl.dat => moved successfully.
C:\Users\Markéta87\AppData\Roaming\msfvxv.dat => moved successfully.
C:\Users\Markéta87\AppData\Roaming\msvscfu.dat => moved successfully.
C:\Users\Markéta87\AppData\Roaming\mswlhxqo.dat => moved successfully.
C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i => moved successfully.
C:\Users\Markéta87\AppData\Roaming\YP8Vuoi3i.exe => moved successfully.
"C:\Users\Markéta87\AppData\Local\MSGBOX.EXE" => File/Folder not found.
"C:\Users\Markéta87\AppData\Local\nsd6DEC.tmp" => File/Folder not found.
AV: ???????? (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} => The item is protected. Make sure the software is uninstalled and its services is removed.
AV: Rising Antivirus (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: ???????? (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: Rising Antivirus (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA} => The item is protected. Make sure the software is uninstalled and its services is removed.
C:\Windows\Tasks\2hJnGubrrm8Bt9QUin4iHET.job not found.
C:\Windows\Tasks\5QK3ByCuNkdKrFCy.job not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\cMKwNkW3O2DUMi1t.job not found.
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => moved successfully.
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001UA.job => moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4226178262-95834032-4014968802-1001Core.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\SlimDrivers Startup.job => moved successfully.
C:\Windows\Tasks\Tempo Runner onu6ci.job not found.
C:\Windows\Tasks\Tempo Runner onudci.job not found.
C:\Windows\Tasks\YP8Vuoi3i.job not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFE7202-B83F-46C5-8BB2-87AF226CE857} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9ECD95F6-04AC-40B0-90FB-4AEFBE18150C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDFEDD71-829F-4390-837E-CB5C3F29EECC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59EE315B-8811-43F2-A7E2-B85DC40EB746} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3581998-3F2D-45E1-AB93-B1624F7B19DC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C82386E7-7122-41CF-827D-2D4CECAE566D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E13C9AA-B068-40A2-a4AF-A24758A869DE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{242BE609-BDDD-4ED8-A797-1B9F7E77E042} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28BFB284-EE04-4D96-92A2-79511178ED99} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF4A5CFC-5DE8-48F8-987C-6DB990FA6E6E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA0DCAD2-48C2-4D37-B18C-88E4D62E5E81} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{013DC9B8-870D-4A5E-9BCF-F91A71A52485} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D8F4F14-765F-4930-807D-ECABCDFCFD17} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB24D7E6-1D4E-4C0C-AF56-C6EB293A7A7F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFCB3887-1C7F-4110-ADBE-055E79BDA721} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0841CFB4-6532-469B-AB79-F7CC470C3986} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F749E93-4570-4601-82F2-1FED881B53D7} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00B1A733-42A1-4BE6-B8DF-1363DA8A57C9} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D2395CD-02CF-4101-92D9-22EEAE6D5DE1} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1930EB7-36D8-4794-90DC-A97D53A1D5CB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F6776267-251E-4CF8-A01C-E9965108415F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{806BA7E1-F030-42DA-861E-78BFF03C2F82} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9895529C-DA2F-4D76-BDC3-71C399EB5E7D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89856A2A-F349-4E87-9FB4-03D107A18151} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09D03DBC-AB45-4C1D-89FB-888D3D1FD3DF} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1573280B-8010-405E-80C5-C24A62BF3186} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A90B148-A3CD-4B4A-8DE9-01892880823C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{349B57DA-4F00-4699-B2C6-3F5B4F3C066D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D15495D4-E4CC-40C6-AB13-68A23227DD98} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CB9B5FE-A27C-47D0-9212-96C82E22BDC6} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CAEF55A0-E7D2-4194-957A-DF5F01FA60EE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC3E9919-BA92-44AE-8F9D-97B1EF9FFC65} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6B7F880-C9BA-4716-B6C2-8B76A0DC7AF3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{526F04F5-D6F9-4BE5-8EB2-3F97BEC22C93} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0ACAC300-17F9-4528-B34B-7E4F68B5A626} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45FBAA17-ED7C-41B1-B626-1A20648787F3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4FD7C6F4-B00C-4074-9BD5-5476A8C58521} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7529AFD0-B4FA-47D7-8EC2-A174FBD0A7AC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F79E6020-2132-4BA1-BEBE-27BAF724FCDE} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E2A4CC3-B607-4F13-B20A-C1CBA7B40572} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCCC9CC0-C176-46AC-81C1-97AABF6B75F3} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D5D31AA-646A-4F97-87C5-31BF44BC9D7E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D30B992-E1CC-43C3-9A43-336D9DE58B09} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76D3C782-1EC1-46D8-BE69-EF64FDB31BE5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C99114C8-57E9-4045-AD8C-9F4CE14BE68C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D210778-74AB-4FC1-9379-ED0CB48F9EE2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C7FB8DC-706F-43D6-B3D0-D7EB285F2878} => value removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1020.9 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Safe Mode (with Networking)) (Date&Time: 2015-08-11 22:02:10)<=

"C:\Users\Markéta87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" => Could not move

==== End of Fixlog 22:02:11 ====

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 15-08-08.01 - Markéta87 12.08.2015 8:46.1.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8067.6811 [GMT 2:00]
Spuštěný z: c:\users\MarkÚta87\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\progra~2\COMMON~1\{F0A37~1
c:\progra~2\COMMON~1\{F0A37~1\Setup.exe
c:\programdata\PCDr\6664\AddOnDownloaded\5d59ed02-c0da-4e0e-8811-16a3d0b6a87d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9ad177b0-ddcd-4cf6-ac35-969dc98b22db.dll
c:\programdata\Roaming
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-12 do 2015-08-12 )))))))))))))))))))))))))))))))
.
.
2015-08-12 06:54 . 2015-08-12 06:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-11 20:09 . 2015-08-11 20:09 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2015-08-11 18:04 . 2015-08-11 18:04 -------- d-----w- c:\users\Markéta87\AppData\Local\SlimWare Utilities Inc
2015-08-11 17:54 . 2015-08-11 17:54 -------- d-----w- c:\program files (x86)\LSoft Technologies
2015-08-11 16:52 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6051B07E-143B-4412-B4D5-AF5C7B208DC1}\mpengine.dll
2015-08-11 16:31 . 2015-08-11 20:02 -------- d-----w- C:\FRST
2015-08-10 15:00 . 2015-08-10 15:00 -------- d-----w-a87 c:\users\MARKTA~2
2015-08-10 14:41 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-06 19:42 . 2015-08-06 19:42 -------- d-----w- c:\programdata\KingSoft
2015-08-06 19:41 . 2015-08-06 20:20 -------- d-----r- C:\RavBin
2015-08-06 19:39 . 2015-08-06 19:39 -------- d-----w-87 c:\users\MARKA8~1
2015-08-06 18:51 . 2015-08-06 18:51 -------- d-----w- c:\users\Markéta87\AppData\Local\AppleMobile
2015-08-06 18:47 . 2015-08-06 18:47 -------- d-----w- c:\program files (x86)\Seznam.cz
2015-08-06 18:46 . 2015-08-10 14:25 -------- d-----w- c:\users\Markéta87\AppData\Roaming\Seznam.cz
2015-08-06 18:46 . 2015-08-06 18:46 -------- d-----w- c:\users\Markéta87\AppData\Roaming\Opera Software
2015-08-06 18:46 . 2015-08-06 18:46 -------- d-----w- c:\users\Markéta87\AppData\Local\Opera Software
2015-08-06 18:46 . 2015-08-06 18:52 -------- d-----w- c:\program files (x86)\Opera
2015-08-06 05:08 . 2015-07-02 16:14 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FFA13FCC-1DDA-4C65-8B24-7D00B8E5CF30}\gapaengine.dll
2015-07-28 17:37 . 2015-07-25 18:04 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-28 17:37 . 2015-07-25 18:04 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-28 17:37 . 2015-07-25 18:03 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-28 17:37 . 2015-07-25 18:03 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-28 17:37 . 2015-07-25 18:03 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-28 17:37 . 2015-07-25 17:55 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-28 17:37 . 2015-07-25 18:07 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-28 17:37 . 2015-07-25 18:03 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-21 15:38 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 15:38 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 15:38 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-21 15:38 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-21 15:38 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-21 15:38 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 15:38 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 15:38 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-21 15:38 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-21 15:38 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-21 15:33 . 2015-07-21 15:33 -------- d-----w- c:\program files\iPod
2015-07-21 15:33 . 2015-07-21 15:35 -------- d-----w- c:\program files\iTunes
2015-07-21 15:33 . 2015-07-21 15:35 -------- d-----w- c:\program files (x86)\iTunes
2015-07-20 16:13 . 2015-07-03 06:23 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-07-20 16:12 . 2015-06-15 21:50 112064 ----a-w- c:\windows\system32\consent.exe
2015-07-20 16:12 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2015-07-20 16:12 . 2015-06-15 21:45 1941504 ----a-w- c:\windows\system32\authui.dll
2015-07-20 16:12 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-07-20 16:12 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-07-20 16:12 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-07-20 16:12 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-07-20 16:12 . 2015-06-15 21:45 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-07-20 16:12 . 2015-06-15 21:43 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-07-20 16:12 . 2015-06-15 21:42 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-07-20 16:12 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-07-20 16:12 . 2015-06-15 21:37 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 17:23 . 2013-09-26 13:49 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-20 17:23 . 2013-09-26 13:49 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-05 10:08 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-07-03 06:43 . 2013-12-16 10:53 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-02 16:14 . 2014-01-23 07:25 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-07-01 20:49 . 2015-07-20 16:13 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-20 16:13 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-06-10 21:08 . 2015-06-10 21:08 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2015-05-25 18:24 . 2015-06-10 17:24 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 17:24 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 17:24 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 17:24 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 17:24 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 17:24 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 17:24 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 17:24 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 17:24 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 17:24 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 17:24 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 17:24 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 17:24 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 17:24 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 17:24 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 17:24 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 17:24 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 17:24 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 17:24 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 17:24 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 17:24 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 17:24 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 17:24 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 17:24 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 17:24 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 17:24 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 17:24 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 17:24 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 17:24 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 17:24 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 17:24 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 17:24 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 17:24 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 17:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 17:24 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 17:24 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 17:24 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 17:24 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 17:24 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 17:24 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 17:24 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 17:24 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 17:24 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-11-21 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-02-22 292088]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-11 642728]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2012-01-27 165184]
"dslToasterLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\ToasterLauncher.exe" [2012-01-27 450880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 sysmon;sysmon;c:\windows\system32\DRIVERS\sysmon.sys;c:\windows\SYSNATIVE\DRIVERS\sysmon.sys [x]
R1 rsutils;rsutils;c:\windows\system32\DRIVERS\rsutils.sys;c:\windows\SYSNATIVE\DRIVERS\rsutils.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
R2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
R2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
R2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SupportAssistAgent;Dell SupportAssist Agent;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe;c:\program files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [x]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
R2 wmpmde;Apple Mobile Device32;c:\users\Markéta87\AppData\Local\AppleMobile\apple.exe;c:\users\Markéta87\AppData\Local\AppleMobile\apple.exe [x]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 usb3Hub;UoIP Hub;c:\windows\system32\DRIVERS\usb3Hub.sys;c:\windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-11-16 11585408]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2012-06-13 1647616]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-30 36352]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat do Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{47DC912E-5B20-4E6E-8D73-DF9A69BB67CD}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{6C5AE75F-D994-485E-A2C2-47645F62F9EC}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{6C5AE75F-D994-485E-A2C2-47645F62F9EC}\D65646675646: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{89B36F93-BE81-4B67-97E3-1452E9C6C373}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{E2E5BD5D-F8FB-4E77-92DE-1CF111C4B79F}: NameServer = 52.18.92.32,8.8.8.8
FF - ProfilePath - c:\users\Markéta87\AppData\Roaming\Mozilla\Firefox\Profiles\z49tvocj.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{28757020-B5E0-4BDC-8F70-269F23A1C127} - c:\programdata\EroBisis\Uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-08-12 08:56:16
ComboFix-quarantined-files.txt 2015-08-12 06:56
.
Před spuštěním: Volných bajtů: 312 281 149 440
Po spuštění: Volných bajtů: 312 085 315 584
.
- - End Of File - - 4F942AE394AA00EA3424F7979EA4E61A
5C616939100B85E558DA92B899A0FC36

Jak se chova ntb??