mozzila firefox

[marvis]

Dobrý den, strašně se mi zpomalíl prohlížeč Mozilla firefox. Mohli by jste mi prosím od toho pomoct? Mám operační systém windows 8

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[marvis]

to má trvat tak dlouho?

[marvis]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-08-2015
Ran by Josef (administrator) on PC (24-08-2015 18:06:35)
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef & UpdatusUser)
Platform: Microsoft Windows 8.1 Pro (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenu8.exe
() C:\Program Files\IObit\Start Menu 8\InstallServices32.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenu_Hook.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
(TB development & investment, s.r.o.) C:\Program Files\Mamemail\Mamemail Postak\Postak.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_9e5a9771e29ebd0a\TiWorker.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-23] (AVAST Software)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE [249440 2015-01-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mámemail Pošťák.lnk [2015-07-08]
ShortcutTarget: Mámemail Pošťák.lnk -> C:\Program Files\Mamemail\Mamemail Postak\Postak.exe (TB development & investment, s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-23] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> C0F8ACC81D9B6562AA3B72927B805FE9 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {2bbfcc59-1b41-4ddc-b2c5-54bebe073d4d} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... isticka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {4768e515-03b2-4088-89f0-9c265fb34809} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {6e20ca39-3130-4936-819a-f18670436464} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {e10d9089-9c70-4931-8939-ca55669fe16b} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-23] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-14] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{B96975B8-0704-453E-A5DA-E8073D84C4FC}: [DhcpNameServer] 192.169.1.254

FireFox:
========
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ke3ymdod.default-1440151006151
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1760704405-2657957502-4182092959-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-21]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-02-22]

Chrome:
=======
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Docs) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-26]
CHR Extension: (Google Search) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-26]
CHR Extension: (Google Sheets) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-14]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-03]
CHR Extension: (Skype Click to Call) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-26]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Gmail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - <no Path\update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-23] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 StartMenuService; C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [674048 2007-04-20] (Philips Semiconductors GmbH)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-08-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-08-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-08-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [113592 2015-08-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-23] (AVAST Software)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-09-24] (Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-08] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 PAC7302; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [457984 2007-09-10] (PixArt Imaging Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo32.dll [13264 2015-08-23] (wisecleaner.com)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-09-24] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 18:06 - 2015-08-24 18:07 - 00018271 _____ C:\Users\Josef\Desktop\FRST.txt
2015-08-24 18:06 - 2015-08-24 18:06 - 01677824 _____ (Farbar) C:\Users\Josef\Desktop\FRST.exe
2015-08-24 17:58 - 2015-08-24 17:58 - 00000077 _____ C:\WINDOWS\setupact.log
2015-08-24 17:58 - 2015-08-24 17:58 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-24 17:57 - 2015-08-24 17:57 - 00000566 _____ C:\WINDOWS\PFRO.log
2015-08-24 17:23 - 2015-08-24 17:23 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-24 17:23 - 2015-08-24 17:23 - 00001121 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-24 17:23 - 2015-08-24 17:23 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-24 17:10 - 2015-08-24 17:14 - 00000000 ____D C:\Users\Josef\AppData\Roaming\FTWeak
2015-08-24 16:18 - 2015-08-24 16:16 - 01210772 _____ C:\Users\Josef\Downloads\sqlite3cz.exe.part
2015-08-23 23:36 - 2015-08-24 09:38 - 00000000 ____D C:\WINDOWS\Panther
2015-08-23 13:07 - 2015-08-24 18:05 - 01482705 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-23 13:05 - 2015-08-23 13:06 - 00500000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-23 12:49 - 2015-08-24 17:59 - 00000382 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2015-08-23 12:49 - 2015-08-24 12:00 - 00000410 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2015-08-23 12:49 - 2015-08-23 12:49 - 00013264 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo32.dll
2015-08-23 12:24 - 2015-08-23 12:23 - 43520040 _____ C:\Users\Josef\Downloads\Seznam.cz.exe.part
2015-08-23 12:13 - 2015-08-23 12:13 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-23 12:13 - 2015-08-23 12:13 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-23 08:25 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-22 19:30 - 2015-08-22 19:30 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-21 12:45 - 2015-08-21 12:45 - 00000000 ____D C:\Users\Josef\Documents\Nástroje systému Microsoft Office 2010
2015-08-21 12:44 - 2015-08-21 12:45 - 00000000 ____D C:\Users\Josef\AppData\Local\Windows Live Writer
2015-08-21 12:44 - 2015-08-21 12:44 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Windows Live Writer
2015-08-18 23:21 - 2015-08-24 17:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-13 07:53 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:35 - 2015-08-13 07:35 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-08-13 07:09 - 2015-08-13 07:18 - 00000000 ____D C:\7a6b6eff814769474f5274
2015-08-12 06:24 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 06:24 - 2015-07-29 16:20 - 01088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 06:24 - 2015-07-24 19:27 - 03527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 06:24 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 06:24 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 06:24 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 06:24 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 06:23 - 2015-07-29 01:28 - 00024240 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 06:23 - 2015-07-28 16:26 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 06:23 - 2015-07-16 02:34 - 01469456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 06:23 - 2015-07-16 02:33 - 05767000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 06:23 - 2015-07-16 02:33 - 00082776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 06:23 - 2015-07-15 00:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 06:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 06:23 - 2015-07-10 18:53 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 06:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 06:23 - 2015-06-09 20:17 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 06:22 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 06:22 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 06:22 - 2015-07-13 21:27 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 06:22 - 2015-07-13 21:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 06:22 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 06:22 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 06:22 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 06:22 - 2015-06-11 21:26 - 01853272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 06:22 - 2015-05-12 02:32 - 00554328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 06:22 - 2014-11-10 19:47 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 06:21 - 2015-07-19 04:03 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 06:21 - 2015-07-18 20:37 - 03065856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 06:21 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 06:21 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 06:21 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 06:21 - 2015-07-18 20:27 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 06:21 - 2015-07-18 20:10 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 06:21 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 06:21 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 06:21 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 06:21 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 06:21 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 06:21 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 06:21 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 06:21 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 06:21 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 06:21 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 06:21 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 06:21 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 06:21 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 06:20 - 2015-07-07 11:45 - 00233304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 06:20 - 2015-07-07 11:45 - 00084824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 06:20 - 2015-07-07 11:45 - 00038928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 06:18 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 06:18 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-10 14:15 - 2015-08-10 14:15 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-10 14:15 - 2015-08-10 14:15 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-08 13:58 - 2015-08-08 13:58 - 00002088 _____ C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office – zástupce.lnk
2015-08-08 13:58 - 2015-08-08 13:58 - 00001852 _____ C:\Users\Josef\Desktop\Microsoft Office – zástupce.lnk
2015-08-08 13:47 - 2015-08-08 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-08 13:47 - 2015-08-08 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-08-08 13:46 - 2015-08-08 13:46 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2015-08-08 13:45 - 2015-08-08 13:45 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2015-08-08 13:44 - 2015-08-08 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-08-08 13:43 - 2015-08-08 13:43 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-08-08 13:42 - 2015-08-23 12:50 - 00000000 __RHD C:\MSOCache
2015-08-08 13:42 - 2015-08-13 07:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-08 13:42 - 2015-08-08 13:45 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-08 13:42 - 2015-08-08 13:42 - 00000000 ____D C:\Users\Josef\AppData\Local\Microsoft Help
2015-08-08 12:26 - 2015-08-08 12:26 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-08-08 10:30 - 2015-08-08 10:30 - 00000000 ____D C:\Program Files\AVG
2015-08-08 10:27 - 2015-08-08 10:30 - 00000000 ____D C:\Users\Josef\AppData\Local\Opera Software
2015-08-08 10:26 - 2015-08-08 10:26 - 00000000 ____D C:\Users\Josef\AppData\Local\Disc_Soft_Ltd
2015-08-08 10:25 - 2015-08-08 10:30 - 00000000 ____D C:\Program Files\Opera
2015-08-08 10:25 - 2015-08-08 10:25 - 00000000 ____D C:\Users\Josef\AppData\Roaming\RHEng
2015-08-08 10:25 - 2015-08-08 10:25 - 00000000 ____D C:\Program Files\Disc Soft
2015-08-08 10:24 - 2015-08-22 13:14 - 00000000 ____D C:\Users\Josef\AppData\Roaming\DAEMON Tools Lite
2015-08-08 10:24 - 2015-08-08 10:25 - 00025016 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-08-08 10:24 - 2015-08-08 10:25 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-08-08 10:24 - 2015-08-08 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-08-08 10:22 - 2015-08-08 10:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-08-06 20:49 - 2015-08-06 21:15 - 00000000 ____D C:\Users\Josef\Desktop\Terčiny fotky 2015
2015-08-04 11:19 - 2015-08-04 11:19 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Webshare
2015-08-04 11:18 - 2015-08-04 11:20 - 00000000 ____D C:\Program Files\Webshare
2015-07-29 22:52 - 2015-08-24 17:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-26 15:23 - 2015-07-26 15:23 - 00000000 ____D C:\Users\Josef\AppData\Roaming\LibreOffice
2015-07-26 12:24 - 2015-07-26 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-26 12:18 - 2015-07-26 12:18 - 00002019 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 18:06 - 2013-10-30 19:47 - 00000000 ____D C:\FRST
2015-08-24 18:04 - 2012-07-26 08:43 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 17:59 - 2015-05-09 08:45 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 17:58 - 2013-08-22 09:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-24 17:58 - 2013-02-25 15:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-24 17:18 - 2015-05-09 08:45 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 17:00 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 16:29 - 2013-02-25 15:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-24 09:36 - 2015-07-10 15:47 - 00000000 ___HD C:\$Windows.~BT
2015-08-23 13:22 - 2015-02-07 10:41 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Seznam Browser
2015-08-23 13:22 - 2014-09-14 12:05 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2015-08-23 13:13 - 2014-09-24 05:06 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 13:05 - 2013-08-22 08:13 - 63438848 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00032768 _____ C:\WINDOWS\system32\config\SAM.bak
2015-08-23 12:54 - 2015-06-09 19:31 - 00000000 ____D C:\Users\Josef\Desktop\Nová složka (2)
2015-08-23 12:54 - 2015-05-13 16:52 - 00000000 ____D C:\Users\Josef\Desktop\lukašek
2015-08-23 12:54 - 2014-11-30 13:32 - 00000000 ____D C:\Users\Josef\Desktop\Nová složka
2015-08-23 12:54 - 2013-07-26 15:41 - 00000000 ____D C:\Users\Josef\AppData\Roaming\All Free DVD to AVI Converter
2015-08-23 12:54 - 2013-04-02 10:05 - 00000000 ____D C:\Users\Josef\Desktop\programy
2015-08-23 12:54 - 2013-03-01 12:32 - 00000000 ____D C:\ProgramData\Skype
2015-08-23 12:54 - 2013-02-27 11:41 - 00000000 ____D C:\Users\Josef\Desktop\videoklipy
2015-08-23 12:54 - 2013-02-27 10:58 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Seznam.cz
2015-08-23 12:42 - 2012-07-26 06:17 - 00000225 _____ C:\WINDOWS\win.ini
2015-08-23 12:13 - 2014-05-27 18:09 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-23 12:13 - 2014-01-02 12:01 - 00113592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-23 12:13 - 2013-05-21 11:40 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-23 12:13 - 2013-05-21 11:40 - 00081728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-23 12:13 - 2013-05-21 11:39 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-08-23 12:13 - 2013-05-21 11:39 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-23 12:13 - 2013-03-05 20:43 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-23 12:13 - 2013-03-05 20:43 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-21 12:44 - 2014-12-19 17:23 - 00000000 ____D C:\Users\Josef\AppData\Local\Windows Live
2015-08-21 08:04 - 2014-12-19 17:24 - 00000000 ___RD C:\Users\Josef\OneDrive
2015-08-14 12:35 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-08-13 23:48 - 2013-02-27 11:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 20:11 - 2013-08-22 08:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-13 20:09 - 2014-12-10 20:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 20:09 - 2014-09-24 05:44 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 14:52 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 07:53 - 2013-02-27 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 07:18 - 2013-07-11 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 07:09 - 2013-02-26 15:24 - 129304528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 16:16 - 2015-06-08 11:10 - 00003919 _____ C:\Users\Josef\Documents\domácnost.ods
2015-08-10 14:17 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-09 19:38 - 2014-11-05 13:52 - 00000000 ____D C:\Users\Josef
2015-08-08 14:04 - 2014-12-01 18:54 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-08-08 13:47 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-08 13:47 - 2013-02-27 11:03 - 00000000 ____D C:\Program Files\MSBuild
2015-08-08 13:45 - 2014-12-19 17:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-08-08 13:45 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-08 13:43 - 2014-09-24 04:50 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-08 10:52 - 2014-11-02 12:39 - 00000000 ____D C:\Users\Josef\AppData\Roaming\QuickScan
2015-08-08 10:52 - 2013-03-01 12:32 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Skype
2015-08-08 10:31 - 2014-02-22 13:09 - 00000000 ____D C:\Users\Josef\AppData\Roaming\AVG
2015-08-08 10:30 - 2014-09-14 12:16 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Opera Software
2015-08-08 10:30 - 2014-09-13 08:01 - 00000000 ____D C:\Users\Josef\AppData\Local\AVG
2015-08-08 10:29 - 2014-02-22 13:08 - 00000000 ____D C:\ProgramData\AVG
2015-08-08 09:20 - 2013-04-10 17:18 - 00000000 ____D C:\Users\Josef\Documents\Recepty
2015-08-04 10:19 - 2014-02-22 13:16 - 00000000 ____D C:\Users\Josef\Desktop\písničky
2015-08-01 07:46 - 2015-04-17 08:24 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-29 22:52 - 2014-09-09 10:45 - 00000000 ____D C:\Users\Josef\AppData\Local\Adobe
2015-07-26 12:45 - 2013-04-04 22:46 - 00000000 ____D C:\Users\Josef\AppData\Roaming\vlc
2015-07-26 12:13 - 2015-07-08 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mámemail Pošťák
2015-07-26 12:13 - 2015-01-27 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-07-26 12:13 - 2014-12-14 06:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-26 12:13 - 2014-11-27 09:12 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-07-26 12:13 - 2014-10-19 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-26 12:13 - 2014-01-26 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-07-26 12:13 - 2013-07-26 10:16 - 00000000 ____D C:\Program Files\Bogan
2015-07-26 12:13 - 2013-07-21 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-26 12:13 - 2013-03-01 12:32 - 00000000 ___RD C:\Program Files\Skype
2015-07-26 12:13 - 2013-02-27 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-26 12:08 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\registration
2015-07-26 11:51 - 2014-04-07 14:59 - 00000000 ____D C:\Users\Josef\AppData\Roaming\DropboxMaster

==================== Files in the root of some directories =======

2014-09-15 16:41 - 2014-12-21 10:05 - 0087608 _____ () C:\Users\Josef\AppData\Roaming\inst.exe
2014-09-15 16:41 - 2014-12-21 10:05 - 0007887 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.cat
2014-09-15 16:41 - 2014-12-21 10:05 - 0001144 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.inf
2014-09-15 16:42 - 2014-12-21 10:05 - 0000055 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.log
2014-09-15 16:41 - 2014-12-21 10:05 - 0047360 _____ (VSO Software) C:\Users\Josef\AppData\Roaming\pcouffin.sys
2014-12-19 17:47 - 2014-12-19 17:47 - 0003584 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-30 20:12 - 2013-10-31 19:37 - 0029696 _____ () C:\Users\Josef\AppData\Local\MSGBOX.EXE
2014-11-22 09:42 - 2014-11-22 15:32 - 0000044 _____ () C:\ProgramData\spds90.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 09:57

==================== End of log ============================

[marvis]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:23-08-2015
Ran by Josef (2015-08-24 18:07:56)
Running from C:\Users\Josef\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1760704405-2657957502-4182092959-500 - Administrator - Disabled)
Guest (S-1-5-21-1760704405-2657957502-4182092959-501 - Limited - Disabled)
Josef (S-1-5-21-1760704405-2657957502-4182092959-1001 - Administrator - Enabled) => C:\Users\Josef
UpdatusUser (S-1-5-21-1760704405-2657957502-4182092959-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Calme version 2014 (HKLM\...\{297ACAAE-FAAC-4817-A3BE-336F63399DA3}_is1) (Version: 2014 - Metin Elma)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Cross Racing Championship (HKLM\...\{448163D7-ACA4-4D83-8F57-D7D7AB697E65}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version: - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 3.3.1.0 (HKLM\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Youtube Mp3 Converter (HKLM\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mámemail Pošťák verze 1.3 (HKLM\...\{FF58C679-3D55-4F3C-90CF-A5F026710AE0}_is1) (Version: 1.3 - Mamemail.cz)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 40.0.2 (x86 cs)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiRes (remove only) (HKLM\...\MultiRes (remove only)) (Version: - )
Nero 2014 (HKLM\...\{9642EA87-3714-49A6-9E70-325CB18E6DE5}) (Version: 15.0.02500 - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero MediaHome Free (HKLM\...\{C9652153-FBF4-465F-A789-51476FF9BDFB}) (Version: 16.0.02800 - Nero AG)
Nero Prerequisite Installer 3.0 (HKLM\...\{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nvidia Omega Drivers Setup Files (HKLM\...\Nvidia Omega Drivers for Windows 2k-XPv1.6693) (Version: - )
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Ovládací panel NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
Prerequisite installer (Version: 15.0.0010 - Nero AG) Hidden
Prerequisite installer (Version: 16.0.0004 - Nero AG) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Software Updater (HKLM\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION)
Start Menu 8 (HKLM\...\IObit_StartMenu8_is1) (Version: 1.3.0.0 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uživatelská příručka EPSON SX130 Series (HKLM\...\EPSON SX130 Series Useg) (Version: - )
VidCoder 1.4.25 (x86) (HKLM\...\VidCoder_is1) (Version: 1.4.25 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Webcam and Screen Recorder 1.0 (HKLM\...\Webcam and Screen Recorder_is1) (Version: - Web Solution Mart)
Webcam Screen Recorder 7.0 (HKLM\...\WCSRSetup7.0.0_is1) (Version: 7.0.0 - Web Solution Mart)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Josef\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

13-08-2015 06:51:47 Windows Update
17-08-2015 15:56:41 Odebráno: AVG PC TuneUp 2015
23-08-2015 08:25:06 Windows Update
23-08-2015 12:55:03 Created by Wise Care 365

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ED0E633-E4DB-42E3-AE69-B718F20D37E3} - System32\Tasks\{765F1A27-2C44-4F18-A702-F50EC8A5E1E5} => pcalua.exe -a C:\Users\Josef\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe -d C:\Users\Josef\Desktop
Task: {15D25566-FE71-4846-B9AA-C11CE22CB5AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {1666889D-2AD7-4378-8024-17AF7AE47976} - System32\Tasks\{C274966D-0B00-4750-98DF-D76CAB3BA33D} => pcalua.exe -a C:\Users\Josef\Desktop\setup.exe -d C:\Users\Josef\Desktop
Task: {19D1303E-7334-4382-877F-C837A10A8EE9} - System32\Tasks\{AA430657-C74F-4458-AD9E-0D92F798F56D} => Firefox.exe http://ui.skype.com/ui/0/6.11.60.102/cs ... rogressBar
Task: {1C2A27FB-230F-461E-94B8-123000C5E69D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {20E8FFB9-9EBB-4361-B3AB-1638F60F3C9F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {25F6C379-B0FA-4326-B0B7-749050CF51A1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {29FF1EB3-14F3-453F-AADF-1A351A998A1A} - System32\Tasks\{9980D277-650E-4E76-AAE6-974985CE6931} => pcalua.exe -a "C:\Program Files\epson\escndv\setup\setup.exe" -c /r
Task: {2A5F1363-840F-4746-BDB4-AD3CAE70ED97} - System32\Tasks\{F6998EBF-A628-42DC-92D5-6D6454A4A86B} => pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {3263E763-C67E-40F0-9017-E9B2A9BD013F} - System32\Tasks\{D3D7C679-A73D-431F-BC9A-F11C9A556347} => pcalua.exe -a C:\Users\Josef\Desktop\hry\Mafia\Game.exe -d C:\Users\Josef\Desktop\hry\Mafia
Task: {411098A8-0853-479B-9457-C1D4236D63A1} - System32\Tasks\{FAD744D2-A5D7-41E5-9BFE-FAA9B71D9E42} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=613537e78c896821 /um
Task: {454437BE-1F2B-49F8-9332-E4475AF3F30D} - System32\Tasks\Josef Nero LIVEBackup Merge 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe
Task: {45A342E1-3436-44BD-BDA7-557DAFB035E7} - System32\Tasks\{3FB617F4-26FE-43DB-B5CE-7C9E88C51FE2} => pcalua.exe -a C:\Users\Josef\AppData\Local\WebVentures\BandzPro\uninst_634984530301095806.exe -c -u
Task: {48343E4C-CECA-4BCE-B3FC-019CA23B5BE3} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-03-04] (Nero AG)
Task: {5754C913-CEEB-4B75-B3ED-0C4881AA2B15} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-23] (AVAST Software)
Task: {6123E550-7D9D-4E2F-BC91-8DDAE5FE394D} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: {66A829C2-69FF-4B26-976C-6DE2D7C4F2E5} - System32\Tasks\{B7D525ED-EAD4-4F98-A134-0834F27337AB} => pcalua.exe -a "C:\Users\Josef\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {70E003D3-074F-4E3D-9CB2-1CAE4C2769E2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1760704405-2657957502-4182092959-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {75552FDD-663F-49B0-8B9D-F33188922012} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001Core => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {87937E75-91AB-4645-86D9-EE1BB249264C} - System32\Tasks\{10B75E3B-D2B7-46B2-9C7C-C2A17BF5E64A} => pcalua.exe -a D:\Windows_7_Genuine\install_w7ldr.exe -d D:\Windows_7_Genuine
Task: {88AB0088-D1CF-44EE-BE15-6B22000527A5} - System32\Tasks\Josef Nero LIVEBackup 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe
Task: {8FD422B7-502F-49F2-BD2A-F1EF81CBDAFE} - System32\Tasks\{8C04C9F3-03E4-402B-AD8B-706AEAA45286} => pcalua.exe -a "C:\Users\Josef\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {9E32D5D4-F9B3-440F-AB25-9575A6AF084F} - \Uninstaller_SkipUac_Josef -> No File <==== ATTENTION
Task: {AEC93DD5-FEC1-49C1-82A4-25FD35FF7DDC} - System32\Tasks\StartMenuAutoupdate => C:\Program Files\IObit\Start Menu 8\AutoUpdate.exe [2015-01-16] (IObit)
Task: {B3C2740E-77AD-4FCD-B833-86C111F76834} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {CB57BB3A-F1E5-4E7B-BC69-32BBA5D17A58} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
Task: {CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {DBFA11CF-E322-42B3-A4FA-55377B5FE057} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation)
Task: {E4403B10-84D4-409A-B9C0-1E8D82D43271} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F4E803A4-6A74-4D21-9D5A-70603184EF2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-23 12:13 - 2015-08-23 12:13 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-23 12:13 - 2015-08-23 12:13 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-24 13:23 - 2015-08-24 13:23 - 02960896 _____ () C:\Program Files\AVAST Software\Avast\defs\15082400\algo.dll
2013-03-05 13:27 - 2013-09-29 19:05 - 00348992 _____ () C:\Program Files\IObit\Start Menu 8\madExcept_.bpl
2013-03-05 13:27 - 2013-09-29 19:05 - 00183616 _____ () C:\Program Files\IObit\Start Menu 8\madBasic_.bpl
2013-03-05 13:27 - 2013-09-29 19:05 - 00051008 _____ () C:\Program Files\IObit\Start Menu 8\madDisAsm_.bpl
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-05 13:27 - 2013-09-29 19:05 - 00074560 _____ () C:\Program Files\IObit\Start Menu 8\InstallServices32.exe
2013-10-19 07:46 - 2013-09-29 19:05 - 00040256 _____ () C:\Program Files\IObit\Start Menu 8\winkey.dll
2015-04-05 08:33 - 2015-04-05 08:33 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-04 21:25 - 2015-05-04 21:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "Guard.Mail.ru.gui"
HKLM\...\StartupApproved\Run: => "SODCPreLoad"
HKLM\...\StartupApproved\Run: => "PAC7302_Monitor"
HKLM\...\StartupApproved\Run: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "Seznam.chromeUpdatePref"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "SODCPreLoad"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "NextLive"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{C7588B09-FDDA-4900-979F-97C26FDC83FF}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{AD43A2AE-AFE0-43C4-A850-0EB50DC165F2}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{241CD575-D9F9-46BA-B93C-B570597615FB}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{CE919D12-7833-4C9C-AE08-6F341167BFEF}] => (Allow) C:\Users\Josef\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D07E6412-0280-4080-AF67-91A39947962A}] => (Allow) C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{64A9ED12-46B6-4BA1-BFB7-00D27D0B6C6C}] => (Allow) C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20055EB7-7A76-4FBD-BFEC-B6D3CF00063F}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{46C0BBEE-88A7-4360-8D4B-1646B23997EA}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{56AF0C8F-4B58-44B8-B3A7-DD3A7751B002}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{4C7255AC-3B2B-47C6-8405-3EE3FEA5088F}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{EC7B114A-2A65-4FD2-A32B-146D943A32AD}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{060B6564-3F67-497E-A357-5569759528C2}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [UDP Query User{5870F4A4-CC2B-42BA-85EB-6C03E6BBDFCF}C:\program files\cross racing championship\crc.exe] => (Block) C:\program files\cross racing championship\crc.exe
FirewallRules: [TCP Query User{A22D57CD-2129-4E61-9077-FCCD9555C659}C:\program files\cross racing championship\crc.exe] => (Block) C:\program files\cross racing championship\crc.exe
FirewallRules: [{BBACCDF6-F4D9-45D8-9125-DE939FF9225D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B5C2C81-CE36-4036-8164-C0C864E7980D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{F88A4491-2FDF-4A20-A93C-04904E36E396}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{FFD612E3-1FF9-4E13-A680-DB8677D654A6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{18147896-40DC-4BDA-94A0-B114E50EB12A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{68EB0D2D-D27E-49D1-B361-34DE49956ED0}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2CCD8B03-ED29-46DF-98FB-99357CCF62A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{B54FA5B4-B6F0-4D1A-B1D8-EFB1ABEC7D18}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{ED3D24F0-9907-4AB3-85D6-3DACB349E5B6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{337B7231-0191-40AA-B7A2-B5D2E69BFC25}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D7791B0-F4DA-4C67-98EB-0CA44CB4FD5D}] => (Allow) LPort=2869
FirewallRules: [{7953FB37-9780-4584-8EFE-31C79D4340C8}] => (Allow) LPort=1900
FirewallRules: [{7CFAB17D-EA70-4010-BC4F-F2A66F6C5E1D}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{997DEE8C-DC0D-47D5-9497-214B9FF89103}E:\hry\dead island\deadislandgame.exe] => (Block) E:\hry\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{17DFF866-9201-479D-A3D1-19B7B6BB3DF0}E:\hry\dead island\deadislandgame.exe] => (Block) E:\hry\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{16EEE3DC-6806-49A9-A74C-DD356EBEECDD}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4F44A71A-0004-40BB-9D2B-AA4D36B2176B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{9748C480-D946-4CF2-A57A-6EAB31162545}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{0D32354C-53F6-4DE2-8A41-720093746217}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{17AAF757-FE22-4084-B467-BFD9C37DF4DE}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{69635FEE-332F-4D7D-A4A7-4D0141288FF7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACFEC6C3-4151-452D-B032-FE760C607A26}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B21BFA11-6AA5-4301-BDC6-68A00C04F90E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2015 04:27:20 PM) (Source: MsiInstaller) (EventID: 1024) (User: pc)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011012} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (08/24/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 06:00:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/24/2015 05:57:45 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (08/24/2015 05:58:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:27:24, ‎24. ‎8. ‎2015) bylo neočekávané.

Error: (08/24/2015 07:29:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 07:29:50 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/24/2015 07:27:12 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (08/24/2015 07:27:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (0:39:23, ‎24. ‎8. ‎2015) bylo neočekávané.

Error: (08/23/2015 11:21:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/23/2015 11:21:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (08/24/2015 04:27:20 PM) (Source: MsiInstaller) (EventID: 1024) (User: pc)
Description: Adobe Reader XI - Czech{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)


CodeIntegrity:
===================================
Date: 2015-08-13 06:02:48.783
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-13 05:53:44.648
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-12 06:02:18.126
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-12 05:53:02.909
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-11 07:02:30.104
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-11 06:44:35.574
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 07:38:03.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 07:17:01.736
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 06:46:23.306
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 06:42:52.562
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU 2140 @ 1.60GHz
Percentage of memory in use: 48%
Total physical RAM: 2047.43 MB
Available physical RAM: 1055.89 MB
Total Virtual: 2687.43 MB
Available Virtual: 1324.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:171.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9E093DA3)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Doporučuji odinstalovat vše od IOBit. Důvod: viewtopic.php?f=14&t=127320&hilit=iobit .

[marvis]

# AdwCleaner v5.003 - Logfile created 24/08/2015 at 19:14:12
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [Server]
# Operating system : Windows 8.1 Pro (x86)
# Username : Josef - PC
# Running from : C:\Users\Josef\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Josef\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\hal8ti9x.default-1430754522099\Extensions\vb@yandex.ru

***** [ Files ] *****

[-] File Deleted : C:\Users\Josef\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[R1].txt - [31790 bytes] - [10/06/2013 20:35:41]
C:\AdwCleaner[S1].txt - [31282 bytes] - [10/06/2013 20:44:22]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1156 bytes] ##########

[Rudy]

Dejte nový log FRST.

[marvis]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2015
Ran by Josef (administrator) on PC (24-08-2015 19:52:36)
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef & UpdatusUser)
Platform: Microsoft Windows 8.1 Pro (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenu8.exe
() C:\Program Files\IObit\Start Menu 8\InstallServices32.exe
(IObit) C:\Program Files\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHJE.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TB development & investment, s.r.o.) C:\Program Files\Mamemail\Mamemail Postak\Postak.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-23] (AVAST Software)
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-08-30] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE [249440 2015-01-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mámemail Pošťák.lnk [2015-07-08]
ShortcutTarget: Mámemail Pošťák.lnk -> C:\Program Files\Mamemail\Mamemail Postak\Postak.exe (TB development & investment, s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-23] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> C0F8ACC81D9B6562AA3B72927B805FE9 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {2bbfcc59-1b41-4ddc-b2c5-54bebe073d4d} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... isticka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {4768e515-03b2-4088-89f0-9c265fb34809} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {6e20ca39-3130-4936-819a-f18670436464} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {e10d9089-9c70-4931-8939-ca55669fe16b} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-23] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-14] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{B96975B8-0704-453E-A5DA-E8073D84C4FC}: [DhcpNameServer] 192.169.1.254

FireFox:
========
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ke3ymdod.default-1440151006151
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1760704405-2657957502-4182092959-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-08-18]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-21]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-02-22]

Chrome:
=======
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Docs) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-26]
CHR Extension: (Google Search) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-26]
CHR Extension: (Google Sheets) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-14]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-03]
CHR Extension: (Skype Click to Call) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-26]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Gmail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - <no Path\update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-23] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 StartMenuService; C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284520 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [674048 2007-04-20] (Philips Semiconductors GmbH)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-08-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788784 2015-08-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433264 2015-08-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [113592 2015-08-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-23] (AVAST Software)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-09-24] (Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-08-08] (Disc Soft Ltd)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 PAC7302; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [457984 2007-09-10] (PixArt Imaging Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84824 2015-07-07] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo32.dll [13264 2015-08-23] (wisecleaner.com)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-09-24] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 19:52 - 2015-08-24 19:53 - 00018056 _____ C:\Users\Josef\Desktop\FRST.txt
2015-08-24 19:51 - 2015-08-24 19:52 - 01690112 _____ (Farbar) C:\Users\Josef\Desktop\FRST.exe
2015-08-24 19:09 - 2015-08-24 19:09 - 01605632 _____ C:\Users\Josef\Desktop\adwcleaner_5.003.exe
2015-08-24 17:58 - 2015-08-24 19:15 - 00000154 _____ C:\WINDOWS\setupact.log
2015-08-24 17:58 - 2015-08-24 17:58 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-24 17:57 - 2015-08-24 17:57 - 00000566 _____ C:\WINDOWS\PFRO.log
2015-08-24 17:23 - 2015-08-24 17:23 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-24 17:23 - 2015-08-24 17:23 - 00001121 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-24 17:23 - 2015-08-24 17:23 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-24 17:10 - 2015-08-24 17:14 - 00000000 ____D C:\Users\Josef\AppData\Roaming\FTWeak
2015-08-24 16:18 - 2015-08-24 16:16 - 01210772 _____ C:\Users\Josef\Downloads\sqlite3cz.exe.part
2015-08-23 23:36 - 2015-08-24 18:31 - 00000000 ____D C:\WINDOWS\Panther
2015-08-23 13:07 - 2015-08-24 19:40 - 01627939 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-23 13:05 - 2015-08-23 13:06 - 00500000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-23 12:49 - 2015-08-24 19:15 - 00000382 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2015-08-23 12:49 - 2015-08-24 12:00 - 00000410 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2015-08-23 12:49 - 2015-08-23 12:49 - 00013264 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo32.dll
2015-08-23 12:24 - 2015-08-23 12:23 - 43520040 _____ C:\Users\Josef\Downloads\Seznam.cz.exe.part
2015-08-23 12:13 - 2015-08-23 12:13 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-23 12:13 - 2015-08-23 12:13 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-23 08:25 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-22 19:30 - 2015-08-22 19:30 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-21 12:45 - 2015-08-21 12:45 - 00000000 ____D C:\Users\Josef\Documents\Nástroje systému Microsoft Office 2010
2015-08-21 12:44 - 2015-08-21 12:45 - 00000000 ____D C:\Users\Josef\AppData\Local\Windows Live Writer
2015-08-21 12:44 - 2015-08-21 12:44 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Windows Live Writer
2015-08-18 23:21 - 2015-08-24 17:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-13 07:53 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 07:35 - 2015-08-13 07:35 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-08-13 07:09 - 2015-08-13 07:18 - 00000000 ____D C:\7a6b6eff814769474f5274
2015-08-12 06:24 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 06:24 - 2015-07-29 16:20 - 01088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 06:24 - 2015-07-24 19:27 - 03527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 06:24 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 06:24 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 06:24 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 06:24 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 06:23 - 2015-07-29 01:28 - 00024240 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 06:23 - 2015-07-28 16:26 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 06:23 - 2015-07-28 16:26 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 06:23 - 2015-07-16 02:34 - 01469456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 06:23 - 2015-07-16 02:33 - 05767000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 06:23 - 2015-07-16 02:33 - 00082776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 06:23 - 2015-07-15 00:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 06:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 06:23 - 2015-07-10 18:53 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 06:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 06:23 - 2015-06-09 20:17 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 06:22 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 06:22 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 06:22 - 2015-07-13 21:27 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 06:22 - 2015-07-13 21:27 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 06:22 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 06:22 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 06:22 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 06:22 - 2015-06-11 21:26 - 01853272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 06:22 - 2015-05-12 02:32 - 00554328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 06:22 - 2014-11-10 19:47 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 06:21 - 2015-07-19 04:03 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 06:21 - 2015-07-18 20:37 - 03065856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 06:21 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 06:21 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 06:21 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 06:21 - 2015-07-18 20:27 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 06:21 - 2015-07-18 20:10 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 06:21 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 06:21 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 06:21 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 06:21 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 06:21 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 06:21 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 06:21 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 06:21 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 06:21 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 06:21 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 06:21 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 06:21 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 06:21 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 06:20 - 2015-07-07 11:45 - 00233304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 06:20 - 2015-07-07 11:45 - 00084824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 06:20 - 2015-07-07 11:45 - 00038928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 06:18 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 06:18 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-10 14:15 - 2015-08-10 14:15 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-10 14:15 - 2015-08-10 14:15 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-08 13:58 - 2015-08-08 13:58 - 00002088 _____ C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office – zástupce.lnk
2015-08-08 13:58 - 2015-08-08 13:58 - 00001852 _____ C:\Users\Josef\Desktop\Microsoft Office – zástupce.lnk
2015-08-08 13:47 - 2015-08-08 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-08 13:47 - 2015-08-08 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-08-08 13:46 - 2015-08-08 13:46 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2015-08-08 13:45 - 2015-08-08 13:45 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2015-08-08 13:44 - 2015-08-08 13:44 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-08-08 13:43 - 2015-08-08 13:43 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-08-08 13:42 - 2015-08-23 12:50 - 00000000 __RHD C:\MSOCache
2015-08-08 13:42 - 2015-08-13 07:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-08 13:42 - 2015-08-08 13:45 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-08 13:42 - 2015-08-08 13:42 - 00000000 ____D C:\Users\Josef\AppData\Local\Microsoft Help
2015-08-08 12:26 - 2015-08-08 12:26 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-08-08 10:30 - 2015-08-08 10:30 - 00000000 ____D C:\Program Files\AVG
2015-08-08 10:27 - 2015-08-08 10:30 - 00000000 ____D C:\Users\Josef\AppData\Local\Opera Software
2015-08-08 10:26 - 2015-08-08 10:26 - 00000000 ____D C:\Users\Josef\AppData\Local\Disc_Soft_Ltd
2015-08-08 10:25 - 2015-08-08 10:30 - 00000000 ____D C:\Program Files\Opera
2015-08-08 10:25 - 2015-08-08 10:25 - 00000000 ____D C:\Program Files\Disc Soft
2015-08-08 10:24 - 2015-08-22 13:14 - 00000000 ____D C:\Users\Josef\AppData\Roaming\DAEMON Tools Lite
2015-08-08 10:24 - 2015-08-08 10:25 - 00025016 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-08-08 10:24 - 2015-08-08 10:25 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-08-08 10:24 - 2015-08-08 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-08-08 10:22 - 2015-08-08 10:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-08-06 20:49 - 2015-08-06 21:15 - 00000000 ____D C:\Users\Josef\Desktop\Terčiny fotky 2015
2015-08-04 11:19 - 2015-08-04 11:19 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Webshare
2015-08-04 11:18 - 2015-08-04 11:20 - 00000000 ____D C:\Program Files\Webshare
2015-07-29 22:52 - 2015-08-24 18:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-26 15:23 - 2015-07-26 15:23 - 00000000 ____D C:\Users\Josef\AppData\Roaming\LibreOffice
2015-07-26 12:24 - 2015-07-26 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-26 12:18 - 2015-07-26 12:18 - 00002019 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 19:52 - 2013-10-30 19:47 - 00000000 ____D C:\FRST
2015-08-24 19:18 - 2015-05-09 08:45 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 19:15 - 2015-05-09 08:45 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 19:15 - 2013-08-22 09:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-24 19:15 - 2013-02-25 15:07 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-24 19:14 - 2013-10-31 21:27 - 00000000 ____D C:\AdwCleaner
2015-08-24 19:00 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 18:26 - 2015-07-10 15:47 - 00000000 ___HD C:\$Windows.~BT
2015-08-24 18:04 - 2012-07-26 08:43 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 16:29 - 2013-02-25 15:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-23 13:22 - 2015-02-07 10:41 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Seznam Browser
2015-08-23 13:22 - 2014-09-14 12:05 - 00000000 _____ C:\WINDOWS\system32\sinstall.log
2015-08-23 13:13 - 2014-09-24 05:06 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-23 13:05 - 2013-08-22 08:13 - 63438848 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2015-08-23 13:05 - 2013-08-22 08:13 - 00032768 _____ C:\WINDOWS\system32\config\SAM.bak
2015-08-23 12:54 - 2015-06-09 19:31 - 00000000 ____D C:\Users\Josef\Desktop\Nová složka (2)
2015-08-23 12:54 - 2015-05-13 16:52 - 00000000 ____D C:\Users\Josef\Desktop\lukašek
2015-08-23 12:54 - 2014-11-30 13:32 - 00000000 ____D C:\Users\Josef\Desktop\Nová složka
2015-08-23 12:54 - 2013-07-26 15:41 - 00000000 ____D C:\Users\Josef\AppData\Roaming\All Free DVD to AVI Converter
2015-08-23 12:54 - 2013-04-02 10:05 - 00000000 ____D C:\Users\Josef\Desktop\programy
2015-08-23 12:54 - 2013-03-01 12:32 - 00000000 ____D C:\ProgramData\Skype
2015-08-23 12:54 - 2013-02-27 11:41 - 00000000 ____D C:\Users\Josef\Desktop\videoklipy
2015-08-23 12:54 - 2013-02-27 10:58 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Seznam.cz
2015-08-23 12:42 - 2012-07-26 06:17 - 00000225 _____ C:\WINDOWS\win.ini
2015-08-23 12:13 - 2014-05-27 18:09 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-23 12:13 - 2014-01-02 12:01 - 00113592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-23 12:13 - 2013-05-21 11:40 - 00433264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-23 12:13 - 2013-05-21 11:40 - 00081728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-23 12:13 - 2013-05-21 11:39 - 00788784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-08-23 12:13 - 2013-05-21 11:39 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-23 12:13 - 2013-03-05 20:43 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-23 12:13 - 2013-03-05 20:43 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-21 12:44 - 2014-12-19 17:23 - 00000000 ____D C:\Users\Josef\AppData\Local\Windows Live
2015-08-21 08:04 - 2014-12-19 17:24 - 00000000 ___RD C:\Users\Josef\OneDrive
2015-08-14 12:35 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-08-13 23:48 - 2013-02-27 11:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 20:11 - 2013-08-22 08:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-13 20:09 - 2014-12-10 20:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 20:09 - 2014-09-24 05:44 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:09 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 14:52 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 07:53 - 2013-02-27 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 07:18 - 2013-07-11 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-13 07:09 - 2013-02-26 15:24 - 129304528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 16:16 - 2015-06-08 11:10 - 00003919 _____ C:\Users\Josef\Documents\domácnost.ods
2015-08-10 14:17 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-09 19:38 - 2014-11-05 13:52 - 00000000 ____D C:\Users\Josef
2015-08-08 14:04 - 2014-12-01 18:54 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-08-08 13:47 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-08 13:47 - 2013-02-27 11:03 - 00000000 ____D C:\Program Files\MSBuild
2015-08-08 13:45 - 2014-12-19 17:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-08-08 13:45 - 2013-08-22 10:17 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-08 13:43 - 2014-09-24 04:50 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-08 10:52 - 2014-11-02 12:39 - 00000000 ____D C:\Users\Josef\AppData\Roaming\QuickScan
2015-08-08 10:52 - 2013-03-01 12:32 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Skype
2015-08-08 10:31 - 2014-02-22 13:09 - 00000000 ____D C:\Users\Josef\AppData\Roaming\AVG
2015-08-08 10:30 - 2014-09-14 12:16 - 00000000 ____D C:\Users\Josef\AppData\Roaming\Opera Software
2015-08-08 10:30 - 2014-09-13 08:01 - 00000000 ____D C:\Users\Josef\AppData\Local\AVG
2015-08-08 10:29 - 2014-02-22 13:08 - 00000000 ____D C:\ProgramData\AVG
2015-08-08 09:20 - 2013-04-10 17:18 - 00000000 ____D C:\Users\Josef\Documents\Recepty
2015-08-04 10:19 - 2014-02-22 13:16 - 00000000 ____D C:\Users\Josef\Desktop\písničky
2015-08-01 07:46 - 2015-04-17 08:24 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-29 22:52 - 2014-09-09 10:45 - 00000000 ____D C:\Users\Josef\AppData\Local\Adobe
2015-07-26 12:45 - 2013-04-04 22:46 - 00000000 ____D C:\Users\Josef\AppData\Roaming\vlc
2015-07-26 12:13 - 2015-07-08 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mámemail Pošťák
2015-07-26 12:13 - 2015-01-27 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-07-26 12:13 - 2014-12-14 06:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-26 12:13 - 2014-11-27 09:12 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-07-26 12:13 - 2014-10-19 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-26 12:13 - 2014-01-26 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-07-26 12:13 - 2013-07-26 10:16 - 00000000 ____D C:\Program Files\Bogan
2015-07-26 12:13 - 2013-07-21 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-26 12:13 - 2013-03-01 12:32 - 00000000 ___RD C:\Program Files\Skype
2015-07-26 12:13 - 2013-02-27 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-26 12:08 - 2013-08-22 10:17 - 00000000 ____D C:\WINDOWS\registration
2015-07-26 11:51 - 2014-04-07 14:59 - 00000000 ____D C:\Users\Josef\AppData\Roaming\DropboxMaster

==================== Files in the root of some directories =======

2014-09-15 16:41 - 2014-12-21 10:05 - 0087608 _____ () C:\Users\Josef\AppData\Roaming\inst.exe
2014-09-15 16:41 - 2014-12-21 10:05 - 0007887 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.cat
2014-09-15 16:41 - 2014-12-21 10:05 - 0001144 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.inf
2014-09-15 16:42 - 2014-12-21 10:05 - 0000055 _____ () C:\Users\Josef\AppData\Roaming\pcouffin.log
2014-09-15 16:41 - 2014-12-21 10:05 - 0047360 _____ (VSO Software) C:\Users\Josef\AppData\Roaming\pcouffin.sys
2014-12-19 17:47 - 2014-12-19 17:47 - 0003584 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-30 20:12 - 2013-10-31 19:37 - 0029696 _____ () C:\Users\Josef\AppData\Local\MSGBOX.EXE
2014-11-22 09:42 - 2014-11-22 15:32 - 0000044 _____ () C:\ProgramData\spds90.txt

Some files in TEMP:
====================
C:\Users\Josef\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 09:57

==================== End of FRST.txt ============================

[marvis]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2015
Ran by Josef (2015-08-24 19:53:46)
Running from C:\Users\Josef\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1760704405-2657957502-4182092959-500 - Administrator - Disabled)
Guest (S-1-5-21-1760704405-2657957502-4182092959-501 - Limited - Disabled)
Josef (S-1-5-21-1760704405-2657957502-4182092959-1001 - Administrator - Enabled) => C:\Users\Josef
UpdatusUser (S-1-5-21-1760704405-2657957502-4182092959-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Calme version 2014 (HKLM\...\{297ACAAE-FAAC-4817-A3BE-336F63399DA3}_is1) (Version: 2014 - Metin Elma)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Cross Racing Championship (HKLM\...\{448163D7-ACA4-4D83-8F57-D7D7AB697E65}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version: - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FormatFactory 3.3.1.0 (HKLM\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Youtube Mp3 Converter (HKLM\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mámemail Pošťák verze 1.3 (HKLM\...\{FF58C679-3D55-4F3C-90CF-A5F026710AE0}_is1) (Version: 1.3 - Mamemail.cz)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 40.0.2 (x86 cs)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiRes (remove only) (HKLM\...\MultiRes (remove only)) (Version: - )
Nero 2014 (HKLM\...\{9642EA87-3714-49A6-9E70-325CB18E6DE5}) (Version: 15.0.02500 - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero MediaHome Free (HKLM\...\{C9652153-FBF4-465F-A789-51476FF9BDFB}) (Version: 16.0.02800 - Nero AG)
Nero Prerequisite Installer 3.0 (HKLM\...\{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nvidia Omega Drivers Setup Files (HKLM\...\Nvidia Omega Drivers for Windows 2k-XPv1.6693) (Version: - )
NVIDIA Ovladač 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
Ovládací panel NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
Prerequisite installer (Version: 15.0.0010 - Nero AG) Hidden
Prerequisite installer (Version: 16.0.0004 - Nero AG) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Software Updater (HKLM\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION)
Start Menu 8 (HKLM\...\IObit_StartMenu8_is1) (Version: 1.3.0.0 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uživatelská příručka EPSON SX130 Series (HKLM\...\EPSON SX130 Series Useg) (Version: - )
VidCoder 1.4.25 (x86) (HKLM\...\VidCoder_is1) (Version: 1.4.25 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Webcam and Screen Recorder 1.0 (HKLM\...\Webcam and Screen Recorder_is1) (Version: - Web Solution Mart)
Webcam Screen Recorder 7.0 (HKLM\...\WCSRSetup7.0.0_is1) (Version: 7.0.0 - Web Solution Mart)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Josef\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Josef\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Josef\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

13-08-2015 06:51:47 Windows Update
17-08-2015 15:56:41 Odebráno: AVG PC TuneUp 2015
23-08-2015 08:25:06 Windows Update
23-08-2015 12:55:03 Created by Wise Care 365

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ED0E633-E4DB-42E3-AE69-B718F20D37E3} - System32\Tasks\{765F1A27-2C44-4F18-A702-F50EC8A5E1E5} => pcalua.exe -a C:\Users\Josef\Desktop\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe -d C:\Users\Josef\Desktop
Task: {15D25566-FE71-4846-B9AA-C11CE22CB5AB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {1666889D-2AD7-4378-8024-17AF7AE47976} - System32\Tasks\{C274966D-0B00-4750-98DF-D76CAB3BA33D} => pcalua.exe -a C:\Users\Josef\Desktop\setup.exe -d C:\Users\Josef\Desktop
Task: {19D1303E-7334-4382-877F-C837A10A8EE9} - System32\Tasks\{AA430657-C74F-4458-AD9E-0D92F798F56D} => Firefox.exe http://ui.skype.com/ui/0/6.11.60.102/cs ... rogressBar
Task: {1C2A27FB-230F-461E-94B8-123000C5E69D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {20E8FFB9-9EBB-4361-B3AB-1638F60F3C9F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {25F6C379-B0FA-4326-B0B7-749050CF51A1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {29FF1EB3-14F3-453F-AADF-1A351A998A1A} - System32\Tasks\{9980D277-650E-4E76-AAE6-974985CE6931} => pcalua.exe -a "C:\Program Files\epson\escndv\setup\setup.exe" -c /r
Task: {2A5F1363-840F-4746-BDB4-AD3CAE70ED97} - System32\Tasks\{F6998EBF-A628-42DC-92D5-6D6454A4A86B} => pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {3263E763-C67E-40F0-9017-E9B2A9BD013F} - System32\Tasks\{D3D7C679-A73D-431F-BC9A-F11C9A556347} => pcalua.exe -a C:\Users\Josef\Desktop\hry\Mafia\Game.exe -d C:\Users\Josef\Desktop\hry\Mafia
Task: {411098A8-0853-479B-9457-C1D4236D63A1} - System32\Tasks\{FAD744D2-A5D7-41E5-9BFE-FAA9B71D9E42} => pcalua.exe -a C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe -c /Uninstall /{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} /su=613537e78c896821 /um
Task: {454437BE-1F2B-49F8-9332-E4475AF3F30D} - System32\Tasks\Josef Nero LIVEBackup Merge 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe
Task: {45A342E1-3436-44BD-BDA7-557DAFB035E7} - System32\Tasks\{3FB617F4-26FE-43DB-B5CE-7C9E88C51FE2} => pcalua.exe -a C:\Users\Josef\AppData\Local\WebVentures\BandzPro\uninst_634984530301095806.exe -c -u
Task: {48343E4C-CECA-4BCE-B3FC-019CA23B5BE3} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-03-04] (Nero AG)
Task: {5754C913-CEEB-4B75-B3ED-0C4881AA2B15} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-23] (AVAST Software)
Task: {6123E550-7D9D-4E2F-BC91-8DDAE5FE394D} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: {66A829C2-69FF-4B26-976C-6DE2D7C4F2E5} - System32\Tasks\{B7D525ED-EAD4-4F98-A134-0834F27337AB} => pcalua.exe -a "C:\Users\Josef\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {70E003D3-074F-4E3D-9CB2-1CAE4C2769E2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1760704405-2657957502-4182092959-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {75552FDD-663F-49B0-8B9D-F33188922012} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001Core => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {87937E75-91AB-4645-86D9-EE1BB249264C} - System32\Tasks\{10B75E3B-D2B7-46B2-9C7C-C2A17BF5E64A} => pcalua.exe -a D:\Windows_7_Genuine\install_w7ldr.exe -d D:\Windows_7_Genuine
Task: {88AB0088-D1CF-44EE-BE15-6B22000527A5} - System32\Tasks\Josef Nero LIVEBackup 12 0 => C:\Program Files\Nero\Nero 12\Nero BackItUp\NBCore.exe
Task: {8FD422B7-502F-49F2-BD2A-F1EF81CBDAFE} - System32\Tasks\{8C04C9F3-03E4-402B-AD8B-706AEAA45286} => pcalua.exe -a "C:\Users\Josef\AppData\Roaming\Seznam Browser\uninstall.exe"
Task: {9E32D5D4-F9B3-440F-AB25-9575A6AF084F} - \Uninstaller_SkipUac_Josef -> No File <==== ATTENTION
Task: {AEC93DD5-FEC1-49C1-82A4-25FD35FF7DDC} - System32\Tasks\StartMenuAutoupdate => C:\Program Files\IObit\Start Menu 8\AutoUpdate.exe [2015-01-16] (IObit)
Task: {B3C2740E-77AD-4FCD-B833-86C111F76834} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {CB57BB3A-F1E5-4E7B-BC69-32BBA5D17A58} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe
Task: {CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {DBFA11CF-E322-42B3-A4FA-55377B5FE057} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-13] (Microsoft Corporation)
Task: {E4403B10-84D4-409A-B9C0-1E8D82D43271} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F4E803A4-6A74-4D21-9D5A-70603184EF2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-23 12:13 - 2015-08-23 12:13 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-23 12:13 - 2015-08-23 12:13 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-24 13:23 - 2015-08-24 13:23 - 02960896 _____ () C:\Program Files\AVAST Software\Avast\defs\15082400\algo.dll
2013-03-05 13:27 - 2013-09-29 19:05 - 00348992 _____ () C:\Program Files\IObit\Start Menu 8\madExcept_.bpl
2013-03-05 13:27 - 2013-09-29 19:05 - 00183616 _____ () C:\Program Files\IObit\Start Menu 8\madBasic_.bpl
2013-03-05 13:27 - 2013-09-29 19:05 - 00051008 _____ () C:\Program Files\IObit\Start Menu 8\madDisAsm_.bpl
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-05 13:27 - 2013-09-29 19:05 - 00074560 _____ () C:\Program Files\IObit\Start Menu 8\InstallServices32.exe
2013-10-19 07:46 - 2013-09-29 19:05 - 00040256 _____ () C:\Program Files\IObit\Start Menu 8\winkey.dll
2015-04-05 08:33 - 2015-04-05 08:33 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-04 21:25 - 2015-05-04 21:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img10.jpg
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "Guard.Mail.ru.gui"
HKLM\...\StartupApproved\Run: => "SODCPreLoad"
HKLM\...\StartupApproved\Run: => "PAC7302_Monitor"
HKLM\...\StartupApproved\Run: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "Seznam.chromeUpdatePref"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "SODCPreLoad"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "NextLive"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{C7588B09-FDDA-4900-979F-97C26FDC83FF}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{AD43A2AE-AFE0-43C4-A850-0EB50DC165F2}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{241CD575-D9F9-46BA-B93C-B570597615FB}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{CE919D12-7833-4C9C-AE08-6F341167BFEF}] => (Allow) C:\Users\Josef\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{D07E6412-0280-4080-AF67-91A39947962A}] => (Allow) C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{64A9ED12-46B6-4BA1-BFB7-00D27D0B6C6C}] => (Allow) C:\Users\Josef\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20055EB7-7A76-4FBD-BFEC-B6D3CF00063F}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{46C0BBEE-88A7-4360-8D4B-1646B23997EA}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{56AF0C8F-4B58-44B8-B3A7-DD3A7751B002}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{4C7255AC-3B2B-47C6-8405-3EE3FEA5088F}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{EC7B114A-2A65-4FD2-A32B-146D943A32AD}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [{060B6564-3F67-497E-A357-5569759528C2}] => (Allow) C:\Program Files\ICQ7.7\ICQ.exe
FirewallRules: [UDP Query User{5870F4A4-CC2B-42BA-85EB-6C03E6BBDFCF}C:\program files\cross racing championship\crc.exe] => (Block) C:\program files\cross racing championship\crc.exe
FirewallRules: [TCP Query User{A22D57CD-2129-4E61-9077-FCCD9555C659}C:\program files\cross racing championship\crc.exe] => (Block) C:\program files\cross racing championship\crc.exe
FirewallRules: [{BBACCDF6-F4D9-45D8-9125-DE939FF9225D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6B5C2C81-CE36-4036-8164-C0C864E7980D}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{F88A4491-2FDF-4A20-A93C-04904E36E396}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{FFD612E3-1FF9-4E13-A680-DB8677D654A6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{18147896-40DC-4BDA-94A0-B114E50EB12A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{68EB0D2D-D27E-49D1-B361-34DE49956ED0}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2CCD8B03-ED29-46DF-98FB-99357CCF62A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{B54FA5B4-B6F0-4D1A-B1D8-EFB1ABEC7D18}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{ED3D24F0-9907-4AB3-85D6-3DACB349E5B6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{337B7231-0191-40AA-B7A2-B5D2E69BFC25}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1D7791B0-F4DA-4C67-98EB-0CA44CB4FD5D}] => (Allow) LPort=2869
FirewallRules: [{7953FB37-9780-4584-8EFE-31C79D4340C8}] => (Allow) LPort=1900
FirewallRules: [{7CFAB17D-EA70-4010-BC4F-F2A66F6C5E1D}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{997DEE8C-DC0D-47D5-9497-214B9FF89103}E:\hry\dead island\deadislandgame.exe] => (Block) E:\hry\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{17DFF866-9201-479D-A3D1-19B7B6BB3DF0}E:\hry\dead island\deadislandgame.exe] => (Block) E:\hry\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{16EEE3DC-6806-49A9-A74C-DD356EBEECDD}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4F44A71A-0004-40BB-9D2B-AA4D36B2176B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{9748C480-D946-4CF2-A57A-6EAB31162545}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{0D32354C-53F6-4DE2-8A41-720093746217}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{17AAF757-FE22-4084-B467-BFD9C37DF4DE}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{69635FEE-332F-4D7D-A4A7-4D0141288FF7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACFEC6C3-4151-452D-B032-FE760C607A26}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B21BFA11-6AA5-4301-BDC6-68A00C04F90E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2015 04:27:20 PM) (Source: MsiInstaller) (EventID: 1024) (User: pc)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011012} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (08/24/2015 07:30:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240020): Upgrade na Windows 10 Pro.

Error: (08/24/2015 07:17:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 07:17:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/24/2015 07:15:16 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (08/24/2015 07:14:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%1062

Error: (08/24/2015 07:14:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 07:14:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 07:14:41 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/24/2015 07:14:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (08/24/2015 07:14:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (08/24/2015 04:27:20 PM) (Source: MsiInstaller) (EventID: 1024) (User: pc)
Description: Adobe Reader XI - Czech{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)


CodeIntegrity:
===================================
Date: 2015-08-13 06:02:48.783
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-13 05:53:44.648
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-12 06:02:18.126
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-12 05:53:02.909
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-11 07:02:30.104
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-11 06:44:35.574
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 07:38:03.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-10 07:17:01.736
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 06:46:23.306
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-08-09 06:42:52.562
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Genuine Intel(R) CPU 2140 @ 1.60GHz
Percentage of memory in use: 34%
Total physical RAM: 2047.43 MB
Available physical RAM: 1339.86 MB
Total Virtual: 2687.43 MB
Available Virtual: 1717.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:171.13 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 9E093DA3)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {9E32D5D4-F9B3-440F-AB25-9575A6AF084F} - \Uninstaller_SkipUac_Josef -> No File <==== ATTENTION
Task: {CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {E4403B10-84D4-409A-B9C0-1E8D82D43271} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {6e20ca39-3130-4936-819a-f18670436464} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
Toolbar: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-14]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-03]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - <no Path\update_url>
C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\Josef\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[marvis]

Fix result of Farbar Recovery Scan Tool (x86) Version:24-08-2015
Ran by Josef (2015-08-25 16:01:00) Run:1
Running from C:\Users\Josef\Desktop
Loaded Profiles: Josef (Available Profiles: Josef & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
Task: {9E32D5D4-F9B3-440F-AB25-9575A6AF084F} - \Uninstaller_SkipUac_Josef -> No File <==== ATTENTION
Task: {CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
Task: {E4403B10-84D4-409A-B9C0-1E8D82D43271} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA => C:\Users\Josef\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> {6e20ca39-3130-4936-819a-f18670436464} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
Toolbar: HKU\S-1-5-21-1760704405-2657957502-4182092959-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-14]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-03]
CHR Extension: (No Name) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR HKLM\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - <no Path\update_url>
C:\WINDOWS\system32\ApnDatabase.xml
C:\Users\Josef\AppData\Local\Temp
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E32D5D4-F9B3-440F-AB25-9575A6AF084F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E32D5D4-F9B3-440F-AB25-9575A6AF084F}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Josef" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC4B25B2-C5C0-45B8-B2D7-68BA6729C93D}" => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4403B10-84D4-409A-B9C0-1E8D82D43271}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4403B10-84D4-409A-B9C0-1E8D82D43271}" => key removed successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-1760704405-2657957502-4182092959-1001UA" => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully.
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6e20ca39-3130-4936-819a-f18670436464}" => key removed successfully.
HKCR\CLSID\{6e20ca39-3130-4936-819a-f18670436464} => key not found.
HKU\S-1-5-21-1760704405-2657957502-4182092959-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik => moved successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => moved successfully
C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf" => key removed successfully.
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully

"C:\Users\Josef\AppData\Local\Temp" folder move:

Could not move "C:\Users\Josef\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-25 16:03:14)<=

C:\Users\Josef\AppData\Local\Temp => moved successfully

==== End of Fixlog 16:03:15 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[marvis]

je to pořád stejné, dlouho to trvá, jediný co je rychlé tak to je přihlášení sem. Já už nevím proč to je tak pomalé.

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.