VIRY.CZ

PC je dosť spomalený.

Predom ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by Vilo (administrator) on VILKO (19-11-2015 11:57:15)
Running from C:\Users\Vilo\Desktop
Loaded Profiles: Vilo (Available Profiles: Vilo)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(M. Charvát) C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Vilo\Desktop\FRSTLauncher.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe"
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => No File
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{BF713D1C-9C2E-440D-ADCD-F8E3E2A11B3F}: [DhcpNameServer] 192.168.0.2 192.168.0.3

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKLM-x32 - (No Name) - {31264a33-a653-46c4-af49-1232c59a7da5} - No File
URLSearchHook: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 - (No Name) - {31264a33-a653-46c4-af49-1232c59a7da5} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> DefaultScope {0EE77D68-9224-4397-83DB-F22CBCBD50AB} URL = hxxp://www.globasearch.com/?serie=3209&install ... earchTerms}
SearchScopes: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> {0C4421F3-ABAF-4C20-8FC7-614A0176DAF8} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403 ... earchTerms}
SearchScopes: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> {0EE77D68-9224-4397-83DB-F22CBCBD50AB} URL = hxxp://www.globasearch.com/?serie=3209&install ... earchTerms}
SearchScopes: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> {51F4A266-4A07-4C1B-9D8E-12FBAEC15E6C} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=172
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: No Name -> {31264a33-a653-46c4-af49-1232c59a7da5} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {31264A33-A653-46C4-AF49-1232C59A7DA5} - No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {31264a33-a653-46c4-af49-1232c59a7da5} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> No Name - {31264A33-A653-46C4-AF49-1232C59A7DA5} - No File
Toolbar: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default
FF NewTab: hxxp://www.globasearch.com/?serie=3209&b=2&ins ... AFX&newtab
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.sk/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-973648956-3309636155-3697473859-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vilo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-13] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\user.js [2014-06-22]
FF SearchPlugin: C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\searchplugins\bingp.xml [2014-11-26]
FF SearchPlugin: C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\searchplugins\dsrlte.xml [2015-01-18]
FF Extension: HD4EVER - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [2015-10-12] [not signed]
FF Extension: Bing Search Engine - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\bingsearch.full@microsoft.com [2015-03-28] [not signed]
FF Extension: Fast Start - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\faststartff@gmail.com [2014-07-14] [not signed]
FF Extension: BS Player ControlBar B - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\{31264a33-a653-46c4-af49-1232c59a7da5} [2015-07-27] [not signed]
FF Extension: Adblock Plus - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\faststartff@gmail.com [2014-07-14] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-07] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Profile: C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Prezentácie Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14]
CHR Extension: (Dokumenty Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Disk Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-30]
CHR Extension: (YouTube) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (Google Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Adobe Acrobat – Vytvoriť PDF) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-07-14]
CHR Extension: (Bing) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-14]
CHR Extension: (Tabuľky Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Gmail) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-973648956-3309636155-3697473859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3512928 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-28] (Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-09-14] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-09-14] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; C:\Windows\System32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [48784 2014-11-29] (StdLib)
R1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; C:\Windows\System32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [48784 2014-11-28] (StdLib)
R1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; C:\Windows\System32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [48784 2014-11-27] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-19 11:57 - 2015-11-19 11:59 - 00025720 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 11:56 - 2015-11-19 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\Vilo\Desktop\FRSTLauncher.exe
2015-11-19 11:54 - 2015-11-19 11:57 - 00000000 ____D C:\FRST
2015-11-19 11:49 - 2015-11-19 11:49 - 02008576 _____ (Farbar) C:\Users\Vilo\Downloads\FRST64.exe
2015-11-19 11:49 - 2015-11-19 11:49 - 02008576 _____ (Farbar) C:\Users\Vilo\Desktop\FRST64.exe
2015-11-19 11:27 - 2015-11-19 11:27 - 00000000 _____ C:\Windows\WindowsUpdate.log
2015-11-19 11:26 - 2015-11-19 11:26 - 00000348 _____ C:\Windows\setupact.log
2015-11-19 11:26 - 2015-11-19 11:26 - 00000000 _____ C:\Windows\setuperr.log
2015-11-19 11:18 - 2015-11-19 11:19 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
2015-11-19 11:18 - 2015-11-19 11:18 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 11:18 - 2015-11-19 11:18 - 00001043 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 11:18 - 2015-11-19 11:18 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\TeamViewer
2015-11-19 11:13 - 2015-11-19 11:13 - 00000000 ____D C:\Windows\pss
2015-11-19 11:11 - 2015-11-19 11:11 - 00018764 _____ C:\Users\Vilo\Documents\cc_20151119_111121.reg
2015-11-17 18:46 - 2015-11-17 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 18:46 - 2015-11-17 18:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-10-22 19:17 - 2015-11-19 11:09 - 00000000 ____D C:\Users\Vilo\AppData\Local\CrashDumps
2015-10-22 18:34 - 2015-10-22 18:34 - 00010326 _____ C:\Users\Vilo\Downloads\Your Electronic Ticket Receipt.pdf.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-19 11:48 - 2014-04-10 14:04 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\ClassicShell
2015-11-19 11:43 - 2014-04-10 14:30 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\Skype
2015-11-19 11:36 - 2014-04-08 11:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-973648956-3309636155-3697473859-1001
2015-11-19 11:33 - 2015-06-08 14:33 - 00003114 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-1-6.job
2015-11-19 11:33 - 2014-04-10 14:45 - 00047512 _____ C:\Windows\system32\perfh01B.dat
2015-11-19 11:33 - 2014-04-10 14:45 - 00011800 _____ C:\Windows\system32\perfc01B.dat
2015-11-19 11:33 - 2014-04-08 11:05 - 00907186 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 11:32 - 2015-06-08 14:32 - 00005494 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-6.job
2015-11-19 11:32 - 2015-06-08 14:32 - 00002088 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-10_user.job
2015-11-19 11:28 - 2015-08-12 08:09 - 00021439 _____ C:\Users\Vilo\rgmnr
2015-11-19 11:27 - 2014-11-04 16:40 - 00000000 ____D C:\Users\Vilo\AppData\Local\LogMeIn Hamachi
2015-11-19 11:26 - 2015-06-08 14:33 - 00004470 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-4.job
2015-11-19 11:26 - 2015-06-08 14:33 - 00003114 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-1-7.job
2015-11-19 11:26 - 2015-06-08 14:33 - 00002422 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-5_user.job
2015-11-19 11:26 - 2015-06-08 14:33 - 00002422 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-5.job
2015-11-19 11:26 - 2015-06-08 14:32 - 00005158 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-7.job
2015-11-19 11:26 - 2015-06-08 14:32 - 00004816 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-11.job
2015-11-19 11:26 - 2015-06-08 14:32 - 00004134 _____ C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-3.job
2015-11-19 11:26 - 2014-04-09 14:42 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 11:26 - 2014-04-08 11:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-19 11:26 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 11:26 - 2013-08-22 15:44 - 00482336 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-19 11:06 - 2014-04-08 11:17 - 00003810 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{755016B7-1ED8-4AF9-8BAE-4D2AD814094D}
2015-11-19 11:04 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-19 11:02 - 2015-08-13 18:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-17 21:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-17 16:10 - 2015-04-14 18:11 - 00000000 ____D C:\Users\Vilo\Desktop\Moje videa
2015-11-17 15:52 - 2015-08-30 20:27 - 00000000 ____D C:\Martinka
2015-11-17 15:49 - 2015-03-19 14:37 - 00000000 ____D C:\Users\Vilo\Documents\Bandicam
2015-11-17 13:43 - 2015-05-29 14:13 - 00000000 ____D C:\Users\Public\StarStableOnline
2015-11-12 10:58 - 2014-04-09 14:52 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-10 18:50 - 2014-04-08 16:56 - 00000000 ____D C:\Users\Vilo
2015-11-05 13:21 - 2014-08-29 13:55 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\.minecraft
2015-11-03 18:21 - 2014-04-12 17:19 - 00000000 ____D C:\Mamka
2015-11-03 15:29 - 2014-04-12 17:20 - 00000000 ____D C:\Tati
2015-10-31 09:21 - 2014-04-10 14:30 - 00000000 ____D C:\ProgramData\Skype
2015-10-21 17:15 - 2015-08-04 12:53 - 00000000 ____D C:\Users\Vilo\Desktop\PaintTool SAI English Pack

==================== Files in the root of some directories =======

2014-06-21 17:50 - 2014-06-21 17:53 - 0000000 _____ () C:\Users\Vilo\AppData\Roaming\AVSMediaPlayer.m3u
2015-03-29 13:14 - 2015-03-29 13:14 - 0000000 ___SH () C:\Users\Vilo\AppData\Local\LumaEmu
2015-08-01 14:14 - 2015-08-01 14:14 - 29593968 _____ (Sony Mobile Communications ) C:\Users\Vilo\AppData\Local\pcc.exe
2014-04-08 11:21 - 2014-04-08 11:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-21 17:39

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:198.88 GB) (Free:93.68 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:732.29 GB) (Free:725.31 GB) NTFS

Available physical RAM: 6283.79 MB
Total physical RAM: 8130.36 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D0948BE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=732.3 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-1-6.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-1-7.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-10_user.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-11.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-3.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-4.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-5.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-5_user.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-6.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\5bec9f3e-4b77-444d-985e-82e6ff890720-7.job => C:\Program Files (x86)\GoHD\5bec9f3e-4b77-444d-985e-82e6ff890720-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vilo\Desktop" je 6364 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Krasny den Vam preju

Predpokladam, ze BitCoiny tezite nevedomky, je tak?

Odinstalujte

Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

10. listopadu 2015 byly vydane nove aktualizace operacniho systemu - alespon ty dulezite nainstalujte.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

O Bitcoinoch sa nikto v rodine nepriznal.

# AdwCleaner v5.021 - Logfile created 19/11/2015 at 17:18:05
# Updated 14/11/2015 by Xplode
# Database : 2015-11-17.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Vilo - VILKO
# Running from : C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\Tbccint
[-] Folder Deleted : C:\Program Files (x86)\RCP
[-] Folder Deleted : C:\Program Files (x86)\GoHD
[!] Folder Not Deleted : C:\Program Files (x86)\GoHD
[!] Folder Not Deleted : C:\Program Files (x86)\Tbccint
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\IePluginServices
[-] Folder Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\WindowsProtectManger
[!] Folder Not Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\Users\Vilo\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Vilo\AppData\Local\Tbccint
[-] Folder Deleted : C:\Users\Vilo\AppData\Local\Windesk_Winsearch
[!] Folder Not Deleted : C:\Users\Vilo\AppData\Local\Tbccint
[-] Folder Deleted : C:\Users\Vilo\AppData\LocalLow\PriceGong
[-] Folder Deleted : C:\Users\Vilo\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\Vilo\AppData\LocalLow\BS_Player_ControlBar_B
[!] Folder Not Deleted : C:\Users\Vilo\AppData\LocalLow\BS_Player_ControlBar_B
[!] Folder Not Deleted : C:\Users\Vilo\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\Vilo\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\CT3329621
[-] Folder Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\faststartff@gmail.com
[-] Folder Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com
[-] Folder Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\{31264a33-a653-46c4-af49-1232c59a7da5}
[#] Folder Deleted : C:\Windows\SysNative\Tasks\RegClean Pro

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fijhlnmmmgflacagjecncpmpnhjieggk_0.localstorage
[-] File Deleted : C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fijhlnmmmgflacagjecncpmpnhjieggk_0
[-] File Deleted : C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijhlnmmmgflacagjecncpmpnhjieggk
[-] File Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\searchplugins\bingp.xml
[-] File Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\searchplugins\dsrlte.xml
[-] File Deleted : C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\user.js
[-] File Deleted : C:\Windows\SysNative\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : RegClean Pro
[-] Task Deleted : Yahoo! Search Updater
[-] Task Deleted : PaintTool SAI
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-1-6
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-1-7
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-10_user
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-11
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-3
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-4
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-5
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-5_user
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-6
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-7
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-1-6
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-1-7
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-10_user
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-11
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-3
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-4
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-5
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-5_user
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-6
[-] Task Deleted : 5bec9f3e-4b77-444d-985e-82e6ff890720-7

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\9cde87ca-ebe1-4db5-a2b8-2d2519584f29
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{3a1209a4-8568-40f0-9b5e-4a06a2a06417}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3a1209a4-8568-40f0-9b5e-4a06a2a06417}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264a33-a653-46c4-af49-1232c59a7da5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[!] Value Not Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264a33-a653-46c4-af49-1232c59a7da5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[!] Value Not Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264a33-a653-46c4-af49-1232c59a7da5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[!] Value Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264a33-a653-46c4-af49-1232c59a7da5}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3a1209a4-8568-40f0-9b5e-4a06a2a06417}
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[!] Value Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264a33-a653-46c4-af49-1232c59a7da5}]
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\Reg\Clean
[!] Key Not Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\GoHD-nv
[-] Key Deleted : HKCU\Software\GoHD-nv-ie
[!] Key Not Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\supWindowsProtectManger
[-] Key Deleted : HKLM\SOFTWARE\sweet-pageSoftware
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[!] Key Not Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\GoHD-nv
[-] Key Deleted : HKLM\SOFTWARE\GoHD-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\GoHD-nv
[-] Key Deleted : HKU\.DEFAULT\Software\GoHD-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0C4421F3-ABAF-4C20-8FC7-614A0176DAF8}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0EE77D68-9224-4397-83DB-F22CBCBD50AB}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{51F4A266-4A07-4C1B-9D8E-12FBAEC15E6C}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Web browsers ] *****

[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.FF19Solved", "true");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.UserID", "UN40759520622071130");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.dum", "2");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.fullUserID", "UN40759520622071130.IN.20140610092215");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installDate", "10/06/2014 09:22:17");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installSessionId", "365fad67-aa33-44a3-bb99-7c881bf1cf88");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installSp", "FALSE");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.installerVersion", "1.11.0.9");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchRevert", "false");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchUninstallUserMode", "4");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.searchUserMode", "4");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.toolbarInstallDate", "10-06-2014 09:22:15");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.versionFromInstaller", "10.31.2.1");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("CT3329621.xpeMode", "1");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.globasearch.com/?serie=3209&b=2&ins ... AFX&newtab");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("extensions.af8783004c4344bd09f819a39dd64baaa08ad07c43f21451d90459e0d5dc8aa9ecom56116.56116.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("extensions.af8783004c4344bd09f819a39dd64baaa08ad07c43f21451d90459e0d5dc8aa9ecom56116.56116.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "14dd44f23335ba8edaec33af351c6834");
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "NPAE3K+MGKNXZDABU7RNKI4XDW63CMH0Q403ZMZGQFINAHHZTY36/4ONRDSKFLPHFADJCB6AQZWS68CUADWVUG");
[-] [C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] [C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19988 bytes] ##########

Dejte prosim nove logy z FRST jako v prvnim prispevku.

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vilo\Desktop" je 6365 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

Addition.rar: (4.8 KiB) Staženo 64 x

Ešte pri štarte WIN nabehne toto okno (v prílohe)

: Snímka.PNG (7.61 KiB) Zobrazeno 2720 x

Spustte samotny FRST64.exe (bez FRSTLauncheru) a kliknete na Scan - vysledny FRST.txt vlozte.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by Vilo (administrator) on VILKO (19-11-2015 18:43:59)
Running from C:\Users\Vilo\Desktop
Loaded Profiles: Vilo (Available Profiles: Vilo)
Platform: Windows 8 Pro (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(M. Charvát) C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe"
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{BF713D1C-9C2E-440D-ADCD-F8E3E2A11B3F}: [DhcpNameServer] 192.168.0.2 192.168.0.3

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-973648956-3309636155-3697473859-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.sk/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @gametree.co.kr/GTL -> C:\ProgramData\Gametree\GTL\npGTL.dll [2013-06-13] (NtreevSoft)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-973648956-3309636155-3697473859-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vilo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-13] (Unity Technologies ApS)
FF Extension: No Name - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [not found]
FF Extension: Bing Search Engine - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\bingsearch.full@microsoft.com [2015-03-28] [not signed]
FF Extension: Adblock Plus - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-07] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Profile: C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Prezentácie Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14]
CHR Extension: (Dokumenty Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Disk Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-30]
CHR Extension: (YouTube) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (Google Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Adobe Acrobat – Vytvoriť PDF) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-07-14]
CHR Extension: (Bing) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-14]
CHR Extension: (Tabuľky Google) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Gmail) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-973648956-3309636155-3697473859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3512928 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-28] (Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-09-14] ()
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-09-14] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; system32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [X]
S1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; system32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [X]
S1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; system32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-19 18:16 - 2015-11-19 18:43 - 00020096 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 18:15 - 2015-11-19 18:15 - 00013511 _____ C:\Users\Vilo\Desktop\Addition.txt
2015-11-19 18:11 - 2015-11-19 18:11 - 00015327 _____ C:\Users\Vilo\Desktop\LM.bat
2015-11-19 17:17 - 2015-11-19 17:18 - 00000000 ____D C:\AdwCleaner
2015-11-19 17:14 - 2015-11-03 01:23 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-19 17:14 - 2015-11-03 01:23 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-19 17:02 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-11-19 17:02 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-11-19 17:01 - 2015-01-06 04:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-11-19 17:01 - 2015-01-06 03:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-11-19 17:01 - 2015-01-06 02:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-11-19 17:01 - 2015-01-06 02:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-11-19 16:54 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-19 16:54 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2015-11-19 16:54 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-19 16:54 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-19 16:54 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-19 16:54 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2015-11-19 16:54 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-19 16:54 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-19 16:54 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-11-19 16:54 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-11-19 16:54 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-11-19 16:54 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-11-19 16:54 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls
2015-11-19 16:54 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls
2015-11-19 16:54 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-19 16:54 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-19 16:54 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-11-19 16:54 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-11-19 16:54 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-11-19 16:54 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-11-19 16:54 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-11-19 16:54 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-11-19 16:54 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-11-19 16:54 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-19 16:54 - 2015-10-10 19:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2015-11-19 16:54 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-19 16:54 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-19 16:54 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-19 16:54 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-11-19 16:54 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-19 16:54 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2015-11-19 16:54 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2015-11-19 16:54 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-11-19 16:54 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-11-19 16:54 - 2015-05-01 02:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-11-19 16:54 - 2015-05-01 02:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-11-19 16:54 - 2015-05-01 02:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-11-19 16:54 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-11-19 16:54 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-11-19 16:54 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-11-19 16:54 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-11-19 16:54 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-11-19 16:54 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-11-19 16:54 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-11-19 16:54 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-11-19 16:54 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-11-19 16:54 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-11-19 16:54 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-11-19 16:54 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-11-19 16:54 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-11-19 16:54 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-11-19 16:54 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-11-19 16:54 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-11-19 16:54 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-11-19 16:54 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-11-19 16:54 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-11-19 16:54 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-11-19 16:54 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-11-19 16:54 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-11-19 16:54 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-11-19 16:54 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-11-19 16:54 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-11-19 16:54 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-11-19 16:54 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-11-19 16:54 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-11-19 16:54 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-11-19 16:54 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-11-19 16:54 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-11-19 16:54 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-11-19 16:54 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-11-19 16:54 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-11-19 16:54 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-11-19 16:54 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-11-19 16:54 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-11-19 16:54 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-11-19 16:54 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-11-19 16:54 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-11-19 16:54 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-11-19 16:54 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-11-19 16:54 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-11-19 16:54 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-11-19 16:54 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-11-19 16:54 - 2014-10-29 04:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-11-19 16:54 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-11-19 16:54 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-11-19 16:54 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-11-19 16:54 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-11-19 16:54 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-11-19 16:54 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-11-19 16:54 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-11-19 16:54 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-11-19 16:54 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-11-19 16:54 - 2014-10-17 05:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-11-19 16:54 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-11-19 16:53 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2015-11-19 16:53 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-11-19 16:53 - 2015-09-28 19:31 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-11-19 16:53 - 2015-09-28 19:24 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-11-19 16:51 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
2015-11-19 16:50 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Downloads\adwcleaner_5.021.exe
2015-11-19 16:44 - 2015-11-19 17:18 - 00001752 _____ C:\Windows\PFRO.log
2015-11-19 15:09 - 2015-11-19 15:09 - 00000000 ____D C:\Users\Vilo\AppData\Local\CEF
2015-11-19 15:08 - 2015-11-19 15:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-19 15:08 - 2015-11-19 15:08 - 00002067 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-19 12:01 - 2015-11-19 18:17 - 00004911 _____ C:\Users\Vilo\Desktop\Addition.rar
2015-11-19 11:56 - 2015-11-19 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\Vilo\Desktop\FRSTLauncher.exe
2015-11-19 11:54 - 2015-11-19 18:43 - 00000000 ____D C:\FRST
2015-11-19 11:49 - 2015-11-19 11:49 - 02008576 _____ (Farbar) C:\Users\Vilo\Downloads\FRST64.exe
2015-11-19 11:49 - 2015-11-19 11:49 - 02008576 _____ (Farbar) C:\Users\Vilo\Desktop\FRST64.exe
2015-11-19 11:27 - 2015-11-19 18:36 - 00924779 _____ C:\Windows\WindowsUpdate.log
2015-11-19 11:26 - 2015-11-19 18:20 - 00001740 _____ C:\Windows\setupact.log
2015-11-19 11:26 - 2015-11-19 11:26 - 00000000 _____ C:\Windows\setuperr.log
2015-11-19 11:18 - 2015-11-19 16:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
2015-11-19 11:18 - 2015-11-19 11:18 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-19 11:18 - 2015-11-19 11:18 - 00001043 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-19 11:18 - 2015-11-19 11:18 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\TeamViewer
2015-11-19 11:13 - 2015-11-19 11:13 - 00000000 ____D C:\Windows\pss
2015-11-19 11:11 - 2015-11-19 11:11 - 00018764 _____ C:\Users\Vilo\Documents\cc_20151119_111121.reg
2015-11-19 11:11 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-11-19 11:11 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-11-17 18:46 - 2015-11-17 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-17 18:46 - 2015-11-17 18:46 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-11-11 12:04 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 12:04 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 12:04 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 12:04 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 12:04 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 12:04 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 12:04 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 12:04 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 12:04 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 12:04 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 12:04 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 12:04 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 12:04 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 12:04 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 12:04 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 12:04 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 12:04 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 12:04 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 12:04 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 12:04 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 12:04 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 12:04 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 12:04 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 12:04 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 12:04 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 12:04 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 12:04 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 12:04 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 12:04 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 12:04 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 12:03 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 12:03 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 12:03 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 12:03 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 12:03 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 12:03 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 12:03 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 12:03 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 12:03 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 12:03 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 12:03 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 12:03 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 12:03 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 12:03 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 12:03 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 12:03 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 12:03 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 12:03 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 12:03 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 12:03 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 12:03 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 12:03 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 12:03 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 12:03 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 12:03 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 12:03 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 12:03 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 12:03 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 12:03 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 12:03 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 12:03 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 12:03 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 12:03 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 12:03 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 12:03 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 12:03 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 12:03 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 12:03 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 12:03 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 12:03 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 12:03 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 12:03 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 12:03 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 12:03 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 12:03 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 12:03 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 12:03 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 12:03 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 12:03 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 12:03 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 12:03 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 12:02 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 12:02 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 12:02 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 12:02 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 12:02 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 12:02 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 12:02 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 12:02 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-10-22 19:17 - 2015-11-19 11:09 - 00000000 ____D C:\Users\Vilo\AppData\Local\CrashDumps
2015-10-22 18:34 - 2015-10-22 18:34 - 00010326 _____ C:\Users\Vilo\Downloads\Your Electronic Ticket Receipt.pdf.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-19 18:27 - 2014-04-10 14:45 - 00047512 _____ C:\Windows\system32\perfh01B.dat
2015-11-19 18:27 - 2014-04-10 14:45 - 00011800 _____ C:\Windows\system32\perfc01B.dat
2015-11-19 18:27 - 2014-04-08 11:05 - 00907186 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 18:25 - 2014-04-08 11:05 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-973648956-3309636155-3697473859-1001
2015-11-19 18:22 - 2015-08-12 08:09 - 00015546 _____ C:\Users\Vilo\rgmnr
2015-11-19 18:22 - 2014-04-10 14:04 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\ClassicShell
2015-11-19 18:21 - 2014-11-04 16:40 - 00000000 ____D C:\Users\Vilo\AppData\Local\LogMeIn Hamachi
2015-11-19 18:20 - 2014-04-09 14:42 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 18:20 - 2014-04-08 11:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-19 18:20 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 18:16 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-19 18:10 - 2014-04-10 14:30 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\Skype
2015-11-19 18:01 - 2015-08-13 18:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-19 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-19 17:28 - 2014-04-08 11:17 - 00003810 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{755016B7-1ED8-4AF9-8BAE-4D2AD814094D}
2015-11-19 17:13 - 2013-08-22 15:44 - 00482336 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-19 17:10 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-19 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-11-19 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sk-SK
2015-11-19 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\setup
2015-11-19 17:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-19 17:07 - 2014-04-09 16:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-19 17:01 - 2014-04-08 12:18 - 00000000 ____D C:\Windows\system32\MRT
2015-11-19 16:41 - 2014-09-21 16:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-19 15:09 - 2014-04-08 12:17 - 00000000 ____D C:\Users\Vilo\AppData\Local\Adobe
2015-11-19 15:08 - 2015-08-14 11:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-19 15:08 - 2014-04-08 12:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-17 16:10 - 2015-04-14 18:11 - 00000000 ____D C:\Users\Vilo\Desktop\Moje videa
2015-11-17 15:52 - 2015-08-30 20:27 - 00000000 ____D C:\Martinka
2015-11-17 15:49 - 2015-03-19 14:37 - 00000000 ____D C:\Users\Vilo\Documents\Bandicam
2015-11-17 13:43 - 2015-05-29 14:13 - 00000000 ____D C:\Users\Public\StarStableOnline
2015-11-12 10:58 - 2014-04-09 14:52 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-10 18:50 - 2014-04-08 16:56 - 00000000 ____D C:\Users\Vilo
2015-11-05 13:21 - 2014-08-29 13:55 - 00000000 ____D C:\Users\Vilo\AppData\Roaming\.minecraft
2015-11-03 18:21 - 2014-04-12 17:19 - 00000000 ____D C:\Mamka
2015-11-03 15:29 - 2014-04-12 17:20 - 00000000 ____D C:\Tati
2015-10-31 09:21 - 2014-04-10 14:30 - 00000000 ____D C:\ProgramData\Skype
2015-10-27 18:43 - 2014-04-08 12:18 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-21 17:15 - 2015-08-04 12:53 - 00000000 ____D C:\Users\Vilo\Desktop\PaintTool SAI English Pack

==================== Files in the root of some directories =======

2014-06-21 17:50 - 2014-06-21 17:53 - 0000000 _____ () C:\Users\Vilo\AppData\Roaming\AVSMediaPlayer.m3u
2015-03-29 13:14 - 2015-03-29 13:14 - 0000000 ___SH () C:\Users\Vilo\AppData\Local\LumaEmu
2015-08-01 14:14 - 2015-08-01 14:14 - 29593968 _____ (Sony Mobile Communications ) C:\Users\Vilo\AppData\Local\pcc.exe
2014-04-08 11:21 - 2014-04-08 11:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Vilo\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-21 17:39

==================== End of FRST.txt ============================

Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Aktualni je 8U65. Verze Javy, ktere v PC mate nainstalovane:

Java 8 Update 40

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
File: C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {74617012-4077-4C82-815E-356D4CDCAD5B} - System32\Tasks\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {C605D4B6-BF57-4ED0-AEE2-016A2764424C} - System32\Tasks\Total Form => Rundll32.exe "C:\Users\Vilo\AppData\Local\Total Form\Bin\TotalForm.dll",#3 <==== ATTENTION
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\SysWOW64\msstp.inf
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.inf
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe" 
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [not found]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
S1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; system32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [X]
S1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; system32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [X]
S1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; system32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [X]
2015-11-19 18:16 - 2015-11-19 18:43 - 00020096 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 18:15 - 2015-11-19 18:15 - 00013511 _____ C:\Users\Vilo\Desktop\Addition.txt
2015-11-19 18:11 - 2015-11-19 18:11 - 00015327 _____ C:\Users\Vilo\Desktop\LM.bat
2015-11-19 17:17 - 2015-11-19 17:18 - 00000000 ____D C:\AdwCleaner
2015-11-19 16:51 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
2015-11-19 16:50 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Downloads\adwcleaner_5.021.exe
2015-11-19 12:01 - 2015-11-19 18:17 - 00004911 _____ C:\Users\Vilo\Desktop\Addition.rar
2015-11-19 11:56 - 2015-11-19 11:57 - 00112640 _____ (forum.viry.cz) C:\Users\Vilo\Desktop\FRSTLauncher.exe
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
Hosts:
EmptyTemp:
End

Program skape, je tam WIN8.1, nastavovaná kompaktibilita s WIN8.0 a WIN7. Spúštané ako správca.

: Snímka.PNG (9.43 KiB) Zobrazeno 2709 x

V jake fazi se ukonci? Az po stisku tlacitka Fix? Je vytvoren fixlog.txt? V pripade, ze ano, vlozte jeho obsah.

Ukonci sa po stlaceni tlacitka FIX, vytvory subor ct (v adresari C:\FRST\Logs) a v nom je 5.

Vytvorte novy fixlist s timto obsahem a pote znovu spustte FRST64.exe a kliknete na Fix.

Kód: Vybrat vše

Start
File: C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {74617012-4077-4C82-815E-356D4CDCAD5B} - System32\Tasks\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {C605D4B6-BF57-4ED0-AEE2-016A2764424C} - System32\Tasks\Total Form => Rundll32.exe "C:\Users\Vilo\AppData\Local\Total Form\Bin\TotalForm.dll",#3 <==== ATTENTION
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\SysWOW64\msstp.inf
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.inf
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [not found]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
S1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; system32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [X]
S1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; system32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [X]
S1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; system32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [X]
2015-11-19 18:16 - 2015-11-19 18:43 - 00020096 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 18:15 - 2015-11-19 18:15 - 00013511 _____ C:\Users\Vilo\Desktop\Addition.txt
2015-11-19 18:11 - 2015-11-19 18:11 - 00015327 _____ C:\Users\Vilo\Desktop\LM.bat
2015-11-19 17:17 - 2015-11-19 17:18 - 00000000 ____D C:\AdwCleaner
2015-11-19 16:51 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
2015-11-19 16:50 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Downloads\adwcleaner_5.021.exe
2015-11-19 12:01 - 2015-11-19 18:17 - 00004911 _____ C:\Users\Vilo\Desktop\Addition.rar
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
C:\Users\Vilo\AppData\Local\Temp
End

Zase to skapalo, no ale vytvorilo toto:
Fix result of Farbar Recovery Scan Tool (x64) Version:18-11-2015
Ran by Vilo (2015-11-19 20:35:35) Run:6
Running from C:\Users\Vilo\Desktop
Loaded Profiles: Vilo (Available Profiles: Vilo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
File: C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {74617012-4077-4C82-815E-356D4CDCAD5B} - System32\Tasks\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {C605D4B6-BF57-4ED0-AEE2-016A2764424C} - System32\Tasks\Total Form => Rundll32.exe "C:\Users\Vilo\AppData\Local\Total Form\Bin\TotalForm.dll",#3 <==== ATTENTION
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\SysWOW64\msstp.inf
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.inf
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [not found]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
S1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; system32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [X]
S1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; system32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [X]
S1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; system32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [X]
2015-11-19 18:16 - 2015-11-19 18:43 - 00020096 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 18:15 - 2015-11-19 18:15 - 00013511 _____ C:\Users\Vilo\Desktop\Addition.txt
2015-11-19 18:11 - 2015-11-19 18:11 - 00015327 _____ C:\Users\Vilo\Desktop\LM.bat
2015-11-19 17:17 - 2015-11-19 17:18 - 00000000 ____D C:\AdwCleaner
2015-11-19 16:51 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
2015-11-19 16:50 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Downloads\adwcleaner_5.021.exe
2015-11-19 12:01 - 2015-11-19 18:17 - 00004911 _____ C:\Users\Vilo\Desktop\Addition.rar
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
C:\Users\Vilo\AppData\Local\Temp
End
*****************

========================= File: C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe ========================

"C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe" => not found.
====== End of File: ======

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74617012-4077-4C82-815E-356D4CDCAD5B} => key could not remove. Access Denied.
C:\Windows\System32\Tasks\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => key could not remove. Access Denied.

Vytvorte fixlist s timto obsahem, postup stejny.

Kód: Vybrat vše

Start
Folder: C:\Windows\SysWOW64\Adobe\Shockwave 12
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F482C241-1674-44A4-B5EB-22775FA96F35}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F482C241-1674-44A4-B5EB-22775FA96F35}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74617012-4077-4C82-815E-356D4CDCAD5B}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74617012-4077-4C82-815E-356D4CDCAD5B}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C605D4B6-BF57-4ED0-AEE2-016A2764424C}
Unlock: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C605D4B6-BF57-4ED0-AEE2-016A2764424C}
Task: {F482C241-1674-44A4-B5EB-22775FA96F35} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: C:\Windows\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {74617012-4077-4C82-815E-356D4CDCAD5B} - System32\Tasks\{358F1B5F-BC85-4E6E-BFCF-05C573412EBE} => pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {C605D4B6-BF57-4ED0-AEE2-016A2764424C} - System32\Tasks\Total Form => Rundll32.exe "C:\Users\Vilo\AppData\Local\Total Form\Bin\TotalForm.dll",#3 <==== ATTENTION
C:\Users\Vilo\AppData\Local\Total Form
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\SysWOW64\msstp.inf
HKLM-x32\...\Run: [mncdhahSrv] => C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.vbe
C:\Windows\inf\mncdhah.inf
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\Run: [Minecraft Tweaker Updater] => C:\Users\Vilo\AppData\Roaming\.minecraft\MinecraftTweakerUpdater.exe [554496 2014-07-02] (M. Charvát)
HKU\S-1-5-21-973648956-3309636155-3697473859-1001\...\MountPoints2: {f2b4b7b6-35f2-11e5-852e-e03f4919da6b} - "F:\startme.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Vilo\AppData\Roaming\Mozilla\Firefox\Profiles\3ko3doxy.default\extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com [not found]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
CHR Extension: (Ask Search) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-07-14]
CHR Extension: (Skype Click to Call) - C:\Users\Vilo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-14]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
CHR Extension: () - C:\Users\Vilo\AppData\Local\Total Form\Component [2015-07-30]
S1 {16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64; system32\drivers\{16157a7c-3016-4fc7-9199-91e5eca0f905}Gw64.sys [X]
S1 {4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64; system32\drivers\{4845ffe9-f9c4-49f8-8d12-98cf7c6714cc}Gw64.sys [X]
S1 {80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64; system32\drivers\{80497fe6-6cf0-4105-a85c-8263c4ffc2ba}Gw64.sys [X]
2015-11-19 18:16 - 2015-11-19 18:43 - 00020096 _____ C:\Users\Vilo\Desktop\FRST.txt
2015-11-19 18:15 - 2015-11-19 18:15 - 00013511 _____ C:\Users\Vilo\Desktop\Addition.txt
2015-11-19 18:11 - 2015-11-19 18:11 - 00015327 _____ C:\Users\Vilo\Desktop\LM.bat
2015-11-19 17:17 - 2015-11-19 17:18 - 00000000 ____D C:\AdwCleaner
2015-11-19 16:51 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Desktop\adwcleaner_5.021.exe
2015-11-19 16:50 - 2015-11-19 16:50 - 01732096 _____ C:\Users\Vilo\Downloads\adwcleaner_5.021.exe
2015-11-19 12:01 - 2015-11-19 18:17 - 00004911 _____ C:\Users\Vilo\Desktop\Addition.rar
2015-11-19 11:18 - 2015-11-19 11:18 - 08204944 _____ (TeamViewer GmbH) C:\Users\Vilo\Downloads\TeamViewer_Setup_sk.exe
C:\Users\Vilo\AppData\Local\Temp
End

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu