VIRY.CZ

Prosím o zkontrolování logu, předem děkuji
PC minimálně jednou denně zamrzne, pomůže jen restart natvrdo, vir nenalezen (SuperAntiSpyWare, Malwarebytes Anti-Malware Home, CCleaner a AdwCleaner)
Windows se odmítá updatovat, zkoušela jsem vše možné, ale nic z různých rad nepomohlo, jedná se o:
*Definition Update for Windows Defender - KB915597 (Definition 1.211.259.0)
*Microsoft.NET Framework 4.5, 4.5.1 a 4.5.2
Kód chyby: 648
**to by bylo prozatím asi tak vše

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-11-2015
Ran by Marcela (administrator) on ARSENE10PC (20-11-2015 11:24:14)
Running from L:\Programy
Loaded Profiles: Marcela (Available Profiles: Arsene10 & Kocháč & Marcela & Guest)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\Zps.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Piotr Pawlowski) C:\Program Files\foobar2000\foobar2000.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-31] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-10-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [704512 2009-04-11] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-27] (AVAST Software)
Startup: C:\Users\Kocháč.Arsene10-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACR Launcher.lnk [2013-02-26]
ShortcutTarget: ACR Launcher.lnk -> C:\Program Files\ACR\AutoClubRev\web\acrlauncher.exe ()
Startup: C:\Users\Kocháč.Arsene10-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2013-03-09]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Marcela\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Kocháč.Arsene10-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-10-19]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-11-12]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{385D574C-08D2-4489-ACC2-A57218C6DC8A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4D6EAC62-12A0-455D-B6ED-94A08C9F284C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005 -> {D918A68E-D847-4E26-8CB6-8C1C1C92D11C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: GretechBHO Class -> {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} -> C:\Program Files\GRETECH\GomPicker\GomPickerBHO.dll [2013-04-03] (Gretech Corporation)
Toolbar: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF Homepage: hxxp://streepland.wgz.cz
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @comrade.gamespy.com/comrade -> C:\Program Files\GameSpy\Comrade\npcomrade.dll [2009-12-11] (IGN Entertainment)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-12] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3682315807-1102343484-1862372431-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcela\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-09] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3682315807-1102343484-1862372431-1005: facebook.com/fbDesktopPlugin -> C:\Users\Marcela\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-09-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-09-12] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-11-30] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\nppl3260.dll [2013-09-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin.dll [2014-04-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin2.dll [2014-04-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin3.dll [2014-04-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin4.dll [2014-04-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin5.dll [2014-04-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin6.dll [2012-11-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npqtplugin7.dll [2012-11-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\nprjplug.dll [2012-09-29] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\nprpplugin.dll [2013-09-12] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Marcela\AppData\Roaming\mozilla\plugins\npwachk.dll [2010-11-30] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\searchplugins\bing-avast.xml [2014-05-30]
FF SearchPlugin: C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\searchplugins\uloto.xml [2013-10-24]
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-12] [not signed]
FF Extension: CoolPreviews - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-12-23] [not signed]
FF Extension: Disconnect - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\extensions\2.0@disconnect.me.xpi [2015-06-03]
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-14] [not signed]
FF Extension: All-in-One Sidebar - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-10-29]
FF Extension: NetVideoHunter - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\extensions\netvideohunter@netvideohunter.com [2015-11-13]
FF Extension: Fastest Search - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\fastestsearch@mingyi.org [2015-06-03]
FF Extension: Scroll To Top - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\jid0-gRmSxW9ByuHwGjLhtXJg27YnZRs@jetpack.xpi [2015-06-03]
FF Extension: No Name - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2015-10-24] [not signed]
FF Extension: Google™ Translator - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2015-10-13]
FF Extension: Gmail™ Notifier Plus - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2015-09-06]
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2015-11-11]
FF Extension: Super Start - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\superstart@enjoyfreeware(514).org [2014-11-26] [not signed]
FF Extension: Video DownloadHelper - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-11]
FF Extension: FoxClocks - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2015-10-13]
FF Extension: Open With Photoshop - C:\Users\Marcela\AppData\Roaming\Mozilla\Firefox\Profiles\rp5o7t1x.default-1368478040603\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}.xpi [2015-11-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-03] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-19]
CHR Extension: (Gmail Offline) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-06-28]
CHR Extension: (Word Online) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-06-29]
CHR Extension: (Video Downloader Super) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-08-04]
CHR Extension: (AdBlock) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-19]
CHR Extension: (History Eraser) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2015-07-03]
CHR Extension: (Scroll To Top) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegiignepmecppikdlbohnnbfjdoaghj [2015-06-06]
CHR Extension: (Munchee Auto Game Bonus Collector) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoejkmpidaklcngdmkfflceeppncmhko [2015-11-09]
CHR Extension: (Kami (formerly Notable PDF)) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljojpiodmlhoehoecppliohmplbgeij [2015-10-09]
CHR Extension: (Downloads) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2015-06-06]
CHR Extension: (Google Mail Checker) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-06-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Click&Clean App) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-10-31]
CHR Extension: (Writer) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2015-06-28]
CHR Profile: C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (No Name) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (No Name) - C:\Users\Marcela\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fneepjciffmedhkndoicgobehmcollbn [2015-01-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - <no Path\update_url>

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2015-11-18]
OPR Extension: (AdBlock) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-09-22]
OPR Extension: (AdBlock) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\bgfkfacpekfgmcmmoolalincjgellfmb [2015-11-12]
OPR Extension: (modern scroll) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\eiinejdcihhdbdbipfapahmjndejdpjb [2015-08-06]
OPR Extension: (Gmail Notifier) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\flkijckbigolpahbkklilflpmkalfohc [2015-08-25]
OPR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\foobgjfmnkeainefnnoeghobcdcidhme [2013-12-17]
OPR Extension: (Disconnect) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\hciohocinlhbdkbjldffomiadmnhjnoj [2015-08-06]
OPR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\kefimjmcofjhaphjiadipfoojljnoinn [2015-08-06]
OPR Extension: (History Eraser) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-06]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2015-11-11]
OPR Extension: (Scroll To Top) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\mgblffipaipjkemfkjpmdmfedljnifen [2015-08-06]
OPR Extension: (Photo Tagger) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\mknamppckfmfbebjliiohafcmbhladbl [2015-08-06]
OPR Extension: (FVD Video Downloader) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2015-08-18]
OPR Extension: (Magic Actions for YouTube™) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\nlffnljnicbkfhnlomjhjlebndachaka [2015-09-15]
OPR Extension: (Instant-Dictionary) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofaolbnbcledpejhmplomdppjdnhfnkl [2013-10-15]
OPR Extension: (Google Translate) - C:\Users\Marcela\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcfaommkmdjacdkbaoohklbccfmbnnod [2015-06-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-26] (SUPERAntiSpyware.com)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3219136 2015-09-27] (Avast Software)
S4 IceDragonUpdater; C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [1821384 2013-04-18] ()
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1377072 2013-09-19] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2078216 2015-10-05] (Electronic Arts)
S4 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75064 2010-11-09] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
R3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-27] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [157888 2015-09-27] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-27] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-10-27] (Disc Soft Ltd)
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [25680 2008-12-18] (Aladdin Knowledge Systems Ltd.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-11-20] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-09-27] (AVAST Software)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2009-08-05] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [59388 2010-04-12] (PowerISO Computing, Inc.) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-05-31] (Duplex Secure Ltd.)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-27] (Avast Software)
S3 WsAudioDevice_383; C:\Windows\System32\drivers\WsAudioDevice_383.sys [16640 2008-11-19] (Wondershare) [File not signed]
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [26824 2014-03-17] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CFcatchme; \??\C:\Users\Marcela\AppData\Local\Temp\CFcatchme.sys [X]
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [X]
S3 GPU-Z; \??\C:\Users\KOCH~1.ARS\AppData\Local\Temp\GPU-Z.sys [X]
S4 IObitUnlocker; \??\C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 23:11 - 2015-11-18 23:11 - 00011123 _____ C:\Users\Marcela\Desktop\RATF - lyrics.txt
2015-11-18 09:31 - 2015-11-18 09:31 - 00001140 _____ C:\Users\Marcela\Documents\cc_20151118_093112.reg
2015-11-16 19:22 - 2015-11-17 22:12 - 00000969 _____ C:\Users\Marcela\Desktop\Keep playin' that rock 'n' roll.txt
2015-11-16 12:13 - 2015-11-16 12:13 - 841634339 _____ C:\Users\Marcela\Desktop\LITE GRAND I ÖRAT (1981).mp4
2015-11-15 16:06 - 2015-11-15 16:06 - 00080058 _____ C:\Users\Marcela\Desktop\Ricki And The Flash.srt
2015-11-15 15:38 - 2015-11-15 15:38 - 00080061 _____ C:\Users\Marcela\Downloads\Ricki.and.the.Flash.2015.720p.BluRay.x264-GECKOS.srt
2015-11-14 22:09 - 2015-11-14 22:09 - 00032561 _____ C:\Users\Marcela\Downloads\ricki.and.the.flash.(2015).eng.1cd.(6369450).zip
2015-11-14 22:08 - 2015-11-14 22:08 - 00031189 _____ C:\Users\Marcela\Downloads\ricki.and.the.flash.(2015).eng.1cd.(6375184) (1).zip
2015-11-14 21:52 - 2015-11-14 21:52 - 00031189 _____ C:\Users\Marcela\Downloads\ricki.and.the.flash.(2015).eng.1cd.(6375184).zip
2015-11-14 11:06 - 2015-11-14 11:06 - 00005134 _____ C:\Users\Marcela\Documents\cc_20151114_110603.reg
2015-11-13 21:15 - 2015-11-13 21:15 - 00002462 _____ C:\Users\Marcela\Downloads\[kat.cr]adobe.photoshop.cs6.13.1.2.extended.multilanguage.crack.patch.torrent
2015-11-13 21:06 - 2015-11-13 21:06 - 01601585 _____ C:\Users\Marcela\Downloads\adobe-photoshop-CS6-extended-.crack (1).rar
2015-11-13 21:05 - 2015-11-13 21:05 - 01599785 _____ C:\Users\Marcela\Downloads\adobe-photoshop-CS6-extended-.crack.rar
2015-11-12 01:01 - 2015-10-17 15:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 00:37 - 2015-10-13 15:31 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-12 00:37 - 2015-10-13 15:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-12 00:36 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-12 00:35 - 2015-10-14 21:22 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-12 00:35 - 2015-10-14 17:01 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-11-12 00:35 - 2015-10-14 17:01 - 03554752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-12 00:33 - 2015-10-10 17:02 - 00526272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-12 00:30 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-12 00:30 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-12 00:30 - 2015-09-26 14:21 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-12 00:30 - 2015-09-22 14:11 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 10:18 - 2015-10-31 18:24 - 11086336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 06012416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 10:18 - 2015-10-31 18:24 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 10:18 - 2015-10-31 18:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-11-11 10:18 - 2015-10-31 09:41 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 10:18 - 2015-10-31 09:34 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 10:18 - 2015-10-31 09:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 10:18 - 2015-10-31 09:34 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 10:18 - 2015-10-31 09:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-04 21:22 - 2015-11-17 22:12 - 00000000 ____D C:\Users\Marcela\Desktop\Ricki OST Vegas
2015-11-01 00:32 - 2015-11-01 00:32 - 00000000 ____D C:\5290a1ecd717475bf9acbd
2015-10-30 12:53 - 2015-10-30 14:18 - 861682846 _____ C:\Users\Marcela\Desktop\Ricki And The Flash.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-20 11:24 - 2015-06-07 18:17 - 00000000 ____D C:\FRST
2015-11-20 11:17 - 2006-11-02 13:47 - 00004608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 11:17 - 2006-11-02 13:47 - 00004608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-20 10:56 - 2012-07-30 16:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-20 10:38 - 2010-11-04 00:34 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004UA.job
2015-11-20 10:31 - 2014-09-06 23:53 - 00000000 ____D C:\Users\Marcela\AppData\Roaming\foobar2000
2015-11-20 10:26 - 2010-12-24 00:14 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 10:03 - 2008-01-21 02:35 - 01327710 ____N C:\Windows\WindowsUpdate.log
2015-11-20 09:51 - 2015-10-14 14:42 - 00000000 ____D C:\Users\Marcela\AppData\Local\Adobe
2015-11-20 09:34 - 2012-08-01 08:27 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005UA.job
2015-11-20 09:33 - 2012-08-01 08:27 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005Core.job
2015-11-20 09:26 - 2015-10-17 16:11 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 09:21 - 2010-12-24 00:14 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 09:20 - 2011-02-21 13:03 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-20 09:17 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-20 01:13 - 2006-11-02 14:01 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-20 00:39 - 2010-11-04 00:34 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004Core.job
2015-11-19 23:32 - 2013-05-03 13:03 - 00000000 ____D C:\Users\Marcela\Desktop\Shots
2015-11-19 20:26 - 2010-11-20 21:53 - 00000000 ____D C:\Users\Kocháč.Arsene10-PC\AppData\Roaming\uTorrent
2015-11-19 19:36 - 2014-12-10 09:23 - 00000000 ___RD C:\Users\Kocháč.Arsene10-PC\Disk Google
2015-11-19 19:34 - 2015-09-22 15:43 - 00000000 ____D C:\Users\Kocháč.Arsene10-PC\AppData\LocalLow\uTorrent
2015-11-19 10:16 - 2010-10-19 14:16 - 00000000 ____D C:\Program Files\Opera
2015-11-18 23:46 - 2010-12-09 06:52 - 00000000 ____D C:\Users\Marcela\AppData\Roaming\vlc
2015-11-18 16:06 - 2013-04-05 23:03 - 00001680 _____ C:\Users\Marcela\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-11-18 09:16 - 2012-01-09 00:00 - 00000000 ____D C:\Users\Marcela\AppData\Roaming\uTorrent
2015-11-18 09:14 - 2012-12-31 11:11 - 00000000 ____D C:\Users\Marcela\AppData\Local\CrashDumps
2015-11-17 15:19 - 2010-10-17 19:39 - 00000000 ____D C:\Users\Marcela\Desktop\My stuff
2015-11-17 11:49 - 2012-12-30 08:46 - 00000000 ____D C:\Users\Kocháč.Arsene10-PC\AppData\Local\CrashDumps
2015-11-17 11:49 - 2012-10-12 12:47 - 00000000 ____D C:\Users\Kocháč.Arsene10-PC\AppData\Roaming\Skype
2015-11-16 11:41 - 2015-01-10 23:19 - 00000000 ____D C:\Users\Marcela\Desktop\txt
2015-11-16 11:39 - 2014-05-28 10:30 - 00000000 ____D C:\Users\Marcela\Desktop\Meryl
2015-11-14 10:15 - 2008-05-02 20:44 - 01552978 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-13 13:05 - 2012-01-23 14:50 - 00001356 _____ C:\Users\Marcela\AppData\Local\d3d9caps.dat
2015-11-13 00:17 - 2012-04-04 07:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-13 00:17 - 2011-05-20 06:56 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-12 09:28 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-11-12 09:20 - 2015-01-22 09:00 - 00000000 ____D C:\Program Files\TeamViewer
2015-11-12 01:18 - 2006-11-02 13:47 - 04246888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 01:11 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-12 00:37 - 2013-08-14 08:08 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 00:37 - 2006-11-02 11:24 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-11-08 12:48 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\WindowsMobile
2015-11-08 12:41 - 2015-07-30 17:27 - 00000000 ____D C:\AdwCleaner
2015-11-08 12:35 - 2012-07-13 15:41 - 00000000 ____D C:\Program Files\JetAudio
2015-11-08 11:37 - 2010-10-24 13:42 - 00000000 ____D C:\Windows\pss
2015-11-07 16:07 - 2010-10-19 19:09 - 00000000 ____D C:\ProgramData\Adobe
2015-11-06 21:30 - 2015-01-10 16:35 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-06 21:30 - 2015-01-10 16:35 - 00435464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-06 13:39 - 2010-12-07 15:36 - 00211456 _____ C:\Users\Marcela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-02 12:42 - 2015-10-12 12:28 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-11-02 12:42 - 2014-05-04 22:01 - 00000000 ____D C:\ProgramData\CyberLink
2015-10-31 17:12 - 2013-12-31 23:11 - 00000132 _____ C:\Users\Marcela\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-10-28 09:15 - 2010-10-24 00:44 - 00000000 ____D C:\Users\Kocháč.Arsene10-PC\AppData\Local\Adobe
2015-10-26 19:30 - 2010-10-17 15:13 - 00302584 _____ C:\Users\Kocháč.Arsene10-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-22 06:23 - 2010-12-07 15:33 - 00302584 _____ C:\Users\Marcela\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-21 20:44 - 2015-09-08 12:55 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-21 20:43 - 2013-03-27 10:02 - 00000812 _____ C:\Users\Marcela\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-10-21 20:43 - 2010-10-18 21:43 - 00000000 ____D C:\Program Files\GomPlayer
2015-10-21 20:40 - 2010-10-17 17:17 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2015-10-21 14:28 - 2014-12-10 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Files in the root of some directories =======

2010-10-17 18:01 - 2008-09-02 02:09 - 1710070 _____ (Online TV Player.com ) C:\Program Files\tvplayer4.6.0.0.exe
2010-10-17 18:01 - 2010-07-10 10:30 - 0638976 _____ (IObit) C:\Program Files\Uninstall IObit Toolbar.dll
2015-06-22 23:11 - 2015-06-22 23:11 - 0000132 _____ () C:\Users\Marcela\AppData\Roaming\Adobe BMP Format CS6 Prefs
2011-01-17 13:47 - 2013-08-03 19:42 - 0000132 _____ () C:\Users\Marcela\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-12-31 23:11 - 2015-10-31 17:12 - 0000132 _____ () C:\Users\Marcela\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-10-20 18:49 - 2012-10-20 18:49 - 0000594 _____ () C:\Users\Marcela\AppData\Roaming\AutoGK.ini
2013-12-29 00:29 - 2014-09-26 19:46 - 0000120 _____ () C:\Users\Marcela\AppData\Roaming\Camdata.ini
2013-12-29 00:29 - 2014-09-26 19:46 - 0000408 _____ () C:\Users\Marcela\AppData\Roaming\CamLayout.ini
2013-12-29 00:29 - 2014-09-26 19:46 - 0000408 _____ () C:\Users\Marcela\AppData\Roaming\CamShapes.ini
2013-12-29 00:29 - 2014-09-26 19:46 - 0004416 _____ () C:\Users\Marcela\AppData\Roaming\CamStudio.cfg
2014-09-19 19:38 - 2014-09-19 19:38 - 0000670 _____ () C:\Users\Marcela\AppData\Roaming\Contact Sheet II.xml
2014-09-19 19:38 - 2014-09-19 19:44 - 0031235 _____ () C:\Users\Marcela\AppData\Roaming\ContactSheetII.log
2011-10-25 07:34 - 2011-10-25 07:34 - 0000073 _____ () C:\Users\Marcela\AppData\Roaming\default.pls
2014-10-27 18:01 - 2014-10-27 18:01 - 0000029 _____ () C:\Users\Marcela\AppData\Roaming\msleimmv.dat
2014-10-27 18:01 - 2014-10-27 18:01 - 0008629 _____ () C:\Users\Marcela\AppData\Roaming\msutceaj.dat
2015-02-16 21:02 - 2014-12-21 19:37 - 0421200 _____ (Microsoft Corporation) C:\Users\Marcela\AppData\Roaming\msvcp100.dll
2015-02-16 21:02 - 2014-12-21 19:37 - 0770384 _____ (Microsoft Corporation) C:\Users\Marcela\AppData\Roaming\msvcr100.dll
2015-02-16 21:02 - 2015-01-27 15:00 - 1576048 _____ (Mozilla Foundation) C:\Users\Marcela\AppData\Roaming\nss3.dll
2011-04-17 13:45 - 2011-04-17 13:46 - 0191613 _____ () C:\Users\Marcela\AppData\Roaming\PhotoStage.dmp
2013-07-13 13:45 - 2013-07-13 13:44 - 0081582 _____ () C:\Users\Marcela\AppData\Roaming\zulagames.ico
2014-11-27 14:51 - 2014-11-27 14:51 - 0000000 _____ () C:\Users\Marcela\AppData\Local\20141127_1351_HGD86_2834417672.zip
2011-03-24 10:58 - 2014-01-13 14:41 - 0001680 _____ () C:\Users\Marcela\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-04-05 23:03 - 2015-11-18 16:06 - 0001680 _____ () C:\Users\Marcela\AppData\Local\Adobe Save for Web 13.0 Prefs
2012-01-23 14:50 - 2015-11-13 13:05 - 0001356 _____ () C:\Users\Marcela\AppData\Local\d3d9caps.dat
2010-12-07 15:36 - 2015-11-06 13:39 - 0211456 _____ () C:\Users\Marcela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-01 16:40 - 2011-04-01 16:40 - 0000058 _____ () C:\Users\Marcela\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2010-10-24 03:33 - 2010-10-30 12:04 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-06-13 16:12 - 2012-06-13 22:36 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2012-11-28 13:02 - 2013-02-01 11:47 - 0000194 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-09-07 15:21 - 2014-09-07 15:21 - 0001534 _____ () C:\ProgramData\ss.ini

Files to move or delete:
====================
C:\Users\Public\install_icq7.exe


Some files in TEMP:
====================
C:\Users\Arsene10\AppData\Local\temp\Foxit Reader Updater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-20 10:19

==================== End of FRST.txt ============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-11-2015
Ran by Marcela (2015-11-20 11:25:44)
Running from L:\Programy
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2010-10-17 08:44:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3682315807-1102343484-1862372431-500 - Administrator - Disabled)
Arsene10 (S-1-5-21-3682315807-1102343484-1862372431-1000 - Administrator - Enabled) => C:\Users\Arsene10
Guest (S-1-5-21-3682315807-1102343484-1862372431-501 - Limited - Disabled) => C:\Users\Guest
Kocháč (S-1-5-21-3682315807-1102343484-1862372431-1003 - Administrator - Enabled) => C:\Users\Kocháč.Arsene10-PC
Marcela (S-1-5-21-3682315807-1102343484-1862372431-1005 - Administrator - Enabled) => C:\Users\Marcela

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Aktualizace zabezpečení aplikace Windows Media Player (KB2845142) (HKLM\...\KB2845142_WM64) (Version: - Microsoft Corporation)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Ashampoo Burning Studio 14 v.14.0.4 (HKLM\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.4 - Ashampoo GmbH & Co. KG)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.4.2233 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CorelDRAW Graphics Suite X3 (HKLM\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink PowerDVD 14 (HKLM\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
CZ (Version: 13.0 - Corel Corporation) Hidden
CZShare Manager (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\7f4182272b52fd8f) (Version: 0.0.1.35 - CZShare)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DebugMode Wax 2.0 (HKLM\...\DebugMode Wax 2.0) (Version: - )
DevExpress Components 14.2 (HKLM\...\DevExpress Components 14.2) (Version: 14.2.3 - Developer Express Inc.)
DevExpress DevExtreme 14.2 (HKLM\...\DevExpress DevExtreme 14.2) (Version: 14.2.3 - Developer Express Inc.)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: - )
Dropbox (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
FontNav (Version: 5.0 - Corel Corporation) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.)
Full Tilt Poker.Eu (HKLM\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.30.43.WIN.FullTilt.EU - )
GOM Player (HKLM\...\GOM Player) (Version: 2.2.71.5231 - Gretech Corporation)
Google Drive (HKLM\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
LenovoUsbDriver 1.0.7 (HKLM\...\LenovoUsbDriver) (Version: 1.0.7 - Lenovo)
LibreOffice 4.4.1.2 (HKLM\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 41.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla)
MSVCRT Redists (HKLM\...\{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}) (Version: - )
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{664C3BDC-1BCF-4EA6-A127-E61430501029}) (Version: 8.3.335 - Nero AG)
O&O Defrag Professional (HKLM\...\{41DB3D33-D655-40BB-8BF3-824768DD6170}) (Version: 17.0.420 - O&O Software GmbH)
OpenOffice 4.0.1 (HKLM\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 33.0.1990.115 (HKLM\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Pale Moon 25.7.3 (x86 en-US) (HKLM\...\Pale Moon 25.7.3 (x86 en-US)) (Version: 25.7.3 - Moonchild Productions)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Photo Suite 7.1.1 (HKLM\...\{6727F16E-6BF0-4E73-AC73-958A382AA09E}) (Version: 7.1.1 - onOne Software)
PhotoImpact X3 (HKLM\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
PhotoImpact X3 (Version: 13.0 - Corel) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
proDAD Mercalli 2.0 (Version: 2.0.106 - proDAD GmbH) Hidden
proDAD Route 4.0 (Version: 4.0.209.2 - proDAD GmbH) Hidden
proDAD Script 4.0 (Version: 4.0.209.2 - proDAD GmbH) Hidden
proDAD Vitascene 2.0 (Version: 2.0.203 - proDAD GmbH) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
s3pe - Sims3 Package Editor (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\s3pe) (Version: 13-1112-2033 - Peter L Jones)
Scribus 1.4.5 (HKLM\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Skype™ 7.12 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Slovník Verdict Free (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\Verdict Free) (Version: - )
SmartSound Common Data (HKLM\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (Version: 5.1.6 - SmartSound Software Inc.) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
The Sims 4 (HKLM\...\{7888BF21-7771-4A64-B20C-FD0B82CB52D0}) (Version: 1.0.797.20 - Electronic Arts)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\TimeAdjuster) (Version: - IrekSoftware.com)
Ulead GIF Animator 5 (HKLM\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VBA (Version: 6.2 - Corel Corporation) Hidden
Vegas Pro 11.0 (HKLM\...\{0F414901-5ED4-11E1-86F3-F04DA23A5C58}) (Version: 11.0.594 - Sony)
VisualSubSync (remove only) (HKLM\...\VisualSubSync) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130217 - Xilisoft)
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
Zoner Photo Studio - Vánoční obálky (HKLM\...\ZonerPhotoStudio17_Christmas_Envelopes_CZ_is1) (Version: 17.0.1.4 - ZONER software)
Zoner Photo Studio 16 - Obálky a šablony (HKLM\...\ZonerPhotoStudio16_Templates_CZ_is1) (Version: 16.0.1.2 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}\InprocServer32 -> C:\Windows\system32\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Marcela\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Windows\system32\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}\InprocServer32 -> C:\Windows\system32\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

==================== Restore Points =========================

20-11-2015 09:49:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-01-28 12:39 - 2015-10-17 16:11 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 keystone.mwbsys.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02D7D394-69C5-469B-BCF4-3B197BBCF6BA} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0879121E-9E54-4B44-B83A-A67EEF794562} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1005 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {0E31DC5F-98AE-4370-8961-512E57F7DE63} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {10412B48-BF76-41F7-AEC2-997AF76B87D3} - System32\Tasks\{05B1D5E4-A8DD-414E-9E95-9D1990864523} => pcalua.exe -a "C:\Program Files\Electronic Arts\Need for Speed Carbon\setup.exe" -d "C:\Program Files\Electronic Arts\Need for Speed Carbon"
Task: {127AE2EC-BBDF-41D5-8CCD-B635E54E8495} - System32\Tasks\{15F8700A-D90E-4976-95B0-B55BA075C009} => pcalua.exe -a "C:\PROGRA~1\CoffeeCup Software\UNWISE.EXE" -c C:\PROGRA~1\CoffeeCup Software\INSTALL.LOG
Task: {1F9592C2-C460-487A-BA6C-CF6277B7207E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2AE21EBA-01B4-44B2-BA1F-A9CA81CE736D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004Core => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-04] (Google Inc.)
Task: {2D55BB49-A9A7-48C1-9645-B7FFF7915B36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {34C5B09A-8FBF-4A2F-8309-04EE620CC5EE} - System32\Tasks\{98005F62-8106-4220-AD21-1109C54AB075} => pcalua.exe -a C:\Users\Marcela\Downloads\coreaacSetup.exe -d C:\Users\Marcela\Downloads
Task: {3560AD4D-D843-4A9A-BEEB-025E109BD2C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004UA => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-04] (Google Inc.)
Task: {389395C9-96F6-480B-8275-173D306F731E} - System32\Tasks\AdobeAAMUpdater-1.0-Arsene10-PC-Kocháč => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {45E79BFC-3618-41EA-847A-42B738D8144F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13] (Adobe Systems Incorporated)
Task: {46E78815-8BE3-4CC8-9B86-067B88EA230A} - System32\Tasks\{21004EE8-72D8-4AD3-8ECB-D9B10520F577} => pcalua.exe -a C:\Users\Arsene10\Desktop\Drivers\InstallUSB9x.exe -d C:\Users\Arsene10\Desktop\Drivers
Task: {4A8DAC1B-E9DC-4D0C-A895-7E8E0D3C0D29} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4AA29C18-FB56-4A6A-9EF3-06BBFCC4AAA0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005Core => C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-01] (Facebook Inc.)
Task: {4CEEEDE1-10F1-4B37-B6FE-37BE32038567} - System32\Tasks\SimpleFilesUpdate => C:\Program Files\SimpleFiles\SFUpdater.exe
Task: {4E433F3C-E6EF-42E8-B915-20408327E522} - System32\Tasks\{92008EC9-5947-4C75-BCFD-E03B7F2BB79A} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {51EFD3D0-791B-42D1-8D32-B8F898BECAB5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5B48E0C3-BE25-449E-AB3D-F516998FDC19} - System32\Tasks\{EEC130A4-A1DD-49EB-9C31-F3B0B564A23D} => pcalua.exe -a C:\Users\Kocháč.Arsene10-PC\Downloads\3D.Driving.School.5.Europe.Edition-BsT\3D.Driving.School.5.Europe.Edition-BsT\3D.Driving.School.5.Europe.Edition-BsT\Multilanguage50.exe -d C:\Users\Kocháč.Arsene10-PC\Downloads\3D.Driving.School.5.Europe.Edition-BsT\3D.Driving.School.5.Europe.Edition-BsT\3D.Driving.School.5.Europe.Edition-BsT
Task: {5DF754ED-0F7A-4149-A3DE-1D1D6AC1101F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6123AF4F-C385-4857-99DA-6F52C1BC14FA} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {6459348D-A97A-4E7D-BDC2-CBCEBC649C21} - System32\Tasks\{4180D2A3-8984-4DB4-9ADE-47551624D5F4} => pcalua.exe -a D:\Install.exe -d D:\
Task: {6A8BB1FD-D188-47B5-BF8D-049580A3B6C1} - \RealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1005 -> No File <==== ATTENTION
Task: {6E2133FF-83A5-4E4F-B0F4-AA96DFA7A4A2} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {723941AA-DF64-46A6-902F-68778136DF60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {740B639C-1FFE-47F1-8CF5-664DD37326E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7497377D-3382-43C6-99FC-A47C469E3F40} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {83365331-4796-4083-968A-8EC14A0D7470} - System32\Tasks\AdobeAAMUpdater-1.0-Arsene10-PC-Marci => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {896C41EA-BDBD-4F94-A867-749E87EAB4D4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {89D9E296-DD5F-4E18-BF12-7420F16329B7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {959C768B-4757-4358-8777-1A8DA111D706} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {9BAA1D81-3E04-43D1-B69C-C9A03694077C} - \RealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1005 -> No File <==== ATTENTION
Task: {9BBD84D8-4BE6-4367-AD35-3AE2156C12C5} - System32\Tasks\AdobeAAMUpdater-1.0-ARSENE10PC-Marcela => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {9C38335E-7DB2-4B4D-A166-8FBBDEAF6783} - System32\Tasks\{A1E72EBF-7603-4589-861F-9A0FA9251D84} => pcalua.exe -a C:\Users\Kocháč.Arsene10-PC\Downloads\ScreenShots(3).exe -d "C:\Program Files\Mozilla Firefox"
Task: {9D245DB1-696B-4349-AC7E-BAE55A738124} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9D7150AC-2C61-430D-82AB-86C5F0F6480A} - System32\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C} => C:\Windows\Vdufea.exe
Task: {A34D4748-EEC2-4B7F-A915-57CA05B133AE} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1005 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {AA53505E-A098-40FA-BEF2-023DE5EAEED5} - System32\Tasks\{0C49BA43-608E-4408-9944-5D9802789E56} => pcalua.exe -a C:\Users\Arsene10\Desktop\battlefield\Setup.exe -d C:\Users\Arsene10\Desktop\battlefield
Task: {B2CB8F4F-37DB-4801-A1E4-04AA5456F633} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B4A1B5BF-BC9D-4DA1-BB4B-BD0CA577D09D} - System32\Tasks\{4D835927-BB17-453E-8CC0-9C1A9144F020} => pcalua.exe -a C:\ProgramData\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_cze_web.exe
Task: {B5B4E279-AAB4-4752-9DC1-DEF23B1CB846} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B7CADEA4-CDC7-4C1F-9E75-1CBCB7AD8ABF} - System32\Tasks\{7D3D25D6-0B77-4163-BF59-F3710C5241B2} => pcalua.exe -a "C:\Users\Arsene10\Desktop\battlefield\Support\Battlefield Bad Company 2_uninst.exe" -d C:\Users\Arsene10\Desktop\battlefield\Support
Task: {C21C076F-5C6D-4BF1-A34A-693BB9E6FB39} - System32\Tasks\AdobeAAMUpdater-1.0-Arsene10-PC-Marcela => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {C79C0DE6-783A-4803-95E0-AEA95BC7FCB3} - System32\Tasks\{8E6AD777-C678-4042-8CBA-DC0654F42F1E} => pcalua.exe -a E:\arcon\setup.exe -d E:\arcon
Task: {CC23441D-F5CE-4B08-832A-F94222D12D64} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CE6745E3-1F28-407C-9F57-06AE25085BAC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1005 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D884B64E-FEB8-46A1-977F-1B80D277F5FF} - System32\Tasks\{89F9AF4A-D8DF-41FB-B57A-053169A8CA2B} => pcalua.exe -a C:\Users\Arsene10\AppData\Local\Temp\Myashampoo.exe -d C:\Users\Arsene10\AppData\Local\Temp\is-3SKKB.tmp -c /s -silent -DefaultSearch=TRUE -StartPage=TRUE -SearchFromAdress=TRUE -showPersonalCompDialog=FALSE -CTID=ct2475029 -InstallType=ConduitIntegration -InstallId=MyAshampoo.exe
Task: {D98C7640-A3E9-4F21-A328-644C09A7D1EE} - System32\Tasks\Program k provádění aktualizací online Real Player => C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-09-12] (RealNetworks, Inc.)
Task: {E2EE4536-2600-433E-A0AF-51349C5376E5} - System32\Tasks\Opera scheduled Autoupdate 1381836684 => C:\Program Files\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {E46D2DA5-085A-4FA4-9885-6CC3D7AAAE63} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E68EB215-F610-440D-A297-E56DB2D1523B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-27] (AVAST Software)
Task: {E77DDDAF-AEF4-47AE-8FA0-3E621183AF87} - System32\Tasks\avastBCLRestartS-1-5-21-3682315807-1102343484-1862372431-1000 => Firefox.exe
Task: {E7B14B3A-AA53-4625-94D0-3083E66D9168} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EF577EBC-2ECD-47FB-A96E-C59B2ED32DC7} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3682315807-1102343484-1862372431-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F247954C-A15D-4919-8E1D-5AE62975EB54} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005UA => C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-01] (Facebook Inc.)
Task: {F8E33270-F10C-47E8-8E82-3E8952DA2B2C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3682315807-1102343484-1862372431-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FED22BC6-E509-4C82-9102-68EF7D4C6BB1} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\OrbTray.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005Core.job => C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1005UA.job => C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004Core.job => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682315807-1102343484-1862372431-1004UA.job => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-02 15:59 - 2015-09-27 21:33 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-02 15:59 - 2015-09-27 21:33 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-19 19:39 - 2015-11-19 19:39 - 02991104 _____ () C:\Program Files\AVAST Software\Avast\defs\15111901\algo.dll
2012-06-12 20:19 - 2006-06-02 00:34 - 00045056 _____ () C:\Windows\System32\bgspmnt.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-04-24 16:46 - 2013-04-24 16:46 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2015-03-13 17:08 - 2015-09-27 21:33 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-29 15:38 - 2013-10-13 15:26 - 04439040 _____ () C:\Program Files\Zoner\Photo Studio 16\Program32\OgreMain.dll
2015-01-29 15:38 - 2013-10-13 15:26 - 00584192 _____ () C:\Program Files\Zoner\Photo Studio 16\Program32\RenderSystem_Direct3D9.dll
2015-01-29 15:38 - 2010-05-26 14:36 - 00692224 _____ () C:\Program Files\Zoner\Photo Studio 16\Program32\js32.dll
2013-04-24 11:20 - 2013-04-24 11:20 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-05-04 12:57 - 2013-05-04 12:57 - 00095712 _____ () C:\Program Files\foobar2000\zlib1.dll
2014-07-16 14:32 - 2014-07-16 14:32 - 00156624 _____ () C:\Program Files\foobar2000\shared.dll
2014-07-16 14:32 - 2014-07-16 14:32 - 01391080 _____ () C:\Program Files\foobar2000\components\foo_input_std.dll
2014-07-16 14:29 - 2014-07-16 14:29 - 00350720 _____ () C:\Program Files\foobar2000\components\foo_albumlist.dll
2014-07-16 14:28 - 2014-07-16 14:28 - 00304128 _____ () C:\Program Files\foobar2000\components\foo_cdda.dll
2014-07-16 14:28 - 2014-07-16 14:28 - 00299520 _____ () C:\Program Files\foobar2000\components\foo_freedb2.dll
2014-07-16 14:31 - 2014-07-16 14:31 - 00356352 _____ () C:\Program Files\foobar2000\components\foo_rgscan.dll
2014-07-16 14:28 - 2014-07-16 14:28 - 00285696 _____ () C:\Program Files\foobar2000\components\foo_fileops.dll
2014-07-16 14:29 - 2014-07-16 14:29 - 00199168 _____ () C:\Program Files\foobar2000\components\foo_dsp_eq.dll
2014-07-16 14:32 - 2014-07-16 14:32 - 01085416 _____ () C:\Program Files\foobar2000\components\foo_ui_std.dll
2014-07-16 14:29 - 2014-07-16 14:29 - 00526848 _____ () C:\Program Files\foobar2000\components\foo_converter.dll
2014-09-07 08:56 - 2014-09-07 08:56 - 00731136 _____ () C:\Users\Marcela\AppData\Roaming\foobar2000\user-components\foo_uie_lyrics3\foo_uie_lyrics3.dll
2014-07-16 14:28 - 2014-07-16 14:28 - 00173056 _____ () C:\Program Files\foobar2000\components\foo_unpack.dll
2014-07-16 14:28 - 2014-07-16 14:28 - 00199680 _____ () C:\Program Files\foobar2000\components\foo_dsp_std.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:F34493AA
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
AlternateDataStreams: C:\Users\Kocháč.Arsene10-PC\Desktop\MOV_0146.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Kocháč.Arsene10-PC\Downloads\UEFA Champions League 2010 INTRO HD [www.Keep-Tube.com].mp4:TOC.WMV

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\...\hola.org -> hxxp://hola.org

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3682315807-1102343484-1862372431-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcela\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Ati External Event Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrowserProtect => 2
MSCONFIG\Services: FsUsbExService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: ICQ Service => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: KtmRm => 2
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: McciCMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: PolicyAgent => 2
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 2
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: W32Time => 2
MSCONFIG\Services: WerSvc => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Arsene10^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Arsene10\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Arsene10\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Marcela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MsgCenterExe => "c:\program files\real\realplayer\update\RealOneMessageCenter.exe" -osboot
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Arsene10\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: PowerDVD14Agent => "C:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Slu~ba Acronis Scheduler2 =>
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Marcela\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{4D3E1C68-9ED7-4D5F-A234-3967FD2C45AC}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C592CBC7-FB3F-4B83-98CC-B249450DD1CB}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{633C3DAC-BC6F-4C62-BB28-DFEC7576C4CA}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{3FB6C107-9F9A-443E-BB1F-6FEA1C5E1C61}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{3E611E27-3343-4037-BF81-BBBEB18EB621}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{203D0595-BB96-401B-A561-A1D02FEFC819}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{07918B19-144D-41FA-AE19-3EF2AB53F475}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{FCB3373E-4B17-4EF5-8DE6-9AC7D0B7CD03}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{DB655184-E501-444E-B716-3284D17BB561}C:\program files\sopcast\adv\sopadver.exe] => (Block) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{855199D1-CB0C-441A-8147-1B3A98F9C5CD}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{8DD8CF47-3A2D-4BEB-BE88-A7D6F975CF97}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{BCE03699-8651-4052-9969-25FE3ED2A726}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C2378E90-3009-45FC-A211-2D26393E2B61}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{06329B40-C6A2-40B4-AE31-CE1BEB38BD3A}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{BCECB151-B23E-4FCB-AF92-DA70578ADAB5}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{D34A4198-2B4D-4A19-8845-BFF1111C08FD}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{E3CADCA6-C06E-4F98-BDAC-01F4DC44BD42}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{55B6C830-BD95-4CA3-B783-82041A0513C5}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{0B30ED48-6CED-4A1F-828B-BE42A5C6E1BC}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{0268DB4E-6B9C-4383-987B-5EEF250C1426}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CF8133EA-FB2B-4991-A5CE-5D23955BFE18}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{002E4D87-ED7F-42A4-9394-239175658C6A}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{7AC84C96-5901-4310-A2C5-53511E92A83F}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{E2F7BC11-CFD6-4EBA-944F-74F898DE5567}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{AE26FD19-2C39-4BD5-8360-D84E72D780B9}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{E1257B77-B6E3-41B9-8DC5-0AF8F315AABF}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7F7E25F8-27EE-4C31-BB40-86F6541E9E19}] => (Allow) LPort=2869
FirewallRules: [{701D3509-15ED-4183-A698-E7A9641FFC4F}] => (Allow) LPort=1900
FirewallRules: [{1DD9C53B-D135-40AB-BDA5-C6A786E08F30}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{886DBDAA-34D2-4C76-AEB5-0B42F27B401D}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{B3939530-6D1D-4926-A7CC-A45B12435FAB}C:\users\arsene10\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) C:\users\arsene10\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{9803428A-49B4-4A88-8D7D-0300A9AFC522}C:\users\arsene10\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) C:\users\arsene10\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [TCP Query User{4CD82CD8-6B56-43DC-B97F-A055378D2F86}C:\program files\flashget network\flashget 3\flashget3.exe] => (Block) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [UDP Query User{55F62512-4D28-47A4-B719-4B4F8385193A}C:\program files\flashget network\flashget 3\flashget3.exe] => (Block) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [{4BE67735-7A91-4153-9FAF-19FB7D3E59C0}] => (Allow) LPort=80
FirewallRules: [{2DF7782F-DB8B-42DB-828C-096D376742DD}] => (Allow) LPort=80
FirewallRules: [{D9426F94-F930-4DB5-9682-D449F40589CA}] => (Allow) LPort=80
FirewallRules: [TCP Query User{8367675A-4AAF-4DD9-A9D5-2E6B1BF15878}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{609EF0D3-74B4-4E36-AEDD-BFE9E8DBA2DC}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{91299E01-680A-4223-A9FC-33A22F20066B}] => (Allow) C:\Program Files\AquaSoft\SlideShow 7 Ultimate\DiaShow.exe
FirewallRules: [{8EC7A585-7F8B-417B-8BD0-200FE88D6A21}] => (Allow) C:\Program Files\AquaSoft\SlideShow 7 Ultimate\DiaShow.exe
FirewallRules: [TCP Query User{90DA5A0F-17B9-4793-B2A8-85342238BD0C}C:\program files\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [UDP Query User{52DC0479-949B-404D-815D-F6A0A3D3B7BE}C:\program files\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [TCP Query User{124F39A6-9956-4FFC-8D3C-4F947230546D}C:\program files\sopcast\sopcast.exe] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{BD7CB24F-029D-4C2C-89A1-3759B182060A}C:\program files\sopcast\sopcast.exe] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [TCP Query User{0DBC5D06-BE88-44A8-98E2-1FC714B1738B}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{94C97CE8-DCF4-49C4-BC48-33E3F57CCFD0}C:\program files\sopcast\adv\sopadver.exe] => (Allow) C:\program files\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{B1515E57-F52E-4DF2-AB07-DBFE08F5F19E}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{E2CA1186-FC0F-4912-865D-A52DD390D5CC}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{C18E2DD9-759C-4E3A-B310-F304FA774DAC}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{78D01496-A5B7-42C6-ACB4-574EEBDC5923}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{10C549A5-8235-458B-9CF3-9D00E189809B}] => (Allow) LPort=49167
FirewallRules: [{708C4383-DE18-46EF-B955-A1B97F1F36CE}] => (Allow) LPort=5000
FirewallRules: [{BAFDC60E-6AF0-4945-8857-2D0594BAC500}] => (Allow) C:\Users\Arsene10\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{2DE62BCA-89B3-42BE-8DD3-8471BC9BACE6}] => (Allow) C:\Users\Arsene10\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{3AD6893C-6E3D-42CD-964E-6727B8E8343A}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FF262AE9-6E99-485F-B9A9-A1726A3CD092}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{92699BDC-3317-42AE-B382-FBD73C551496}] => (Allow) C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{C3610705-4D7E-4400-8241-D2A666E141A3}C:\users\arsene10\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\arsene10\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C8CA3B78-09A4-47AE-B0B1-A681C7817FCE}C:\users\arsene10\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\arsene10\appdata\local\akamai\netsession_win.exe
FirewallRules: [{58F9E066-9643-4222-B28C-BC1022936236}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3F3426DF-B1D6-497C-931A-06EFA2046358}C:\program files\streamtorrent 1.0\streamtorrent.exe] => (Block) C:\program files\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [UDP Query User{78E60B99-6A3F-491A-8229-34E58AB71899}C:\program files\streamtorrent 1.0\streamtorrent.exe] => (Block) C:\program files\streamtorrent 1.0\streamtorrent.exe
FirewallRules: [{EE7DF273-6887-402F-907F-93AC47572A2C}] => (Allow) C:\Program Files\ACR\AutoClubRev\web\acrLauncher.exe
FirewallRules: [{918215EC-DEB6-47BF-AE19-F538C89EFA3A}] => (Allow) C:\Program Files\ACR\AutoClubRev\bin\ACR.exe
FirewallRules: [{E4B74FBF-1836-43EE-B19D-6224A78A4BEC}] => (Allow) C:\Users\Marcela\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{3BF19E6D-ABC7-43EE-A8AD-EE103CEF1D16}] => (Allow) C:\Users\Marcela\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{84D820D7-49B2-4F8D-9331-9E7B2F5680F8}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{0FF70A23-6202-4340-8D76-731FC133F6BA}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [TCP Query User{6E3D1EE7-DF8E-44C8-BE02-0DCF2BA09771}K:\skidrow\pes2013.exe] => (Allow) K:\skidrow\pes2013.exe
FirewallRules: [UDP Query User{2BC47293-DCFC-4189-95BC-056EBBEF0260}K:\skidrow\pes2013.exe] => (Allow) K:\skidrow\pes2013.exe
FirewallRules: [TCP Query User{854365DF-1231-4F3D-9704-2E012381A4A1}C:\program files\konami\pro evolution soccer 2013\pes2013 (2).exe] => (Allow) C:\program files\konami\pro evolution soccer 2013\pes2013 (2).exe
FirewallRules: [UDP Query User{26330FF6-48C3-4C60-8077-5458329197B8}C:\program files\konami\pro evolution soccer 2013\pes2013 (2).exe] => (Allow) C:\program files\konami\pro evolution soccer 2013\pes2013 (2).exe
FirewallRules: [{766B2FFE-625A-4C86-A07E-758ECF4DE8A9}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{FB0AF278-3FA8-4357-988F-960D59245756}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{28C1ECF8-ED7E-4C65-97D9-62A519C1E4F5}] => (Allow) C:\Program Files\Codemasters\DiRT2\dirt2_game.exe
FirewallRules: [{1670F72C-F9DD-4478-B0F3-4CB6AA8F0B29}] => (Allow) C:\Program Files\Codemasters\DiRT2\dirt2_game.exe
FirewallRules: [{06816192-C3FC-423A-A3E6-D1CBBC3F9181}] => (Allow) C:\Users\Marcela\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DD53C2B8-B873-45E4-B232-1CDE82C81264}] => (Allow) C:\Users\Marcela\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{316C96E4-A693-4C23-8FE5-1096B5E1544C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3170EEE1-46CF-4EBC-AFE8-22D5030152A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{ECBA53E6-0944-422D-A792-508D0ED79D54}C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C8874EFE-0514-48EE-98D1-EB5CA469C0BC}C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{EE2DA0F0-81C5-4586-927E-33E038C083C6}] => (Allow) C:\Program Files\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{B56010F4-5571-4F52-9A3D-A3DE23A4CD2F}] => (Allow) C:\Program Files\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{8CB85377-BE7F-4854-8E1D-0F29A9FAB20D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{21D16B11-9843-4A9F-B399-4E45E9FE6F7B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{D63B4FBF-26C5-450A-8142-4803120EAA5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{35BD6F70-79F4-4EF0-A2B0-F5E2F536804D}C:\program files\onone software\perfect photo suite 7\perfect photo suite 7.exe] => (Block) C:\program files\onone software\perfect photo suite 7\perfect photo suite 7.exe
FirewallRules: [UDP Query User{94FBDFF9-1E0F-45EA-998E-8272A4E291D7}C:\program files\onone software\perfect photo suite 7\perfect photo suite 7.exe] => (Block) C:\program files\onone software\perfect photo suite 7\perfect photo suite 7.exe
FirewallRules: [{257209E0-CA97-4A18-95CB-7BD1925F9BB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3FC5FCA8-B16F-4AE9-B13E-003397F240D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05BD1FC8-1A9A-483F-8C60-BDD2F00636E1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{75EF9263-3282-458A-BDB7-9EF94A935551}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{8B38CA60-CFD4-41D7-B2D7-BDAF0286143C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{48FF710E-7DD0-4421-AD4B-B668D9739B43}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FFDF7D19-120A-4E29-AA08-E8964CDCE76F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A53DFBF1-0A1D-47F4-B24A-21FC0D718DCF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5AF215C8-7B43-4501-9EE6-5677F16C6FD6}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{A25358A6-3242-413B-9359-2B313E394E9B}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{D49E8FB9-CFC0-4A2F-B50C-582F74B13487}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{1A3B4A15-E23F-4E38-B47C-130BF6408411}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{7C26A144-DCA9-4500-B117-B7A4BA70E569}] => (Allow) C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [TCP Query User{94F8F44D-E13B-4D1C-A26A-D2BF9512B410}C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [UDP Query User{D3799826-6D91-43C4-90EF-4775CAAFB1F4}C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\updates\3.4.5_41202.exe] => (Block) C:\users\kocháč.arsene10-pc\appdata\roaming\utorrent\updates\3.4.5_41202.exe
FirewallRules: [{7ED6B777-C7D5-4B63-BABC-B18E4694E5D6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/20/2015 10:34:10 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/20/2015 09:55:45 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/20/2015 09:28:22 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/20/2015 09:21:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/20/2015 09:19:10 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/20/2015 09:17:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2015 10:31:59 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/19/2015 09:49:48 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/19/2015 08:33:24 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Search.OneIndexHandler.1 nebyl načten. Popis chyby: Třída není zaregistrována
.

Error: (11/19/2015 08:32:10 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (2664) Windows: Pro soubor C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk nelze zapsat stínové záhlaví. Chyba -1032


System errors:
=============
Error: (11/20/2015 10:03:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.211.259.0){B72E6955-E5BB-4A57-9DF0-C8A5735BDC0C}200

Error: (11/20/2015 09:43:39 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032

Error: (11/20/2015 09:24:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (11/20/2015 09:17:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Sdílení připojení k Internetu (ICS)Správce vzdáleného přístupu%%1058

Error: (11/20/2015 09:17:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Prohledávání počítačůServer%%1058

Error: (11/19/2015 09:04:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSearch

Error: (11/19/2015 08:33:17 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032

Error: (11/19/2015 08:29:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Sdílení připojení k Internetu (ICS)Správce vzdáleného přístupu%%1058

Error: (11/19/2015 08:29:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Prohledávání počítačůServer%%1058

Error: (11/19/2015 08:29:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:26:47, 19.11.2015) bylo neočekávané.


CodeIntegrity:
===================================
Date: 2015-11-20 11:24:35.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 11:24:35.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 11:24:35.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 11:24:34.939
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:29:29.160
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:29:28.816
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:29:28.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:29:28.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:09:23.812
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-20 10:09:23.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Percentage of memory in use: 53%
Total physical RAM: 2046.51 MB
Available physical RAM: 961.18 MB
Total Virtual: 4335.99 MB
Available Virtual: 2342.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:457.94 GB) (Free:223.75 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive l: (Drive-n-go) (Fixed) (Total:465.76 GB) (Free:109.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D07FC34D)
Partition 1: (Active) - (Size=457.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 354B7B44)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

ahoj,
1. odinstaluj vsetko co tam ostalo od IOBit - a do buducna sa vyhybaj ich SW
2. taktiez sa vyhybaj crackom
3. Internet Explorer Version 8 >> stiahni a nainstaluj MSIE9 pre Vistu
4. skus stiahnut aktualizacie OS

Jestli tomu dobře rozumím, mám nainstalovat Explorer 8 i když mám novější verzi?

nie podla vypisu mas MSIE8 - daj tam MSIE9

Zkoušela jsem nainstalovat i jako Správce, ale na konci instalace mi to vždy vyhodí tuto hlášku...

Stejně se mi už nějakou dobu vede s Windows Update, konkrétně NET Framework 4.5

Hledala jsem řešení chyby 648, ale nenašla nic, co by pomohlo...

vidim to ako posahany system
skus http://windows.microsoft.com/en-us/wind ... r-8ddd0018

Pošahaný systém Tos trefil naprosto přesně, už mi z toho jde hlava kolem...
Tu fixaci jsem už zkoušela, ale pro změnu nám tam chybí 'Background Intelligent Transfer Service',
jinak virus nenalezen...

rozdelíme si to na dve casti:
1. aktualizacie - ja by som sa na to vykaslal + vypni automat. aktualizacie
mozes vsak este skusit:
- s príkazového riadku spustit sfc/scannow - bude treba instalacku OS
- opravna instalacia OS - taktiez potrebne inst. CD
2. zamrzanie:
- s príkazového riadku spust chkdsk - ak najde chyby zopakuj s parametrom /f
- skontroluj teplotu CPU

1.Teploty vypadají následovně (HW Monitor)

Chkdsk hotov, nějakou chybu to našlo, tak jsem to zopakovala s parametrem F a nevim, jestli se z toho někam ukládá log nebo tak něco...

2.Co se týká těch aktualizací, jestli nejsou nezbytně nutné, vypnu je...ale bez update NET Framework mi nepůjde nainstalovat MSI9

- s tymi teplotami mi to nie je jasne - skus everest http://www.slunecnice.cz/sw/everest/ tam je to v casti cidlo
- ak sa podaril chkdsk/f tak pri opakovanej kontrole, by uz nemali byt chyby
- ak sa nepodari nainstalovat MSIE9 budes musiet pouzivat alternativny prehliadac > chrome, opera, firefox

1. Everest

2. Chkdsk - musela jsem si to zopakovat z důvodu chyby, ale ted' to snad vypadá, že je to OK?

3. Explorer nepoužívám snad od samotné koupě PC v 2008, nejradši mám Firefox, ale nevím od jaké jejich aktualizace mi způsobuje nejvíc ze všech prohlížečů zamrzávání PC, nejvíce používám Operu, Chrome jen z nouze...

- akcia chkdsk sa podarila
- vycisti PC s CCleanerom - hlavne registre
- preventivne by bolo vhodne pri vypnutom PC povysavat chladic s ventilátorom CPU
- napis, ci je to lepsie ?

Paráda, počítač zatím doslova frčí
CCleaner používám během týdne 3-4x, zítra povysaju ten chladič a po víkendu dám vědět, jestli PC drží
Zatím velké díky

CC staci pouzivat 1-2x mesacne, alebo po vacsej akcii - instalacie a odinstalacie
drzim palce a nemas zac