VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka

https://forum.viry.cz:443/viewtopic.php?t=147557

Stránka 1 z 1

Preventivka

Napsal: 12 led 2016 15:53
od michi_trung
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Gujas (administrator) on DESKTOP-MJ039PJ (12-01-2016 15:42:29)
Running from C:\Users\Gujas\Desktop
Loaded Profiles: Gujas (Available Profiles: Gujas)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Brother Industries, Ltd.) C:\Users\Gujas\AppData\Local\Temp\{078D460C-0E02-4806-A9A3-5D040F4E16D2}\{4F2442B7-A89E-42A4-8F0E-6937499855CA}\BrLogRx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Gujas\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16403712 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\...\MountPoints2: {7a6efd2e-6d18-11e5-8d6c-806e6f6e6963} - "E:\DistinguishOS.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0869dc63-b0ca-4d99-b389-3a77dd26fa38}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483200893&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483224979&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483236675&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2610218684-3848601247-1926621778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-15] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-02] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-02] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF SearchPlugin: C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\searchplugins\webssearches.xml [2015-12-17]
FF Extension: No Name - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com [not found]
FF Extension: Avira Browser Safety - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\abs@avira.com [2015-11-23] [not signed]
FF Extension: Magic Actions for YouTube™ - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2015-11-06]
FF Extension: Adblock Plus - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-06]
FF HKLM-x32\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com => not found
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "","hxxp://www.yoursearching.com/?type=hp&ts=14502 ... 0DAEHX0DAX"
CHR DefaultSearchURL: Default -> hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
CHR DefaultSearchKeyword: Default -> google.cz__
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-16]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-16]
CHR Extension: (Dokumenty Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-16]
CHR Extension: (Disk Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (YouTube) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-16]
CHR Extension: (Adblock Plus) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (Tabulky Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-16]
CHR Extension: (Last.fm Scrobbler) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2016-01-04]
CHR Extension: (Heap Poznámka) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpiejadkdojdbfgfocaoahhbepnlpph [2015-12-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-16]
CHR Extension: (Click&Clean App) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-12-16]
CHR Extension: (Gmail) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-11-01] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1340760 2015-08-10] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-11-01] (Broadcom Corporation.)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11236088 2015-10-07] (Broadcom Corp)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-10-15] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-10-15] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 15:42 - 2016-01-12 15:43 - 00023303 _____ C:\Users\Gujas\Desktop\FRST.txt
2016-01-12 15:42 - 2016-01-12 15:42 - 00000000 ____D C:\FRST
2016-01-12 15:40 - 2016-01-12 15:41 - 00112640 _____ (forum.viry.cz) C:\Users\Gujas\Desktop\FRSTLauncher.exe
2016-01-12 15:38 - 2016-01-12 15:38 - 02370560 _____ (Farbar) C:\Users\Gujas\Desktop\FRST64.exe
2016-01-12 15:35 - 2016-01-12 15:35 - 00009715 _____ C:\Users\Gujas\Documents\22,5.xlsx
2016-01-12 15:34 - 2016-01-12 15:34 - 00613655 _____ C:\Users\Gujas\Documents\22.5.pdf
2016-01-12 14:37 - 2016-01-12 14:37 - 00586322 _____ C:\Users\Gujas\Downloads\Fyzika.rar
2016-01-12 14:37 - 2016-01-12 14:37 - 00586322 _____ C:\Users\Gujas\Downloads\Fyzika (1).rar
2016-01-12 14:36 - 2016-01-12 14:36 - 01300385 _____ C:\Users\Gujas\Downloads\Fyzika_laborky (1).rar
2016-01-12 14:36 - 2016-01-12 14:36 - 01252649 _____ C:\Users\Gujas\Downloads\laborky (1).rar
2016-01-12 14:29 - 2016-01-12 14:29 - 00020964 _____ C:\Users\Gujas\Documents\27,5.xlsx
2016-01-12 14:17 - 2016-01-12 14:17 - 00371604 _____ C:\Users\Gujas\Downloads\Nájmy-1 (1).xlsx
2016-01-12 13:03 - 2016-01-12 13:04 - 00000000 ____D C:\Users\Gujas\Downloads\h89fsd413
2016-01-12 11:02 - 2016-01-12 11:02 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-12 11:02 - 2016-01-12 11:02 - 00000000 ____D C:\Program Files\CCleaner
2016-01-12 11:01 - 2016-01-12 11:01 - 06805328 _____ (Piriform Ltd) C:\Users\Gujas\Downloads\ccsetup513.exe
2016-01-09 08:43 - 2016-01-09 08:43 - 02681789 _____ (Macromedia, Inc.) C:\Users\Gujas\Downloads\heattreatment.exe
2016-01-08 20:21 - 2016-01-12 13:04 - 00000000 ____D C:\Users\Gujas\Downloads\pp2
2016-01-07 22:10 - 2016-01-07 22:10 - 00000000 ____D C:\Users\Gujas\Downloads\mat3
2016-01-07 22:08 - 2016-01-07 22:09 - 25674764 _____ C:\Users\Gujas\Downloads\prezentace.rar
2016-01-07 22:03 - 2016-01-07 22:07 - 56373014 _____ C:\Users\Gujas\Downloads\KOMPLET-Technologie-I.zip
2016-01-07 20:07 - 2016-01-07 20:07 - 00371604 _____ C:\Users\Gujas\Downloads\Nájmy-1.xlsx
2016-01-07 20:07 - 2016-01-07 20:07 - 00009152 _____ C:\Users\Gujas\Downloads\nedoplatky.xlsx
2016-01-07 13:31 - 2016-01-07 13:31 - 00009152 _____ C:\Users\Gujas\Documents\nedoplatky.xlsx
2016-01-05 14:35 - 2016-01-05 14:35 - 01300385 _____ C:\Users\Gujas\Downloads\Fyzika_laborky.rar
2016-01-05 14:35 - 2016-01-05 14:35 - 01252649 _____ C:\Users\Gujas\Downloads\laborky.rar
2016-01-05 12:10 - 2016-01-05 12:10 - 00204114 _____ C:\Users\Gujas\Downloads\20160105_potvrzeni.pdf
2016-01-05 11:27 - 2016-01-05 11:27 - 00053248 _____ C:\Users\Gujas\Downloads\18.1.xls
2016-01-05 10:00 - 2016-01-05 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-29 12:18 - 2015-12-29 12:18 - 10158386 _____ C:\Users\Gujas\Downloads\NOM2.zip
2015-12-23 22:08 - 2015-12-23 22:09 - 91158979 _____ C:\Users\Gujas\Downloads\1-1450802828.rar
2015-12-18 05:55 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 05:55 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 05:55 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 05:55 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 05:55 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 05:55 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 05:55 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 05:55 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 05:54 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 05:54 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 05:54 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 05:54 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 05:54 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 05:54 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 05:54 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 05:54 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 05:54 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 05:54 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 05:54 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 05:54 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 05:54 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 05:54 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 05:54 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 05:54 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 05:54 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 05:54 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 05:54 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 05:54 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 05:54 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 05:54 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 05:54 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 05:54 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 05:54 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 05:54 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 05:54 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 05:54 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 05:54 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 05:54 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 05:54 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 05:54 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 05:54 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 05:54 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 05:54 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 05:54 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 05:54 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 05:54 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 05:54 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 05:54 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 05:54 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 05:54 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 05:54 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 05:54 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 05:54 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 05:54 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 05:54 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 05:54 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 16:53 - 2015-12-17 17:03 - 2746379544 _____ C:\Users\Gujas\Downloads\Houkal-2015-12-17.zip
2015-12-16 18:08 - 2015-12-16 20:50 - 00000000 ____D C:\Users\Gujas\Documents\My Videos
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\CyberLink
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\Users\Gujas\AppData\Local\CyberLink
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-16 18:05 - 2015-12-16 18:05 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-16 18:03 - 2015-12-16 18:04 - 00000000 ____D C:\ProgramData\Temp
2015-12-16 18:02 - 2015-12-16 18:02 - 00000000 ____D C:\Users\Gujas\Documents\Webcam_Acer_1.5.2624.00_W7x64
2015-12-16 17:59 - 2015-12-16 18:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam
2015-12-16 17:59 - 2015-12-16 17:59 - 00000000 ____D C:\Program Files (x86)\Acer Crystal Eye webcam
2015-12-16 17:16 - 2015-12-16 17:16 - 00411147 _____ C:\Users\Gujas\Downloads\magicactions.xpi
2015-12-16 17:01 - 2016-01-12 15:39 - 00004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{199B1703-41B4-45E9-9053-D39EC8575F71}
2015-12-16 16:48 - 2015-12-16 16:54 - 00000000 ____D C:\WINDOWS\SysWOW64\x64
2015-12-16 16:48 - 2007-09-14 15:28 - 00016005 _____ C:\WINDOWS\SysWOW64\snp2uvc.cat
2015-12-16 16:48 - 2007-08-13 14:54 - 01749376 _____ () C:\WINDOWS\SysWOW64\snp2uvc.sys
2015-12-16 16:48 - 2007-08-06 14:04 - 00028032 _____ () C:\WINDOWS\SysWOW64\sncduvc.sys
2015-12-16 16:48 - 2007-07-05 12:35 - 00094208 _____ (sonix) C:\WINDOWS\SysWOW64\PLFSetL.exe
2015-12-16 16:48 - 2007-06-28 09:18 - 00000131 _____ C:\WINDOWS\SysWOW64\PidList.ini
2015-12-16 16:48 - 2007-04-02 12:40 - 00172032 _____ ( ) C:\WINDOWS\SysWOW64\rsnp2uvc.dll
2015-12-16 16:48 - 2006-11-07 09:17 - 00286720 _____ (Sonix) C:\WINDOWS\SysWOW64\vsnp2uvc.dll
2015-12-16 16:41 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Opera Software
2015-12-16 16:41 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Gujas\AppData\Local\Opera Software
2015-12-16 16:38 - 2016-01-12 15:42 - 00000000 ____D C:\ProgramData\Tmp0x0x
2015-12-16 16:37 - 2015-12-16 16:37 - 00003378 _____ C:\WINDOWS\System32\Tasks\Opera N Saturday
2015-12-16 16:37 - 2015-12-16 16:37 - 00003374 _____ C:\WINDOWS\System32\Tasks\Opera N Sunday
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Shortcut
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\AION
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Local\AION
2015-12-16 16:36 - 2015-12-16 17:01 - 00000000 ____D C:\Program Files (x86)\Opera

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 15:42 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-12 15:37 - 2015-10-08 15:27 - 00000000 ___RD C:\Users\Gujas\Disk Google
2016-01-12 15:37 - 2015-10-07 18:40 - 00002391 _____ C:\Users\Gujas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-12 15:37 - 2015-10-07 18:40 - 00000000 ___RD C:\Users\Gujas\OneDrive
2016-01-12 15:31 - 2015-10-08 15:26 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-12 14:51 - 2015-10-07 18:40 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 14:37 - 2015-10-07 18:36 - 00000000 ____D C:\Users\Gujas\AppData\Local\Packages
2016-01-12 14:33 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-12 14:33 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-12 14:33 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-12 14:33 - 2015-10-07 18:35 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-12 13:51 - 2015-10-07 18:40 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 13:04 - 2015-10-15 10:30 - 00000578 _____ C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job
2016-01-12 11:18 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-12 11:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-12 11:17 - 2015-10-07 22:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-12 11:04 - 2015-11-14 22:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-12 11:04 - 2015-11-14 21:06 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-12 09:06 - 2015-10-08 20:38 - 00000000 ____D C:\Users\Gujas\AppData\Local\Adobe
2016-01-11 21:14 - 2015-11-18 08:25 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\vlc
2016-01-11 19:13 - 2015-10-08 08:35 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\uTorrent
2016-01-11 16:31 - 2015-10-08 15:26 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-07 20:01 - 2015-10-08 09:33 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Skype
2016-01-07 11:36 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-05 14:32 - 2015-10-07 22:03 - 00000000 __SHD C:\Users\Gujas\IntelGraphicsProfiles
2016-01-05 14:31 - 2015-11-14 21:16 - 00000000 ____D C:\Users\Gujas
2016-01-05 14:30 - 2015-11-14 21:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-05 13:43 - 2015-11-24 08:20 - 00000000 ____D C:\Users\Gujas\Documents\14.3
2016-01-05 10:00 - 2015-10-08 09:33 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ____D C:\Users\Gujas\AppData\Local\Skype
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ____D C:\ProgramData\Skype
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-01 17:44 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-19 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-19 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-19 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 20:41 - 2015-10-08 20:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-19 20:34 - 2015-11-30 10:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-19 20:29 - 2015-11-30 09:48 - 00001619 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-12-19 20:29 - 2015-11-30 09:48 - 00001607 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-12-18 23:24 - 2015-11-23 16:34 - 00001207 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-18 23:24 - 2015-11-23 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 23:24 - 2015-10-07 18:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 07:31 - 2015-11-10 12:29 - 00000000 ____D C:\Users\Gujas\Downloads\nauka referat
2015-12-17 12:53 - 2015-10-07 18:40 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 17:03 - 2015-11-29 22:41 - 00000000 ____D C:\Users\Gujas\AppData\Local\Deployment
2015-12-16 17:01 - 2015-11-24 09:18 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-12-16 17:01 - 2015-11-22 23:37 - 00000910 _____ C:\Users\Gujas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-12-16 17:01 - 2015-11-22 23:37 - 00000862 _____ C:\Users\Gujas\Desktop\Start Tor Browser.lnk
2015-12-15 11:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-15 11:22 - 2015-10-15 10:04 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2015-12-16 17:57 - 2015-12-16 17:57 - 0009955 _____ () C:\Users\Gujas\AppData\Local\HWVendorDetection.log
2015-11-14 21:13 - 2015-11-14 21:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Gujas\AppData\Local\Temp\avgnt.exe
C:\Users\Gujas\AppData\Local\Temp\_isB240.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Gujas\Desktop" je 937 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Preventivka

Napsal: 12 led 2016 15:54
od michi_trung
Avira mi neustále hlásí
Obrázek
Potřeboval bych se toho zbavit prosím :)

Děkuji

Re: Preventivka

Napsal: 12 led 2016 16:52
od altrok
Krasny den Vam preju :bye:



:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: Preventivka

Napsal: 12 led 2016 20:33
od michi_trung
# AdwCleaner v5.029 - Logfile created 12/01/2016 at 20:30:19
# Updated 11/01/2016 by Xplode
# Database : 2016-01-12.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Gujas - DESKTOP-MJ039PJ
# Running from : C:\Users\Gujas\Desktop\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Tmp0x0x
[-] Folder Deleted : C:\Users\Gujas\AppData\Local\slimware utilities inc

***** [ Files ] *****

[-] File Deleted : C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\searchplugins\webssearches.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [yahooprotected@gmail.com]
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\ICSW1.17
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.

***** [ Web browsers ] *****

[-] [C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : serafenergy.com
[-] [C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : snapashot.en.softonic.com
[-] [C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14502 ... 0DAEHX0DAX

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1831 bytes] ##########

Re: Preventivka

Napsal: 12 led 2016 20:50
od altrok
:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Re: Preventivka

Napsal: 12 led 2016 21:12
od michi_trung
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Gujas (administrator) on DESKTOP-MJ039PJ (12-01-2016 21:08:28)
Running from C:\Users\Gujas\Desktop
Loaded Profiles: Gujas (Available Profiles: Gujas)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Gujas\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16403712 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\...\RunOnce: [Uninstall C:\Users\Gujas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gujas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\...\MountPoints2: {7a6efd2e-6d18-11e5-8d6c-806e6f6e6963} - "E:\DistinguishOS.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0869dc63-b0ca-4d99-b389-3a77dd26fa38}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483200893&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483224979&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130970833483236675&GUID=958F57D2-C58E-4E60-A096-D8AB538555DA
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2610218684-3848601247-1926621778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-10-15] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-02] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-02] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Extension: No Name - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com [not found]
FF Extension: Avira Browser Safety - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\abs@avira.com [2015-11-23] [not signed]
FF Extension: Magic Actions for YouTube™ - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2015-11-06]
FF Extension: Adblock Plus - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "","hxxp://www.yoursearching.com/?type=hp&ts=14502 ... 0DAEHX0DAX"
CHR DefaultSearchURL: Default -> hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
CHR DefaultSearchKeyword: Default -> google.cz__
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-16]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-16]
CHR Extension: (Dokumenty Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-16]
CHR Extension: (Disk Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (YouTube) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-16]
CHR Extension: (Adblock Plus) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (Tabulky Google) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-16]
CHR Extension: (Last.fm Scrobbler) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2016-01-04]
CHR Extension: (Heap Poznámka) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpiejadkdojdbfgfocaoahhbepnlpph [2015-12-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-12-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-16]
CHR Extension: (Click&Clean App) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-12-16]
CHR Extension: (Gmail) - C:\Users\Gujas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-11-01] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1340760 2015-08-10] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-09] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-11-01] (Broadcom Corporation.)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11236088 2015-10-07] (Broadcom Corp)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-10-15] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-10-15] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-07] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 21:08 - 2016-01-12 21:09 - 00023500 _____ C:\Users\Gujas\Desktop\FRST.txt
2016-01-12 21:07 - 2016-01-12 21:07 - 00029696 _____ C:\Users\Gujas\AppData\Local\MSGBOX.EXE
2016-01-12 21:07 - 2016-01-12 21:07 - 00015327 _____ C:\Users\Gujas\Desktop\LM.bat
2016-01-12 21:05 - 2016-01-12 21:07 - 00112640 _____ (forum.viry.cz) C:\Users\Gujas\Desktop\FRSTLauncher.exe
2016-01-12 21:05 - 2016-01-12 21:05 - 02370560 _____ (Farbar) C:\Users\Gujas\Desktop\FRST64.exe
2016-01-12 20:28 - 2016-01-12 20:30 - 00000000 ____D C:\AdwCleaner
2016-01-12 20:26 - 2016-01-12 20:28 - 01754112 _____ C:\Users\Gujas\Desktop\adwcleaner_5.029.exe
2016-01-12 20:11 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 20:11 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 20:11 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 20:11 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 20:11 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 20:11 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 20:11 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 20:11 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 20:11 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 20:11 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 20:11 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 20:11 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 20:11 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 20:11 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 20:11 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 20:11 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 20:11 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 20:11 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 20:11 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 20:11 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 20:11 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 20:11 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 20:11 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 20:11 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 20:11 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 20:11 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-12 20:11 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 20:11 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 20:11 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 20:11 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-01-12 20:11 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 20:11 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 20:11 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 20:11 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 20:11 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 20:11 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 20:11 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-12 20:11 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 20:11 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-12 20:11 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 20:11 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 20:11 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 20:11 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 20:11 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 20:11 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 20:11 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 20:11 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 20:11 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 20:11 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 20:11 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 20:11 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 20:11 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 20:11 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 20:11 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-12 20:11 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 20:11 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 20:11 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 20:11 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 20:11 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 20:11 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 20:11 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 20:11 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 20:11 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 20:11 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 20:11 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 20:11 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 20:11 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 20:11 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 20:11 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 20:11 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 20:11 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 20:11 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 20:11 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 20:11 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 20:11 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 20:11 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 20:11 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 20:11 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 15:46 - 2016-01-12 15:46 - 00004528 _____ C:\Users\Gujas\Desktop\Addition.zip
2016-01-12 15:42 - 2016-01-12 21:07 - 00000000 ____D C:\FRST
2016-01-12 15:35 - 2016-01-12 15:35 - 00009715 _____ C:\Users\Gujas\Documents\22,5.xlsx
2016-01-12 15:34 - 2016-01-12 15:34 - 00613655 _____ C:\Users\Gujas\Documents\22.5.pdf
2016-01-12 14:37 - 2016-01-12 14:37 - 00586322 _____ C:\Users\Gujas\Downloads\Fyzika.rar
2016-01-12 14:37 - 2016-01-12 14:37 - 00586322 _____ C:\Users\Gujas\Downloads\Fyzika (1).rar
2016-01-12 14:36 - 2016-01-12 14:36 - 01300385 _____ C:\Users\Gujas\Downloads\Fyzika_laborky (1).rar
2016-01-12 14:36 - 2016-01-12 14:36 - 01252649 _____ C:\Users\Gujas\Downloads\laborky (1).rar
2016-01-12 14:29 - 2016-01-12 14:29 - 00020964 _____ C:\Users\Gujas\Documents\27,5.xlsx
2016-01-12 14:17 - 2016-01-12 14:17 - 00371604 _____ C:\Users\Gujas\Downloads\Nájmy-1 (1).xlsx
2016-01-12 13:03 - 2016-01-12 13:04 - 00000000 ____D C:\Users\Gujas\Downloads\h89fsd413
2016-01-12 11:02 - 2016-01-12 11:02 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-12 11:02 - 2016-01-12 11:02 - 00000000 ____D C:\Program Files\CCleaner
2016-01-12 11:01 - 2016-01-12 11:01 - 06805328 _____ (Piriform Ltd) C:\Users\Gujas\Downloads\ccsetup513.exe
2016-01-09 08:43 - 2016-01-09 08:43 - 02681789 _____ (Macromedia, Inc.) C:\Users\Gujas\Downloads\heattreatment.exe
2016-01-08 20:21 - 2016-01-12 13:04 - 00000000 ____D C:\Users\Gujas\Downloads\pp2
2016-01-07 22:10 - 2016-01-07 22:10 - 00000000 ____D C:\Users\Gujas\Downloads\mat3
2016-01-07 22:08 - 2016-01-07 22:09 - 25674764 _____ C:\Users\Gujas\Downloads\prezentace.rar
2016-01-07 22:03 - 2016-01-07 22:07 - 56373014 _____ C:\Users\Gujas\Downloads\KOMPLET-Technologie-I.zip
2016-01-07 20:07 - 2016-01-07 20:07 - 00371604 _____ C:\Users\Gujas\Downloads\Nájmy-1.xlsx
2016-01-07 20:07 - 2016-01-07 20:07 - 00009152 _____ C:\Users\Gujas\Downloads\nedoplatky.xlsx
2016-01-07 13:31 - 2016-01-07 13:31 - 00009152 _____ C:\Users\Gujas\Documents\nedoplatky.xlsx
2016-01-05 14:35 - 2016-01-05 14:35 - 01300385 _____ C:\Users\Gujas\Downloads\Fyzika_laborky.rar
2016-01-05 14:35 - 2016-01-05 14:35 - 01252649 _____ C:\Users\Gujas\Downloads\laborky.rar
2016-01-05 12:10 - 2016-01-05 12:10 - 00204114 _____ C:\Users\Gujas\Downloads\20160105_potvrzeni.pdf
2016-01-05 11:27 - 2016-01-05 11:27 - 00053248 _____ C:\Users\Gujas\Downloads\18.1.xls
2016-01-05 10:00 - 2016-01-05 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-29 12:18 - 2015-12-29 12:18 - 10158386 _____ C:\Users\Gujas\Downloads\NOM2.zip
2015-12-23 22:08 - 2015-12-23 22:09 - 91158979 _____ C:\Users\Gujas\Downloads\1-1450802828.rar
2015-12-18 05:55 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 05:55 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 05:55 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 05:55 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 05:54 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 05:54 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 05:54 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 05:54 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 05:54 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 05:54 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 05:54 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 05:54 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 05:54 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 05:54 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 05:54 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 05:54 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 05:54 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 05:54 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 05:54 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 05:54 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 05:54 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 05:54 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 05:54 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 05:54 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 05:54 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 05:54 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 05:54 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 05:54 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 05:54 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 05:54 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 05:54 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 05:54 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 05:54 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 05:54 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 05:54 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 05:54 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 05:54 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 05:54 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 05:54 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 05:54 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 05:54 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 05:54 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 05:54 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 05:54 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 05:54 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 05:54 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 05:54 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 05:54 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 05:54 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 05:54 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 05:54 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 05:54 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 05:54 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 05:54 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 16:53 - 2015-12-17 17:03 - 2746379544 _____ C:\Users\Gujas\Downloads\Houkal-2015-12-17.zip
2015-12-16 18:08 - 2015-12-16 20:50 - 00000000 ____D C:\Users\Gujas\Documents\My Videos
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\CyberLink
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\Users\Gujas\AppData\Local\CyberLink
2015-12-16 18:08 - 2015-12-16 18:08 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-16 18:05 - 2015-12-16 18:05 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-16 18:03 - 2015-12-16 18:04 - 00000000 ____D C:\ProgramData\Temp
2015-12-16 18:02 - 2015-12-16 18:02 - 00000000 ____D C:\Users\Gujas\Documents\Webcam_Acer_1.5.2624.00_W7x64
2015-12-16 17:59 - 2015-12-16 18:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam
2015-12-16 17:59 - 2015-12-16 17:59 - 00000000 ____D C:\Program Files (x86)\Acer Crystal Eye webcam
2015-12-16 17:16 - 2015-12-16 17:16 - 00411147 _____ C:\Users\Gujas\Downloads\magicactions.xpi
2015-12-16 17:01 - 2016-01-12 15:39 - 00004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{199B1703-41B4-45E9-9053-D39EC8575F71}
2015-12-16 16:48 - 2015-12-16 16:54 - 00000000 ____D C:\WINDOWS\SysWOW64\x64
2015-12-16 16:48 - 2007-09-14 15:28 - 00016005 _____ C:\WINDOWS\SysWOW64\snp2uvc.cat
2015-12-16 16:48 - 2007-08-13 14:54 - 01749376 _____ () C:\WINDOWS\SysWOW64\snp2uvc.sys
2015-12-16 16:48 - 2007-08-06 14:04 - 00028032 _____ () C:\WINDOWS\SysWOW64\sncduvc.sys
2015-12-16 16:48 - 2007-07-05 12:35 - 00094208 _____ (sonix) C:\WINDOWS\SysWOW64\PLFSetL.exe
2015-12-16 16:48 - 2007-06-28 09:18 - 00000131 _____ C:\WINDOWS\SysWOW64\PidList.ini
2015-12-16 16:48 - 2007-04-02 12:40 - 00172032 _____ ( ) C:\WINDOWS\SysWOW64\rsnp2uvc.dll
2015-12-16 16:48 - 2006-11-07 09:17 - 00286720 _____ (Sonix) C:\WINDOWS\SysWOW64\vsnp2uvc.dll
2015-12-16 16:41 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Opera Software
2015-12-16 16:41 - 2015-12-16 17:01 - 00000000 ____D C:\Users\Gujas\AppData\Local\Opera Software
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Shortcut
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\AION
2015-12-16 16:37 - 2015-12-16 16:37 - 00000000 ____D C:\Users\Gujas\AppData\Local\AION
2015-12-16 16:36 - 2015-12-16 17:01 - 00000000 ____D C:\Program Files (x86)\Opera

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 20:51 - 2015-10-07 18:40 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 20:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-12 20:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-12 20:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-12 20:38 - 2015-10-07 18:35 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-12 20:37 - 2015-10-15 10:30 - 00000578 _____ C:\WINDOWS\Tasks\MATLAB R2015b Startup Accelerator.job
2016-01-12 20:32 - 2015-10-08 15:26 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-12 20:32 - 2015-10-07 22:03 - 00000000 __SHD C:\Users\Gujas\IntelGraphicsProfiles
2016-01-12 20:32 - 2015-10-07 18:40 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 20:31 - 2015-11-14 21:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-12 20:30 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-12 20:21 - 2015-11-14 21:07 - 00353112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-12 20:20 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-12 20:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-12 20:17 - 2015-11-14 21:16 - 00000000 ____D C:\Users\Gujas
2016-01-12 20:13 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 15:37 - 2015-10-08 15:27 - 00000000 ___RD C:\Users\Gujas\Disk Google
2016-01-12 15:37 - 2015-10-07 18:40 - 00002391 _____ C:\Users\Gujas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-12 15:37 - 2015-10-07 18:40 - 00000000 ___RD C:\Users\Gujas\OneDrive
2016-01-12 15:31 - 2015-10-08 15:26 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-12 14:37 - 2015-10-07 18:36 - 00000000 ____D C:\Users\Gujas\AppData\Local\Packages
2016-01-12 11:18 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-12 11:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-12 11:17 - 2015-10-07 22:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-12 11:04 - 2015-11-14 22:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-12 11:04 - 2015-11-14 21:06 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-12 09:06 - 2015-10-08 20:38 - 00000000 ____D C:\Users\Gujas\AppData\Local\Adobe
2016-01-11 21:14 - 2015-11-18 08:25 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\vlc
2016-01-11 19:13 - 2015-10-08 08:35 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\uTorrent
2016-01-07 20:01 - 2015-10-08 09:33 - 00000000 ____D C:\Users\Gujas\AppData\Roaming\Skype
2016-01-05 13:43 - 2015-11-24 08:20 - 00000000 ____D C:\Users\Gujas\Documents\14.3
2016-01-05 10:00 - 2015-10-08 09:33 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ____D C:\Users\Gujas\AppData\Local\Skype
2016-01-05 10:00 - 2015-10-08 09:33 - 00000000 ____D C:\ProgramData\Skype
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-19 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-19 21:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 20:41 - 2015-10-08 20:39 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-19 20:34 - 2015-11-30 10:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-19 20:29 - 2015-11-30 09:48 - 00001619 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-12-19 20:29 - 2015-11-30 09:48 - 00001607 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-12-18 23:24 - 2015-11-23 16:34 - 00001207 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-12-18 23:24 - 2015-11-23 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-18 23:24 - 2015-10-07 18:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 07:31 - 2015-11-10 12:29 - 00000000 ____D C:\Users\Gujas\Downloads\nauka referat
2015-12-17 12:53 - 2015-10-07 18:40 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 17:03 - 2015-11-29 22:41 - 00000000 ____D C:\Users\Gujas\AppData\Local\Deployment
2015-12-16 17:01 - 2015-11-24 09:18 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-12-16 17:01 - 2015-11-22 23:37 - 00000910 _____ C:\Users\Gujas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-12-16 17:01 - 2015-11-22 23:37 - 00000862 _____ C:\Users\Gujas\Desktop\Start Tor Browser.lnk
2015-12-15 11:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-15 11:22 - 2015-10-15 10:04 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2015-12-16 17:57 - 2015-12-16 17:57 - 0009955 _____ () C:\Users\Gujas\AppData\Local\HWVendorDetection.log
2016-01-12 21:07 - 2016-01-12 21:07 - 0029696 _____ () C:\Users\Gujas\AppData\Local\MSGBOX.EXE
2015-11-14 21:13 - 2015-11-14 21:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Gujas\AppData\Local\Temp\avgnt.exe
C:\Users\Gujas\AppData\Local\Temp\_isB240.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-09 20:31

==================== End of FRST.txt ============================

Re: Preventivka

Napsal: 12 led 2016 21:28
od altrok
:arrow: Po restartu dejte vedet, jak se PC chova.



  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
File: C:\WINDOWS\System32\bcmihvsrv64.dll
File: C:\WINDOWS\SysWOW64\x64
File: C:\WINDOWS\SysWOW64\snp2uvc.cat
File: C:\WINDOWS\SysWOW64\snp2uvc.sys
File: C:\WINDOWS\SysWOW64\sncduvc.sys
File: C:\WINDOWS\SysWOW64\PLFSetL.exe
File: C:\WINDOWS\SysWOW64\PidList.ini
File: C:\WINDOWS\SysWOW64\rsnp2uvc.dll
File: C:\WINDOWS\SysWOW64\vsnp2uvc.dll
Folder: C:\Users\Gujas\AppData\Roaming\Opera Software
Folder: C:\Users\Gujas\AppData\Local\Opera Software
Folder: C:\Users\Gujas\AppData\Roaming\Shortcut
Folder: C:\Users\Gujas\AppData\Roaming\AION
Folder: C:\Users\Gujas\AppData\Local\AION
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\...\MountPoints2: {7a6efd2e-6d18-11e5-8d6c-806e6f6e6963} - "E:\DistinguishOS.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2610218684-3848601247-1926621778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Extension: No Name - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com [not found]
CHR StartupUrls: Default -> "","hxxp://www.yoursearching.com/?type=hp&ts=1450280242&z=9ee7f9316e5507708cb2f93g1z2w3e4o2b6e5o2zcg&from=cor&uid=HitachiXHTS547575A9E384_J2140059EHX0DAEHX0DAX"
2016-01-12 21:08 - 2016-01-12 21:09 - 00023500 _____ C:\Users\Gujas\Desktop\FRST.txt
2016-01-12 21:07 - 2016-01-12 21:07 - 00029696 _____ C:\Users\Gujas\AppData\Local\MSGBOX.EXE
2016-01-12 21:07 - 2016-01-12 21:07 - 00015327 _____ C:\Users\Gujas\Desktop\LM.bat
2016-01-12 20:28 - 2016-01-12 20:30 - 00000000 ____D C:\AdwCleaner
2016-01-12 20:26 - 2016-01-12 20:28 - 01754112 _____ C:\Users\Gujas\Desktop\adwcleaner_5.029.exe
2016-01-12 15:46 - 2016-01-12 15:46 - 00004528 _____ C:\Users\Gujas\Desktop\Addition.zip
Hosts:
EmptyTemp:
End

Re: Preventivka

Napsal: 12 led 2016 23:03
od michi_trung
Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Gujas (2016-01-12 21:57:16) Run:1
Running from C:\Users\Gujas\Desktop
Loaded Profiles: Gujas (Available Profiles: Gujas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\WINDOWS\System32\bcmihvsrv64.dll
File: C:\WINDOWS\SysWOW64\x64
File: C:\WINDOWS\SysWOW64\snp2uvc.cat
File: C:\WINDOWS\SysWOW64\snp2uvc.sys
File: C:\WINDOWS\SysWOW64\sncduvc.sys
File: C:\WINDOWS\SysWOW64\PLFSetL.exe
File: C:\WINDOWS\SysWOW64\PidList.ini
File: C:\WINDOWS\SysWOW64\rsnp2uvc.dll
File: C:\WINDOWS\SysWOW64\vsnp2uvc.dll
Folder: C:\Users\Gujas\AppData\Roaming\Opera Software
Folder: C:\Users\Gujas\AppData\Local\Opera Software
Folder: C:\Users\Gujas\AppData\Roaming\Shortcut
Folder: C:\Users\Gujas\AppData\Roaming\AION
Folder: C:\Users\Gujas\AppData\Local\AION
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\...\MountPoints2: {7a6efd2e-6d18-11e5-8d6c-806e6f6e6963} - "E:\DistinguishOS.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2610218684-3848601247-1926621778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Extension: No Name - C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com [not found]
CHR StartupUrls: Default -> "","hxxp://www.yoursearching.com/?type=hp&ts=14502 ... 0DAEHX0DAX"
2016-01-12 21:08 - 2016-01-12 21:09 - 00023500 _____ C:\Users\Gujas\Desktop\FRST.txt
2016-01-12 21:07 - 2016-01-12 21:07 - 00029696 _____ C:\Users\Gujas\AppData\Local\MSGBOX.EXE
2016-01-12 21:07 - 2016-01-12 21:07 - 00015327 _____ C:\Users\Gujas\Desktop\LM.bat
2016-01-12 20:28 - 2016-01-12 20:30 - 00000000 ____D C:\AdwCleaner
2016-01-12 20:26 - 2016-01-12 20:28 - 01754112 _____ C:\Users\Gujas\Desktop\adwcleaner_5.029.exe
2016-01-12 15:46 - 2016-01-12 15:46 - 00004528 _____ C:\Users\Gujas\Desktop\Addition.zip
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\WINDOWS\System32\bcmihvsrv64.dll ========================

File is digitally signed
MD5: CD103A4F163D08399A3770BCBD93E210
Creation and modification date: 2015-10-07 18:53 - 2015-10-07 18:53
Size: 4134920
Attributes: ----A
Company Name: Broadcom Corporation
Internal Name: bcmihvsrv.dll
Original Name: bcmihvsrv.dll
Product: Broadcom Native 802.11 WLAN IHV Service
Description: Broadcom Native 802.11 WLAN IHV Service
File Version: 7.35.290.0
Product Version: 7.35.290.0
Copyright: 1998-2012, Broadcom Corporation All Rights Reserved.

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\x64 ========================

File not signed
MD5:
Creation and modification date: 2015-12-16 16:48 - 2015-12-16 16:54
Size: 0000000
Attributes: ----D
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\snp2uvc.cat ========================

File is digitally signed
MD5: 0FB19CAD6879D0A1C4A45D65AEBEFC0D
Creation and modification date: 2015-12-16 16:48 - 2007-09-14 15:28
Size: 0016005
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\snp2uvc.sys ========================

File is digitally signed
MD5: D79FE8FF4C1A11CD650A8BBEAC62BE9F
Creation and modification date: 2015-12-16 16:48 - 2007-08-13 14:54
Size: 1749376
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: UVC Camera Streaming Driver
Description: UVC Camera Streaming Driver
File Version: 1, 8, 1, 0
Product Version: 1, 8, 1, 0
Copyright: Copyright 2004-2007

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\sncduvc.sys ========================

File is digitally signed
MD5: A10AB556379FE56A37BAA43C3E7DF23E
Creation and modification date: 2015-12-16 16:48 - 2007-08-06 14:04
Size: 0028032
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: USBCAMD for Sonix UVC
Description: USBCAMD for Sonix UVC
File Version: 1.2.0.0
Product Version: 1.2.0.0
Copyright: Copyright 2004-2007

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\PLFSetL.exe ========================

File is digitally signed
MD5: FB1EEAB5A76A943060DEFA4CCC45143B
Creation and modification date: 2015-12-16 16:48 - 2007-07-05 12:35
Size: 0094208
Attributes: ----A
Company Name: sonix
Internal Name: DefaultSettingEXE
Original Name: DefaultSettingEXE.exe
Product: sonix DefaultSettingEXE
Description: DefaultSettingEXE
File Version: 1, 0, 0, 0
Product Version: 1, 0, 0, 0
Copyright: Copyright c 2007

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\PidList.ini ========================

File is digitally signed
MD5: B08BB260CFFAB2B6A8D4A1640FD63E45
Creation and modification date: 2015-12-16 16:48 - 2007-06-28 09:18
Size: 0000131
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\rsnp2uvc.dll ========================

File is digitally signed
MD5: 63ED8861E58C3C3FAEC1B85794158D19
Creation and modification date: 2015-12-16 16:48 - 2007-04-02 12:40
Size: 0172032
Attributes: ----A
Company Name:
Internal Name: ResourceDLL
Original Name: ResourceDLL.dll
Product: ResourceDLL
Description: ResourceDLL
File Version: 1, 0, 2, 0
Product Version: 1, 0, 2, 0
Copyright: Copyright c 2004

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\vsnp2uvc.dll ========================

File is digitally signed
MD5: 086A3FFA143F2353A15D3B7FE9EC1C62
Creation and modification date: 2015-12-16 16:48 - 2006-11-07 09:17
Size: 0286720
Attributes: ----A
Company Name: Sonix
Internal Name: camext20
Original Name: camext20.ax
Product:
Description: camext20
File Version: 1, 1, 1, 5
Product Version: 1, 1, 1, 5
Copyright: Copyright 2005

====== End of File: ======


========================= Folder: C:\Users\Gujas\AppData\Roaming\Opera Software ========================


====== End of Folder: ======


========================= Folder: C:\Users\Gujas\AppData\Local\Opera Software ========================


====== End of Folder: ======


========================= Folder: C:\Users\Gujas\AppData\Roaming\Shortcut ========================

2015-05-04 12:54 - 2015-05-04 12:54 - 0028134 _____ () C:\Users\Gujas\AppData\Roaming\Shortcut\fb.ico

====== End of Folder: ======


========================= Folder: C:\Users\Gujas\AppData\Roaming\AION ========================

2015-10-01 18:25 - 2015-10-01 18:25 - 0032038 _____ () C:\Users\Gujas\AppData\Roaming\AION\td.ico
2015-03-12 14:41 - 2015-03-12 14:41 - 0125952 _____ () C:\Users\Gujas\AppData\Roaming\AION\Uninstaller.exe

====== End of Folder: ======


========================= Folder: C:\Users\Gujas\AppData\Local\AION ========================


====== End of Folder: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
"HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a6efd2e-6d18-11e5-8d6c-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{7a6efd2e-6d18-11e5-8d6c-806e6f6e6963} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-2610218684-3848601247-1926621778-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Gujas\AppData\Roaming\Mozilla\Firefox\Profiles\osoipnrb.default\extensions\yahooprotected@gmail.com => path removed successfully
Chrome StartupUrls => removed successfully
"C:\Users\Gujas\Desktop\FRST.txt" => not found.
C:\Users\Gujas\AppData\Local\MSGBOX.EXE => moved successfully
C:\Users\Gujas\Desktop\LM.bat => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Gujas\Desktop\adwcleaner_5.029.exe => moved successfully
C:\Users\Gujas\Desktop\Addition.zip => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 448.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:57:27 ====

Re: Preventivka

Napsal: 12 led 2016 23:39
od altrok
Takze jeste uklidime.
A pokud nejsou dotazy ci jine problemy, je to ode mne vse.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz