prosím o preventivní kontrolu logu

[pavel17]

zdravím, prosím o preventivní kontrolu logu, díky moc

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Dubas (administrator) on DUBAS-PC (06-03-2016 12:10:29)
Running from C:\Users\Dubas\Desktop
Loaded Profiles: Dubas (Available Profiles: Dubas & Guest)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.92\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [212992 2007-10-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296096 2012-09-27] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [KiesTrayAgent] => D:\Program Files\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.cz/cz.special-uninstallation-fe ... 1TUDFUQisx (the data entry has 142 more characters).
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\Run: [Google Update] => C:\Users\Dubas\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-03] (Google Inc.)
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [801816 2013-09-27] (ZONER software)
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\MountPoints2: G - G:\SETUP.EXE -autorun
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\...\MountPoints2: I - I:\RunGame.exe
IFEO\acad.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\acsignapply.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\acstart17.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\admigrator.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\adrefman.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\chrome.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\connectify.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\connectifyshutdown.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\connectifystartup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\connectifysupportcenter.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\dispatchui.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\dwgcheckstandards.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\expressviewer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\firefox.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\pc3exe.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\plu26.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\realconverter.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\realplay.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\realtrimmer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\rnxproc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\styexe.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4F82BE6B-CF55-4116-AB83-E0C316542368}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D762885E-E95F-4D40-87F6-222B729489DE}: [DhcpNameServer] 147.230.16.140 147.230.16.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=lav01&v=3_4&ent=hp&u=108A299A11E068B40C7B125567EEE46E
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
HKU\S-1-5-21-147122990-2052833100-2979144736-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
URLSearchHook: HKU\S-1-5-21-147122990-2052833100-2979144736-1000 - (No Name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No File
SearchScopes: HKLM -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKLM -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKU\S-1-5-21-147122990-2052833100-2979144736-1000 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/?query={searchTerms}
SearchScopes: HKU\S-1-5-21-147122990-2052833100-2979144736-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=lav01&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKU\S-1-5-21-147122990-2052833100-2979144736-1000 -> {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = hxxp://search.qip.ru/?query={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-27] (RealPlayer)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-10] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-10] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

FireFox:
========
FF ProfilePath: C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-09-27] (RealPlayer)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> d:\Program Files\Veetle\plugins\npVeetle.dll [No File]
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> d:\Program Files\Veetle\Player\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-147122990-2052833100-2979144736-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dubas\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-147122990-2052833100-2979144736-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dubas\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-04] (Google Inc.)
FF user.js: detected! => C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default\user.js [2013-10-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2009-07-15] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-09-27] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-09-27] (RealPlayer)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml [2009-07-15]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml [2009-07-15]
FF Extension: No Name - C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} [not found]
FF Extension: RadioBar Toolbar - C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default\extensions\radiobar@toolbar [2010-05-18] [not signed]
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-27] [not signed]
FF Extension: No Name - C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [not found]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2009-07-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2009-07-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2009-07-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2009-07-15]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Native Client) - C:\Users\Dubas\AppData\Local\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dubas\AppData\Local\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Dubas\AppData\Local\Google\Chrome\Application\45.0.2454.101\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (AVG Internet Security) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll => No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\Dubas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
CHR Plugin: (Veetle TV Player) - d:\Program Files\Veetle\Player\npvlc.dll => No File
CHR Plugin: (Veetle TV Core) - d:\Program Files\Veetle\plugins\npVeetle.dll => No File
CHR Profile: C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-06]
CHR Extension: (Chromebleed) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-09]
CHR Extension: (Gmail) - C:\Users\Dubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-27]
StartMenuInternet: Google Chrome - C:\Users\Dubas\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxps://www.seznam.cz/?logged=1#obsah"

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [865704 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
S4 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-12-23] (Connectify) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-09-23] (Flexera Software, Inc.)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-22] (Microsoft Corporation)
S4 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-09-23] (SolidWorks) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1514304 2011-12-14] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S4 RemoteSolverDispatcher; "D:\Solidworks 2013\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2013" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [257456 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [198576 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-14] (AVG Technologies)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [29672 2013-11-24] (Connectify)
R3 CnxtHdAudService; C:\Windows\System32\drivers\CHDRT32.sys [201728 2008-02-26] (Conexant Systems Inc.) [File not signed]
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [56268 2009-03-15] (PowerISO Computing, Inc.) [File not signed]
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-10-20] (TuneUp Software)
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [186592 2011-02-22] (Jungo) [File not signed]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 12:10 - 2016-03-06 12:12 - 00022665 _____ C:\Users\Dubas\Desktop\FRST.txt
2016-03-06 12:09 - 2016-03-06 12:10 - 00000000 ____D C:\FRST
2016-03-06 12:07 - 2016-03-06 12:06 - 01725440 _____ (Farbar) C:\Users\Dubas\Desktop\FRST.exe
2016-02-28 17:08 - 2016-02-28 17:45 - 00000000 ____D C:\AdwCleaner
2016-02-28 17:08 - 2016-02-28 17:08 - 01518592 _____ C:\Users\Dubas\Desktop\adwcleaner_5.037.exe
2016-02-13 17:08 - 2016-02-13 17:08 - 00000000 ____D C:\Users\Dubas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-10 17:14 - 2016-01-16 10:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 17:14 - 2016-01-16 10:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 17:14 - 2016-01-16 10:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 17:14 - 2016-01-11 06:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 17:14 - 2016-01-11 06:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 17:14 - 2016-01-11 06:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 17:14 - 2016-01-11 06:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 17:14 - 2016-01-11 06:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 17:13 - 2016-01-21 22:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-10 17:13 - 2016-01-21 22:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 17:13 - 2016-01-21 22:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 17:13 - 2016-01-21 22:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 17:13 - 2016-01-21 22:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 17:13 - 2016-01-21 22:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 17:13 - 2016-01-21 22:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 17:13 - 2016-01-21 22:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 17:13 - 2016-01-21 22:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 17:13 - 2016-01-21 22:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 17:13 - 2016-01-21 22:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-10 17:13 - 2016-01-21 22:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-10 17:13 - 2016-01-21 22:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 17:13 - 2016-01-21 22:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 21:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 17:13 - 2016-01-21 21:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 17:13 - 2016-01-21 21:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 17:13 - 2016-01-21 21:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 17:13 - 2016-01-21 20:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 17:13 - 2016-01-21 20:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 17:13 - 2016-01-21 20:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 17:13 - 2016-01-21 20:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 17:13 - 2016-01-21 20:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 17:13 - 2016-01-21 20:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 17:13 - 2016-01-21 20:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 17:13 - 2016-01-21 20:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 20:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 20:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 17:13 - 2016-01-21 20:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 17:13 - 2016-01-07 09:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 17:13 - 2016-01-07 09:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 17:13 - 2016-01-06 10:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 17:13 - 2016-01-06 09:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 17:12 - 2016-02-06 02:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 17:12 - 2016-02-06 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 17:12 - 2016-02-06 01:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 17:12 - 2016-02-06 01:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 17:12 - 2016-02-06 01:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 17:12 - 2016-02-06 00:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 17:12 - 2016-01-22 12:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 17:12 - 2016-01-21 22:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 17:12 - 2016-01-21 22:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 17:12 - 2016-01-21 22:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 17:12 - 2016-01-21 22:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 17:12 - 2016-01-21 22:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 17:12 - 2016-01-21 21:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 17:12 - 2016-01-21 21:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 17:12 - 2016-01-21 21:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 17:12 - 2016-01-21 21:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 17:12 - 2016-01-21 21:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 17:12 - 2016-01-21 21:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 17:12 - 2016-01-21 21:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 17:12 - 2016-01-21 21:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 17:12 - 2016-01-21 21:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 17:12 - 2016-01-21 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 17:12 - 2016-01-21 21:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 17:12 - 2016-01-21 21:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 17:12 - 2016-01-21 21:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 17:12 - 2016-01-21 21:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 17:12 - 2016-01-21 21:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 17:12 - 2016-01-21 21:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 17:12 - 2016-01-21 21:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 17:12 - 2016-01-21 21:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 17:12 - 2016-01-21 21:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 17:12 - 2016-01-21 21:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 17:11 - 2016-01-21 22:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 17:11 - 2016-01-21 21:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 17:11 - 2016-01-21 21:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 17:11 - 2016-01-11 10:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 17:11 - 2016-01-11 10:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 17:11 - 2016-01-11 10:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 17:11 - 2016-01-11 10:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 17:11 - 2016-01-11 10:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 17:11 - 2016-01-11 10:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 17:11 - 2016-01-11 10:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 17:11 - 2016-01-11 10:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 17:11 - 2016-01-11 10:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 17:11 - 2016-01-11 10:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 17:11 - 2016-01-11 10:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-10 16:31 - 2016-02-10 16:31 - 00000000 ___RD C:\Program Files\Skype
2016-02-10 16:31 - 2016-02-10 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-10 16:31 - 2016-02-10 16:31 - 00000000 ____D C:\Program Files\Common Files\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-06 11:27 - 2012-04-02 23:59 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-06 09:45 - 2009-07-13 20:34 - 00028096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:45 - 2009-07-13 20:34 - 00028096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-06 09:40 - 2011-05-03 07:40 - 00000000 ____D C:\ProgramData\MFAData
2016-03-05 17:25 - 2015-01-14 09:13 - 00000000 ____D C:\Program Files\Opera
2016-03-05 17:21 - 2009-07-13 20:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-28 17:36 - 2010-04-14 00:29 - 00000000 ____D C:\Users\Dubas
2016-02-28 17:33 - 2009-07-13 18:03 - 81264640 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2016-02-28 17:33 - 2009-07-13 18:03 - 23068672 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2016-02-28 17:33 - 2009-07-13 18:03 - 00024576 _____ C:\Windows\system32\config\SECURITY_tureg_old
2016-02-28 17:27 - 2009-07-13 18:03 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2016-02-28 17:27 - 2009-07-13 18:03 - 00061440 _____ C:\Windows\system32\config\SAM_tureg_old
2016-02-26 18:00 - 2015-04-04 08:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-13 21:59 - 2015-07-29 07:04 - 00000000 ____D C:\Windows\rescache
2016-02-13 20:57 - 2010-04-14 00:31 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 20:57 - 2009-07-14 00:44 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-02-13 20:57 - 2009-07-14 00:44 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-02-13 20:57 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\inf
2016-02-13 19:27 - 2010-04-28 07:43 - 00000000 ___RD C:\Users\Dubas\Desktop\zastupci programy
2016-02-13 16:28 - 2010-04-14 00:58 - 00000000 ____D C:\Program Files\PowerArchiver
2016-02-13 16:09 - 2009-07-13 20:33 - 00345880 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-13 16:05 - 2014-12-12 10:41 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-13 16:05 - 2014-05-06 08:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-13 16:05 - 2009-07-14 01:21 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-13 16:03 - 2010-06-15 02:45 - 00000000 ____D C:\Users\Dubas\AppData\Roaming\Skype
2016-02-12 19:23 - 2013-08-15 12:20 - 00000000 ____D C:\Windows\system32\MRT
2016-02-12 19:20 - 2014-03-31 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-10 18:12 - 2010-04-18 07:37 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 16:32 - 2010-06-15 02:45 - 00000000 ____D C:\ProgramData\Skype
2016-02-10 16:31 - 2014-04-23 00:08 - 00000000 ____D C:\Users\Dubas\AppData\Local\Skype
2016-02-10 16:29 - 2012-04-02 23:59 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 16:29 - 2011-05-17 22:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-05-23 07:06 - 2010-08-14 01:41 - 0000000 _____ () C:\Users\Dubas\AppData\Roaming\FileIn.cns
2010-05-23 07:06 - 2010-08-14 01:41 - 0000000 _____ () C:\Users\Dubas\AppData\Roaming\FileOut.cns
2015-02-14 07:31 - 2015-02-14 07:31 - 0003584 _____ () C:\Users\Dubas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-16 05:01 - 2013-09-16 05:01 - 0004096 ____H () C:\Users\Dubas\AppData\Local\keyfile3.drm
2012-04-16 11:18 - 2012-04-16 11:20 - 0000332 _____ () C:\Users\Dubas\AppData\Local\Pociteni_spotreby_2.config
2013-03-01 08:12 - 2013-03-01 08:12 - 0000017 _____ () C:\Users\Dubas\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-28 12:58

==================== End of FRST.txt ============================

[JaRon]

ahoj,
citat:
Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[pavel17]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 7 Professional x86
Ran by Dubas (Administrator) on po 07.03.2016 at 19:25:07,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 41

Failed to delete: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFVAX2P6 (Temporary Internet Files Folder)
Successfully deleted: C:\user.js (File)
Successfully deleted: C:\Users\Dubas\Appdata\LocalLow\datamngr (Folder)
Successfully deleted: C:\Users\Dubas\AppData\Roaming\Mozilla\Firefox\Profiles\6e8durgf.default\user.js (File)
Successfully deleted: C:\Users\Dubas\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance (Task)
Successfully deleted: C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09AS6C93 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HCKE8YZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JKGI4OI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4PQG6RXM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90HS01WI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWUAFPZO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQS8I2ZM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0HHAF5U (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFWGB7ND (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JF6H0TF2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OGS4K9J3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OSHSD4AX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZBDGFCZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB21F9SY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XK6DOCOQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Dubas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU1HAW52 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09AS6C93 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HCKE8YZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JKGI4OI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4PQG6RXM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90HS01WI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DWUAFPZO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQS8I2ZM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0HHAF5U (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFWGB7ND (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JF6H0TF2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OGS4K9J3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OSHSD4AX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZBDGFCZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB21F9SY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XK6DOCOQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZFVAX2P6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU1HAW52 (Temporary Internet Files Folder)



Registry: 13

Successfully deleted: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 07.03.2016 at 19:31:54,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[JaRon]

pokial nie su problemy, tak hotovo