VIRY.CZ

Dobrý den,
našel jsem si zde topic, který už obdobný příklad řeší a úspěšně vyřešil. Jedná se o vir na fleshce, kdy překopírovaná data se mění pouze v zástpce. Použil jsem uváděný program USB fix, ale zatim to nepomohlo. Přikládám log z počítače.

############################## | UsbFix V 8.248 | [Research]

User: Obzen (Administrator) # OBZEN-PC
Updated 27/05/2016 by SOSVirus
Started at 15:11:58 | 11/07/2016

Website : https://www.usb-antivirus.com/
Tutorial : https://www.usb-antivirus.com/tutorial/
Support : http://www.sosvirus.org/
Live detection : http://www.sosmalware.com/usbfix/
Contact : https://www.usb-antivirus.com/contact/

################## | System information |

MB: Gigabyte Technology Co., Ltd. (B85M-D3H)
CPU: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
GC: AMD Radeon R9 200 Series
RAM -> [Total : 8063 Mo | Free : 7337 Mo]
Bios: American Megatrends Inc.
Boot: SafeMode with network

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 9.00.8112.16421
WB: Google Chrome : 44.0.2403.107
WB: Mozilla Firefox : 47.0
WB: Opera : 38.0.2220.41

################## | Security Information |

AS: Windows Defender [Enabled |(!) Outdated]
FW: Windows Firewall [(!) Disabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 931 Gb (647 Gb free - 69%) [] # NTFS
D:\ -> Removable disk # 8 Gb (7 Gb free - 97%) [] # NTFS

################## | Startup |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
04 - HKCU\..\Run : [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
04 - HKCU\..\Run : [Google Update] "C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [f.lux] "C:\Users\Obzen\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
04 - HKCU\..\Run : [tmp391F] wscript.exe //B "C:\Users\Obzen\AppData\Local\Temp\tmp391F.tmp.vbs"
04 - HKLM\..\Run : [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
04 - HKLM\..\Run : [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [tmp391F] wscript.exe //B "C:\Users\Obzen\AppData\Local\Temp\tmp391F.tmp.vbs"
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [StartCN] "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Run : [AutoKMS] C:\Windows\AutoKMS.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-794359640-1266989433-3461036011-1000\..\Run : [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
04 - HKU\S-1-5-21-794359640-1266989433-3461036011-1000\..\Run : [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
04 - HKU\S-1-5-21-794359640-1266989433-3461036011-1000\..\Run : [Google Update] "C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-794359640-1266989433-3461036011-1000\..\Run : [f.lux] "C:\Users\Obzen\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
04 - HKU\S-1-5-21-794359640-1266989433-3461036011-1000\..\Run : [tmp391F] wscript.exe //B "C:\Users\Obzen\AppData\Local\Temp\tmp391F.tmp.vbs"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Generic Research |

Found! C:\Users\Obzen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp391F.tmp.vbs
Found! C:\Windows\inf\msstp.vbe
Found! D:\tmp391F.tmp.vbs
Found! D:\Ashes Against the Grain.lnk
Found! C:\Users\Obzen\AppData\Local\Temp\tmp391F.tmp.vbs
Found! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|tmp391F
Found! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|tmp391F
Found! HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Windows\CurrentVersion\Run|tmp391F

Analysed in 118.6 seconds

################## | E.O.F | http://www.sosvirus.net/ | https://www.usb-antivirus.com/ |

Zdravím!
Vše nalezené zkuste smazat.

Projel jsem to teda USB Fixem a pak znova nechal vyjet LOG a abych nezapomněl, soubory na fleshce už jsou opět v pořádku :


############################## | UsbFix V 8.248 | [Research]

User: Obzen (Administrator) # OBZEN-PC
Updated 27/05/2016 by SOSVirus
Started at 18:25:23 | 11/07/2016

Website : https://www.usb-antivirus.com/
Tutorial : https://www.usb-antivirus.com/tutorial/
Support : http://www.sosvirus.org/
Live detection : http://www.sosmalware.com/usbfix/
Contact : https://www.usb-antivirus.com/contact/

################## | System information |

MB: Gigabyte Technology Co., Ltd. (B85M-D3H)
CPU: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
GC: AMD Radeon R9 200 Series
RAM -> [Total : 8063 Mo | Free : 6934 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 9.00.8112.16421
WB: Google Chrome : 44.0.2403.107
WB: Mozilla Firefox : 47.0
WB: Opera : 38.0.2220.41

################## | Security Information |

AS: Windows Defender [(!) Disabled |(!) Outdated]
FW: Windows Firewall [(!) Disabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 931 Gb (648 Gb free - 70%) [] # NTFS
D:\ -> Removable disk # 8 Gb (7 Gb free - 98%) [] # NTFS

################## | Startup |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\SYSTEM32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [StartCN] "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
04 - [x64] HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - [x64] HKLM\..\Run : [AutoKMS] C:\Windows\AutoKMS.exe

################## | Generic Research |


Analysed in 5.827 seconds

################## | E.O.F | http://www.sosvirus.net/ | https://www.usb-antivirus.com/ |

OK: Takže vše v pořádku?

Jo, fleshky jsou v pořádku, mám tedy dál pokračovat v kontrole a stáhnout roguekiller? Protože už sem si ho stahl a provedl kontrolu. Tohle mi z toho vyjelo:

RogueKiller V12.3.7.0 (x64) [Jul 4 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Obzen [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Prohledat -- Datum : 07/11/2016 19:05:44

¤¤¤ Procesy : 2 ¤¤¤
[VT.Unknown] iexplore.exe(1260) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe[x] -> Nalezeno
[VT.Unknown] iexplore.exe(2248) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe[x] -> Nalezeno

¤¤¤ Registry : 2 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM 003-1ER162 SCSI Disk Device +++++
--- User ---
[MBR] eb0caadf733d12b0508239406161c92c
[BSP] d12070fffe2158263145878fefaeb813 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: A-DATA USB Flash Drive USB Device +++++
--- User ---
[MBR] f777761d6f3a7a0bd9b06703f5360a46
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 63 | Size: 3855 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: General UDisk USB Device +++++
--- User ---
[MBR] a3115b24da1e92bd97174d3d0a046165
[BSP] adc99f0e5fae0813cd9aa3dd43892bed : Legit.Unknown|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 64 | Size: 7799 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Jestli chcete vyčistit samotné PC, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Ok, přikládám jak log z FRST tak log z ADDITIONAL

Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Obzen (administrator) on OBZEN-PC (11-07-2016 19:27:02)
Running from C:\Users\Obzen\Downloads
Loaded Profiles: Obzen (Available Profiles: Obzen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\UsbFix\UsbFix.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
() C:\Program Files\RogueKiller\RogueKiller64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2016-03-21] ()
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{54E2AA7E-B702-4BCE-ADC1-E33B1351D719}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={ ... R}&ar=home
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.sk
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF ProfilePath: C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.449 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/O1DPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: eyeguard - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\jid1-4kGswXOBHEsvhQ@jetpack.xpi [2016-05-04]
FF Extension: Adblock Plus - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-04-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-20] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-09-18] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-11] ()
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 19:27 - 2016-07-11 19:27 - 00020308 _____ C:\Users\Obzen\Downloads\FRST.txt
2016-07-11 19:26 - 2016-07-11 19:27 - 00000000 ____D C:\FRST
2016-07-11 19:26 - 2016-07-11 19:26 - 02390528 _____ (Farbar) C:\Users\Obzen\Downloads\FRST64.exe
2016-07-11 18:46 - 2016-07-11 18:46 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-11 18:44 - 2016-07-11 18:45 - 00001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-07-11 18:43 - 2016-07-11 18:44 - 29003664 _____ (Adlice Software ) C:\Users\Obzen\Downloads\RogueKiller.exe
2016-07-11 18:35 - 2016-07-11 18:35 - 00008525 _____ C:\Users\Obzen\Desktop\UsbFix_Report.txt
2016-07-11 18:24 - 2016-07-11 18:24 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-11 18:12 - 2016-07-11 18:16 - 00000000 ____D C:\HiJackthis
2016-07-11 18:08 - 2016-07-11 18:22 - 00000000 ____D C:\Users\Obzen\Downloads\backups
2016-07-11 15:10 - 2016-07-11 15:11 - 00073768 _____ C:\Windows\ntbtlog.txt
2016-07-10 22:35 - 2016-07-10 22:38 - 11085492 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(23).avi.4624137152083426479.part
2016-07-10 22:19 - 2016-07-10 22:38 - 302122560 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(22).avi.4026865988881520559.part
2016-07-10 19:48 - 2016-07-10 22:38 - 758770828 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(21).avi.7421730725524875093.part
2016-07-10 19:43 - 2016-07-10 22:35 - 838760806 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(20).avi
2016-07-10 19:26 - 2016-07-10 22:18 - 838313032 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(19).avi
2016-07-10 18:59 - 2016-07-10 19:47 - 840950480 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(18).avi
2016-07-10 18:54 - 2016-07-10 19:42 - 834092658 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(17).avi
2016-07-10 18:27 - 2016-07-10 19:25 - 840181930 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(16).avi
2016-07-10 17:52 - 2016-07-10 18:59 - 839513350 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(15).avi
2016-07-10 17:48 - 2016-07-10 18:53 - 838551286 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(14).avi
2016-07-10 17:28 - 2016-07-10 18:23 - 807308838 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(13).avi
2016-07-10 16:56 - 2016-07-10 17:52 - 830052722 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(10).avi
2016-07-10 16:51 - 2016-07-10 17:48 - 836801412 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(12).avi
2016-07-10 16:35 - 2016-07-10 17:27 - 845933060 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(11).avi
2016-07-10 15:55 - 2016-07-10 16:51 - 830066422 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(9).avi
2016-07-10 15:49 - 2016-07-10 16:55 - 1010645124 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_08_Poušť---Válka-v-Severní-Africe.AVI
2016-07-10 15:38 - 2016-07-10 16:35 - 842634348 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(7).avi
2016-07-10 15:01 - 2016-07-10 15:49 - 781089238 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_06_Banzai---Japonsko.AVI
2016-07-10 15:00 - 2016-07-10 15:55 - 780667106 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_05_Barbarosa.AVI
2016-07-10 14:51 - 2016-07-10 15:38 - 688662424 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_04_Osamělá-Británie.AVI
2016-07-10 14:05 - 2016-07-10 15:01 - 838894870 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(3).avi
2016-07-10 14:05 - 2016-07-10 15:00 - 832630308 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(1).avi
2016-07-10 14:05 - 2016-07-10 14:51 - 736551464 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_02_Vzdálená-válka.AVI
2016-07-09 07:42 - 2016-07-09 07:42 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Obzen\Downloads\UsbFix_2016_8.248.exe
2016-07-09 07:42 - 2016-07-09 07:42 - 00001448 _____ C:\Users\Obzen\Desktop\UsbFix.lnk
2016-07-09 07:42 - 2016-07-09 07:42 - 00000000 ____D C:\UsbFix
2016-07-08 19:01 - 2016-07-08 19:01 - 00000000 ____D C:\Users\Obzen\Desktop\Ailerons
2016-07-04 15:27 - 2016-07-04 15:27 - 00287248 _____ C:\Users\Obzen\Documents\Základní_info_2016.pdf
2016-07-04 15:02 - 2016-07-04 15:02 - 00000000 ___SD C:\Users\Obzen\Documents\Zdroje dat
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-8
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-10
2016-07-03 17:07 - 2016-07-03 17:53 - 141997323 _____ C:\Users\Obzen\Downloads\GUEST ART.rar
2016-06-28 14:22 - 2016-06-28 22:34 - 1478343311 _____ C:\Users\Obzen\Downloads\Windows-10-ISO-CZ-x64.rar.part
2016-06-27 16:01 - 2016-06-30 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-27 12:17 - 2016-06-27 12:17 - 03703360 _____ C:\Users\Obzen\Downloads\AdwCleaner_5.200.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 09395584 _____ ( ) C:\Users\Obzen\Downloads\adwcleaner_5.016.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-06-27 11:38 - 2016-06-27 11:48 - 00000000 ____D C:\Users\Obzen\AppData\Local\FreeFixer
2016-06-27 11:38 - 2016-06-27 11:38 - 02552029 _____ C:\Users\Obzen\Downloads\freefixer_portable.zip
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\Downloads\freefixer_portable
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\FreeFixer
2016-06-19 15:02 - 2016-06-19 15:24 - 373750155 _____ C:\Users\Obzen\Downloads\Strapping-Young-Lad.rar
2016-06-19 14:58 - 2016-06-19 15:06 - 136443403 _____ C:\Users\Obzen\Downloads\Insomnium---Shadows-Of-The-Dying-Sun-(2014).zip
2016-06-19 14:55 - 2016-06-19 15:02 - 124239092 _____ C:\Users\Obzen\Downloads\salvation-insomnium.zip
2016-06-19 14:54 - 2016-06-19 14:58 - 54261386 _____ C:\Users\Obzen\Downloads\insomnium.rar
2016-06-19 14:47 - 2016-06-19 14:54 - 114458770 _____ C:\Users\Obzen\Downloads\2012-Dethklok-Dethalbum-III.rar
2016-06-19 14:40 - 2016-06-19 14:47 - 119280441 _____ C:\Users\Obzen\Downloads\2009-Dethklok-Dethalbum-II.rar
2016-06-19 14:31 - 2016-06-19 14:40 - 150560811 _____ C:\Users\Obzen\Downloads\2007-Dethklok-The-Dethalbum-(Deluxe-Edition).rar
2016-06-19 14:28 - 2016-06-19 14:31 - 50738066 _____ C:\Users\Obzen\Downloads\kalmah-swampsong-pres-MultiLoad.cz.zip
2016-06-19 14:25 - 2016-06-19 14:27 - 45140424 _____ C:\Users\Obzen\Downloads\kalmah-the-black-waltz-pres-MultiLoad.cz.zip
2016-06-19 14:22 - 2016-06-19 15:07 - 738095701 _____ C:\Users\Obzen\Downloads\P.O.D.-(discography).zip
2016-06-19 14:22 - 2016-06-19 14:54 - 540525929 _____ C:\Users\Obzen\Downloads\STATIC-X_complet_discography.rar
2016-06-19 14:22 - 2016-06-19 14:24 - 39495423 _____ C:\Users\Obzen\Downloads\kalmah-they-will-return-pres-MultiLoad.cz.zip
2016-06-19 11:25 - 2016-06-19 13:40 - 1247848448 _____ C:\Users\Obzen\Downloads\Lhář-lhář--cz.avi
2016-06-19 10:11 - 2016-06-19 12:20 - 1142171076 _____ C:\Users\Obzen\Downloads\Ace-Ventura---Zvířecí-Detektiv-(2009)-CZ-dabing.avi
2016-06-19 10:11 - 2016-06-19 11:49 - 805410816 _____ C:\Users\Obzen\Downloads\Blbý-a-blbější-1-cz.avi
2016-06-18 11:46 - 2016-06-18 13:07 - 00000000 ____D C:\Users\Obzen\Downloads\Deadpool 2016 1080p BluRay x264 DTS-JYK
2016-06-18 11:28 - 2016-06-18 13:22 - 797136832 _____ C:\Users\Obzen\Downloads\Fakjů-pane-učiteli-1.avi
2016-06-18 11:03 - 2016-06-18 12:46 - 716122392 _____ C:\Users\Obzen\Downloads\Truman-Show-CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 19:20 - 2015-09-29 20:07 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 19:17 - 2015-02-15 22:14 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job
2016-07-11 18:37 - 2012-03-18 21:03 - 00669176 _____ C:\Windows\system32\perfh005.dat
2016-07-11 18:37 - 2012-03-18 21:03 - 00141334 _____ C:\Windows\system32\perfc005.dat
2016-07-11 18:37 - 2009-07-14 07:13 - 01585684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 18:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-11 18:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 23:17 - 2015-02-15 22:14 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job
2016-07-10 00:22 - 2015-09-08 21:50 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-09 05:54 - 2015-09-18 15:07 - 00120824 _____ C:\Users\Obzen\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-09 05:53 - 2009-07-14 06:45 - 02453320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-06 22:05 - 2014-12-24 02:46 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1419381976
2016-07-06 22:05 - 2014-12-24 02:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-03 19:49 - 2016-02-10 18:16 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Media Player Classic
2016-06-30 07:19 - 2014-12-18 22:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 14:28 - 2015-01-14 16:31 - 00000000 ____D C:\Users\Obzen\Desktop\Foto
2016-06-27 12:36 - 2015-09-03 20:48 - 00000000 ____D C:\AdwCleaner
2016-06-27 12:10 - 2014-12-30 11:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-27 11:57 - 2014-12-18 22:17 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\DAEMON Tools Lite
2016-06-27 11:24 - 2015-09-18 15:38 - 00016224 _____ C:\Users\Obzen\rgmnr
2016-06-24 14:33 - 2014-12-18 23:45 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Adobe
2016-06-18 12:59 - 2015-01-09 20:22 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\uTorrent
2016-06-17 21:40 - 2015-02-02 11:05 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Skype
2016-06-17 13:38 - 2015-09-18 14:34 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-06-17 06:20 - 2015-09-29 20:07 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 06:20 - 2015-09-08 21:50 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 06:20 - 2014-12-18 23:42 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 06:20 - 2014-12-18 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 23:23 - 2016-04-29 15:47 - 00000000 ____D C:\Users\Obzen\Desktop\Diplomová práce-diplomový seminář
2016-06-16 12:26 - 2015-04-02 21:10 - 00000000 _____ C:\Windows\XXLGSC

==================== Files in the root of some directories =======

2015-09-04 18:07 - 2016-04-09 18:02 - 0000024 _____ () C:\Users\Obzen\AppData\Roaming\appdataFr25.bin
2015-11-02 22:12 - 2015-11-02 22:12 - 0000741 _____ () C:\Users\Obzen\AppData\Local\recently-used.xbel
2015-09-18 14:33 - 2015-09-18 14:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-18 14:55 - 2015-09-18 14:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Obzen\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-03-18 19:35] - [2012-03-14 19:54] - 3107328 ____A (Microsoft Corporation) F494F46EBFB95FB041CB06B8549B4363

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-08 20:02

==================== End of FRST.txt ============================





Log z ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Obzen (2016-07-11 19:27:28)
Running from C:\Users\Obzen\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-18 13:06:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-794359640-1266989433-3461036011-500 - Administrator - Disabled)
Guest (S-1-5-21-794359640-1266989433-3461036011-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-794359640-1266989433-3461036011-1004 - Limited - Enabled)
Obzen (S-1-5-21-794359640-1266989433-3461036011-1000 - Administrator - Enabled) => C:\Users\Obzen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Czech (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Czech (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BSPlayer (HKLM-x32\...\BSPlayer1) (Version: - )
Bullzip PDF Printer 10.10.0.2307 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.10.0.2307 - Bullzip)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
Czech Soccer Manager (HKLM-x32\...\Czech Soccer Manager) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
Dropbox (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Flux) (Version: - )
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JustScrobble (HKLM-x32\...\JustScrobble) (Version: - blackcoder)
KillWinamp 1.61 (HKLM-x32\...\Kill Winamp_is1) (Version: - Johan Torp)
K-Lite Mega Codec Pack 5.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.4.4 - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (CSY) (HKLM\...\{C48AF3CF-C632-3C19-838E-7DAB7283D46A}) (Version: - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 cs)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Teruna (HKLM-x32\...\Teruna) (Version: 1.5b - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - http://www.usb-antivirus.com - http://www.sosvirus.net)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23181ACD-046A-4071-8FCB-0B38478F6AEB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5919203A-163D-4467-87D3-B1C016029D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5A843B73-F468-49A3-8C35-CDE2875C163A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {8328EE67-6E4F-43D3-819A-2FF25ABCA2ED} - System32\Tasks\{015D2B7D-50CE-4F64-9472-FB8118C2B847} => pcalua.exe -a "C:\ProgramData\NoMore Ads\NoMore Ads.exe" -c /progname=NoMore Ads /progver=3.4.2 /progpub=NoMore Ads /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {8D399CE3-0F88-4CEA-AA19-284FA5F13572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8ECCF2DA-F9FC-4CA7-A2D1-BE10462C35F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {D09DB6C6-A6C0-45D6-A8A9-36EE7896336B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {D652AD15-6E49-44A7-A9B4-CDD4B0ABE652} - System32\Tasks\Opera scheduled Autoupdate 1419381976 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
Task: {E25BC626-9283-4A86-BC5E-A3BC9B18104F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E60141B7-17D2-4E8C-AB84-6A5CEF36898E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {F309C8A2-3132-4ED1-8E9E-8FDCF4FD5EAB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2016-05-27 08:57 - 2016-05-27 08:57 - 01839104 _____ () C:\UsbFix\UsbFix.exe
2011-02-02 15:08 - 2011-02-02 15:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2014-12-18 22:21 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-07-11 18:44 - 2016-07-04 13:47 - 24204360 _____ () C:\Program Files\RogueKiller\RogueKiller64.exe
2014-12-30 11:18 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-30 11:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-30 11:18 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-30 11:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-12-18 22:33 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\AcroTray.cze

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-11 18:05 - 00001063 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 practivate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Obzen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pharrell Williams - Happy (Official Music Video).mp3.lnk => C:\Windows\pss\Pharrell Williams - Happy (Official Music Video).mp3.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Obzen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Greenshot => C:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: PowerDVD14Agent => "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5367DFE0-400C-4A90-8DF7-D811AB74B462}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{791A499A-5CD3-4792-8266-AF4AF02F27A5}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{504BBB86-DE25-44F3-AA97-9DB9EB4E79DE}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18374B7E-9178-4A66-AA77-18CC8C6C3E6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A1069224-5F78-4DF1-B7D3-88A5FB499EFD}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{36AB0854-DF38-44D2-BB87-28D36C6ED648}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{394D47BB-FD56-48A1-B910-9C184323C6AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CBCCB01C-0690-4BC1-B826-68450F339C74}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A779F27-75FC-4F09-806D-2D8DF5CCCF21}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2753BFF0-1F9D-4DCF-B194-04661096CBA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1FDDFCFC-9327-48AA-B402-D54C8E4CB275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{FC00F427-4494-4DBC-B30A-9C34D1A90811}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{39E21A3C-D1E2-44FC-8FDC-96865B1C0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{E73262F8-3329-4DB1-8948-388220CB2DED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{59828918-5398-43EE-8ACA-2F07B939FA6D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{7382E3A0-232D-49DC-AAAE-2F555EEC7198}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C43C97EA-39FF-49C7-A436-4B77A67C3F3B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

20-06-2016 15:51:39 Naplánovaný kontrolní bod
08-07-2016 20:09:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: A-DATA UFD
Description: USB Flash Drive
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: A-DATA
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: E:\
Description: UDisk
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: General
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2016 06:32:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:32:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:24:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:23:53 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:18:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:17:48 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 03:17:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 03:16:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 03:12:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 03:11:04 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.


System errors:
=============
Error: (07/11/2016 06:33:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%2 = Systém nemůže nalézt uvedený soubor.


Error: (07/11/2016 06:33:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (07/11/2016 06:33:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Skype Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/11/2016 06:33:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Scanner Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Autodesk Content Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/11/2016 06:33:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-07-11 19:27:15.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 19:27:15.078
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 19:27:15.015
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 19:27:14.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:32:53.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:24:40.720
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:18:47.304
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:14:34.324
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:14:34.285
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 18:12:20.820
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 29%
Total physical RAM: 8062.93 MB
Available physical RAM: 5656.38 MB
Total Virtual: 8061.13 MB
Available Virtual: 6359.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:648.28 GB) NTFS
Drive d: (A-DATA UFD) (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32
Drive e: () (Removable) (Total:7.6 GB) (Free:7.6 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Program nahlásil, že nic nenašel.

Log z programu:


# AdwCleaner v5.004 - Logfile created 03/09/2015 at 21:26:28
# Updated 26/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Obzen - OBZEN-PC
# Running from : C:\Users\Obzen\Downloads\adwcleaner_5.004.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Website and SEO Analysis
Folder Found : C:\Program Files (x86)\DeaalExpreess
Folder Found : C:\Program Files (x86)\DealEExpreesS
Folder Found : C:\Program Files (x86)\DeealExprress
Folder Found : C:\Program Files (x86)\DeoalExpressi
Folder Found : C:\Program Files (x86)\DoEalExpresss
Folder Found : C:\Program Files (x86)\FindBesttDeal
Folder Found : C:\Program Files (x86)\FinndBesutDeaL
Folder Found : C:\Program Files (x86)\MiinimumPriice
Folder Found : C:\Program Files (x86)\MinimumPruice
Folder Found : C:\Program Files (x86)\MInimuumPricue
Folder Found : C:\ProgramData\BlockIt Ad remover
Folder Found : C:\ProgramData\NoMore Ads
Folder Found : C:\ProgramData\13465882592318741229
Folder Found : C:\ProgramData\163e209a0000146e
Folder Found : C:\ProgramData\2059fd4000001407
Folder Found : C:\ProgramData\42fc5c8800002ddf
Folder Found : C:\ProgramData\4a3b352400003a83
Folder Found : C:\ProgramData\519130e00000426d
Folder Found : C:\ProgramData\5ff79e9800004e70
Folder Found : C:\ProgramData\6dbca6fa00007043
Folder Found : C:\ProgramData\716d7a5800007a31
Folder Found : C:\ProgramData\7346874c00004f93
Folder Found : C:\ProgramData\7ba01e1c00001d62
Folder Found : C:\ProgramData\bae06cdf56465aed
Folder Found : C:\ProgramData\bb22559c00002aa5
Folder Found : C:\ProgramData\c362f58400003d48
Folder Found : C:\ProgramData\c461fee2000004ef
Folder Found : C:\ProgramData\d071d7d000003a46
Folder Found : C:\ProgramData\ddf23f30000064f6
Folder Found : C:\ProgramData\e565798800002279
Folder Found : C:\ProgramData\{29c662c4-8a3e-5b02-29c6-662c48a38b12}
Folder Found : C:\ProgramData\{52a68010-62ac-149c-52a6-6801062a0041}
Folder Found : C:\Users\Obzen\AppData\Local\DriverToolkit
Folder Found : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cblcjlbncaihhifebompdkdibfpjnfeg
Folder Found : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoaddaobnieaecelinfdllcgdehimih

***** [ Files ] *****

File Found : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
File Found : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cblcjlbncaihhifebompdkdibfpjnfeg_0.localstorage

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\P0462C213_478C_4D67_B569_B99268E1B50D_.P0462C213_478C_4D67_B569_B99268E1B50D_
Key Found : HKLM\SOFTWARE\Classes\P0462C213_478C_4D67_B569_B99268E1B50D_.P0462C213_478C_4D67_B569_B99268E1B50D_.9
Key Found : HKLM\SOFTWARE\Classes\P1019BD1B_C68D_42D8_B3CC_2D8741F92732_.P1019BD1B_C68D_42D8_B3CC_2D8741F92732_
Key Found : HKLM\SOFTWARE\Classes\P1019BD1B_C68D_42D8_B3CC_2D8741F92732_.P1019BD1B_C68D_42D8_B3CC_2D8741F92732_.9
Key Found : HKLM\SOFTWARE\Classes\PA3616E6C_7639_4830_A97D_70EDCF846072_.PA3616E6C_7639_4830_A97D_70EDCF846072_
Key Found : HKLM\SOFTWARE\Classes\PA3616E6C_7639_4830_A97D_70EDCF846072_.PA3616E6C_7639_4830_A97D_70EDCF846072_.9
Key Found : HKLM\SOFTWARE\Classes\PCD4A89F6_C08C_44CD_982D_5A1035890EF6_.PCD4A89F6_C08C_44CD_982D_5A1035890EF6_
Key Found : HKLM\SOFTWARE\Classes\PCD4A89F6_C08C_44CD_982D_5A1035890EF6_.PCD4A89F6_C08C_44CD_982D_5A1035890EF6_.9
Key Found : HKLM\SOFTWARE\Classes\PCF1F28BC_DE26_4886_A4EF_96CC3893A024_.PCF1F28BC_DE26_4886_A4EF_96CC3893A024_
Key Found : HKLM\SOFTWARE\Classes\PCF1F28BC_DE26_4886_A4EF_96CC3893A024_.PCF1F28BC_DE26_4886_A4EF_96CC3893A024_.9
Key Found : HKLM\SOFTWARE\Classes\PD18040C7_B8FF_4AD9_B475_1A20E1B1C37B_.PD18040C7_B8FF_4AD9_B475_1A20E1B1C37B_
Key Found : HKLM\SOFTWARE\Classes\PD18040C7_B8FF_4AD9_B475_1A20E1B1C37B_.PD18040C7_B8FF_4AD9_B475_1A20E1B1C37B_.9
Key Found : HKLM\SOFTWARE\Classes\PE827C19C_1179_4EEC_862B_8670A345FE8E_.PE827C19C_1179_4EEC_862B_8670A345FE8E_
Key Found : HKLM\SOFTWARE\Classes\PE827C19C_1179_4EEC_862B_8670A345FE8E_.PE827C19C_1179_4EEC_862B_8670A345FE8E_.9
Key Found : HKLM\SOFTWARE\ff39c4cf-f2e0-0425-ad9e-7d105c0a1004
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0462C213-478C-4D67-B569-B99268E1B50D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1019BD1B-C68D-42D8-B3CC-2D8741F92732}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3616E6C-7639-4830-A97D-70EDCF846072}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD4A89F6-C08C-44CD-982D-5A1035890EF6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CF1F28BC-DE26-4886-A4EF-96CC3893A024}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D18040C7-B8FF-4AD9-B475-1A20E1B1C37B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E827C19C-1179-4EEC-862B-8670A345FE8E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{40951615-F2E2-4855-9BB0-68F80D247514}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5518881B-BB38-46C7-A27C-024DA02AD167}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5D6736D5-0D77-46CE-9906-C4B2C679BF88}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{89310413-97E0-4F09-AA75-390A7F4D4918}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{94BBC0BB-9577-4D4E-A79D-D3F33AFF0DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{94D4476C-892A-4FF2-AE91-1A5FB2D2F126}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0462C213-478C-4D67-B569-B99268E1B50D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF1F28BC-DE26-4886-A4EF-96CC3893A024}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0462C213-478C-4D67-B569-B99268E1B50D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CF1F28BC-DE26-4886-A4EF-96CC3893A024}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0462C213-478C-4D67-B569-B99268E1B50D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1019BD1B-C68D-42D8-B3CC-2D8741F92732}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3616E6C-7639-4830-A97D-70EDCF846072}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD4A89F6-C08C-44CD-982D-5A1035890EF6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CF1F28BC-DE26-4886-A4EF-96CC3893A024}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D18040C7-B8FF-4AD9-B475-1A20E1B1C37B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E827C19C-1179-4EEC-862B-8670A345FE8E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{0462C213-478C-4D67-B569-B99268E1B50D}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{1019BD1B-C68D-42D8-B3CC-2D8741F92732}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A3616E6C-7639-4830-A97D-70EDCF846072}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{CD4A89F6-C08C-44CD-982D-5A1035890EF6}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{CF1F28BC-DE26-4886-A4EF-96CC3893A024}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{D18040C7-B8FF-4AD9-B475-1A20E1B1C37B}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{E827C19C-1179-4EEC-862B-8670A345FE8E}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0462C213-478C-4D67-B569-B99268E1B50D}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{1019BD1B-C68D-42D8-B3CC-2D8741F92732}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A3616E6C-7639-4830-A97D-70EDCF846072}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD4A89F6-C08C-44CD-982D-5A1035890EF6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CF1F28BC-DE26-4886-A4EF-96CC3893A024}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{D18040C7-B8FF-4AD9-B475-1A20E1B1C37B}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E827C19C-1179-4EEC-862B-8670A345FE8E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\DriverToolkit
Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\DriverToolkit
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Data Found : HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.gboxapp.com/
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

***** [ Web browsers ] *****

[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.defaulturl", "hxxp://websearch.thesearchpage.info/?pid=3500&r=2015/02/02&hid=1865468522282638853&lg=EN&cc=CZ&unqvl=74&l=1&q=");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.order.1", "WebSearch");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.order.1,S", "WebSearch");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine", "WebSearch");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.3k6cYYC0YHIACTUI.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.4dGO0odd7lPCPxBX.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.6X1IqNcJkzjJ991l.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"livewebcams.xyz\",\"secure.dditserv[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.9eVoP0FILsUdYYX0.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.9hyIyneGwLZJdbBa.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.BE6TvyrJYajZKnGo.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.HT4euegc2dZR97mo.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.NUfsDGTxxyXKhmsG.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1||url.indexOf(\"acebook\")>-1[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.XRPASukfoXlAQeIM.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1||url.indexOf(\"acebook\")>-1[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.brandthunder.websearchplus", false);
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.mdTpeWp75E7WDx9d.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.oXa9D6XyVv62Kbmv.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"acebook\",\"safecart.com\",\"c[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.rDr7hNjKjRYm9DIt.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.sxEcUyhD1OOmmxRO.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1||url.indexOf(\"acebook\")>-1[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.vsfDQh7s8NRfolWW.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"backin.net\",\"trianglecash.com\",\[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.w5liyCdYhvdYqEhC.scode", "(function(){try{if(window.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("extensions.y6fYFw4qvwHGxzEU.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjY7qjn7pdkGrTs5rTgHpdY8rE\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]
[C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\wnh6c2gr.default\prefs.js] [Preference] Found : user_pref("keyword.URL", "hxxp://websearch.thesearchpage.info/?pid=3500&r=2015/02/02&hid=1865468522282638853&lg=EN&cc=CZ&unqvl=74&l=1&q=");
[C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : cblcjlbncaihhifebompdkdibfpjnfeg
[C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : deoaddaobnieaecelinfdllcgdehimih
[C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://search.gboxapp.com/

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [17777 bytes] ##########
# AdwCleaner v5.201 - Log vytvořen 11/07/2016 v 20:30:42
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-10.3 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Obzen - OBZEN-PC
# Spuštěno z : C:\Users\Obzen\Downloads\adwcleaner_5.201.exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [20321 bytů] - [19/10/2015 16:02:59]
C:\AdwCleaner\AdwCleaner[C2].txt - [1882 bytů] - [20/10/2015 19:17:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [19834 bytů] - [03/09/2015 20:48:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [18808 bytů] - [03/09/2015 21:26:28]
C:\AdwCleaner\AdwCleaner[S3].txt - [17358 bytů] - [19/10/2015 15:47:37]
C:\AdwCleaner\AdwCleaner[S4].txt - [1202 bytů] - [19/10/2015 19:32:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [1758 bytů] - [20/10/2015 19:16:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [19102 bytů] ##########

ADW nemazal, neklikl jste na cleaning. Zkuste ještě jednou.

Tak tedy ještě jednou:

# AdwCleaner v5.014 - Logfile created 20/10/2015 at 19:17:30
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Obzen - OBZEN-PC
# Running from : C:\Users\Obzen\Downloads\adwcleaner_5.014.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\FreeFixer
[-] Folder Deleted : C:\Users\Obzen\AppData\Local\FreeFixer
[-] Folder Deleted : C:\Users\Obzen\AppData\Roaming\FreeFixer
[-] Folder Deleted : C:\Users\Obzen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer

***** [ Files ] *****

[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1803 bytes] ##########
# AdwCleaner v5.201 - Log vytvořen 11/07/2016 v 21:25:19
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-10.3 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Obzen - OBZEN-PC
# Spuštěno z : C:\Users\Obzen\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [20321 bytů] - [19/10/2015 16:02:59]
C:\AdwCleaner\AdwCleaner[C2].txt - [2740 bytů] - [20/10/2015 19:17:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [19834 bytů] - [03/09/2015 20:48:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [19182 bytů] - [03/09/2015 21:26:28]
C:\AdwCleaner\AdwCleaner[S3].txt - [17358 bytů] - [19/10/2015 15:47:37]
C:\AdwCleaner\AdwCleaner[S4].txt - [1202 bytů] - [19/10/2015 19:32:46]
C:\AdwCleaner\AdwCleaner[S5].txt - [1758 bytů] - [20/10/2015 19:16:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3181 bytů] ##########

Dejte nový log FRST.

Přikládám nový log z FRST + log ADDITION

Log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Obzen (administrator) on OBZEN-PC (11-07-2016 21:57:56)
Running from C:\Users\Obzen\Downloads
Loaded Profiles: Obzen (Available Profiles: Obzen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2016-03-21] ()
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{54E2AA7E-B702-4BCE-ADC1-E33B1351D719}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={ ... R}&ar=home
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.sk
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF ProfilePath: C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.449 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/O1DPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: eyeguard - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\jid1-4kGswXOBHEsvhQ@jetpack.xpi [2016-05-04]
FF Extension: Adblock Plus - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-04-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-20] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-09-18] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-11] ()
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 20:25 - 2016-07-11 20:26 - 03712064 _____ C:\Users\Obzen\Downloads\adwcleaner_5.201.exe
2016-07-11 19:27 - 2016-07-11 21:57 - 00020635 _____ C:\Users\Obzen\Downloads\FRST.txt
2016-07-11 19:27 - 2016-07-11 19:28 - 00038183 _____ C:\Users\Obzen\Downloads\Addition.txt
2016-07-11 19:26 - 2016-07-11 21:57 - 00000000 ____D C:\FRST
2016-07-11 19:26 - 2016-07-11 19:26 - 02390528 _____ (Farbar) C:\Users\Obzen\Downloads\FRST64.exe
2016-07-11 18:46 - 2016-07-11 18:46 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-11 18:44 - 2016-07-11 18:45 - 00001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-07-11 18:43 - 2016-07-11 18:44 - 29003664 _____ (Adlice Software ) C:\Users\Obzen\Downloads\RogueKiller.exe
2016-07-11 18:35 - 2016-07-11 18:35 - 00008525 _____ C:\Users\Obzen\Desktop\UsbFix_Report.txt
2016-07-11 18:24 - 2016-07-11 18:24 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-11 18:12 - 2016-07-11 18:16 - 00000000 ____D C:\HiJackthis
2016-07-11 18:08 - 2016-07-11 18:22 - 00000000 ____D C:\Users\Obzen\Downloads\backups
2016-07-11 15:10 - 2016-07-11 15:11 - 00073768 _____ C:\Windows\ntbtlog.txt
2016-07-10 22:35 - 2016-07-10 22:38 - 11085492 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(23).avi.4624137152083426479.part
2016-07-10 22:19 - 2016-07-10 22:38 - 302122560 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(22).avi.4026865988881520559.part
2016-07-10 19:48 - 2016-07-10 22:38 - 758770828 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(21).avi.7421730725524875093.part
2016-07-10 19:43 - 2016-07-10 22:35 - 838760806 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(20).avi
2016-07-10 19:26 - 2016-07-10 22:18 - 838313032 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(19).avi
2016-07-10 18:59 - 2016-07-10 19:47 - 840950480 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(18).avi
2016-07-10 18:54 - 2016-07-10 19:42 - 834092658 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(17).avi
2016-07-10 18:27 - 2016-07-10 19:25 - 840181930 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(16).avi
2016-07-10 17:52 - 2016-07-10 18:59 - 839513350 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(15).avi
2016-07-10 17:48 - 2016-07-10 18:53 - 838551286 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(14).avi
2016-07-10 17:28 - 2016-07-10 18:23 - 807308838 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(13).avi
2016-07-10 16:56 - 2016-07-10 17:52 - 830052722 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(10).avi
2016-07-10 16:51 - 2016-07-10 17:48 - 836801412 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(12).avi
2016-07-10 16:35 - 2016-07-10 17:27 - 845933060 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(11).avi
2016-07-10 15:55 - 2016-07-10 16:51 - 830066422 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(9).avi
2016-07-10 15:49 - 2016-07-10 16:55 - 1010645124 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_08_Poušť---Válka-v-Severní-Africe.AVI
2016-07-10 15:38 - 2016-07-10 16:35 - 842634348 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(7).avi
2016-07-10 15:01 - 2016-07-10 15:49 - 781089238 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_06_Banzai---Japonsko.AVI
2016-07-10 15:00 - 2016-07-10 15:55 - 780667106 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_05_Barbarosa.AVI
2016-07-10 14:51 - 2016-07-10 15:38 - 688662424 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_04_Osamělá-Británie.AVI
2016-07-10 14:05 - 2016-07-10 15:01 - 838894870 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(3).avi
2016-07-10 14:05 - 2016-07-10 15:00 - 832630308 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(1).avi
2016-07-10 14:05 - 2016-07-10 14:51 - 736551464 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_02_Vzdálená-válka.AVI
2016-07-09 07:42 - 2016-07-09 07:42 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Obzen\Downloads\UsbFix_2016_8.248.exe
2016-07-09 07:42 - 2016-07-09 07:42 - 00001448 _____ C:\Users\Obzen\Desktop\UsbFix.lnk
2016-07-09 07:42 - 2016-07-09 07:42 - 00000000 ____D C:\UsbFix
2016-07-08 19:01 - 2016-07-08 19:01 - 00000000 ____D C:\Users\Obzen\Desktop\Ailerons
2016-07-04 15:27 - 2016-07-04 15:27 - 00287248 _____ C:\Users\Obzen\Documents\Základní_info_2016.pdf
2016-07-04 15:02 - 2016-07-04 15:02 - 00000000 ___SD C:\Users\Obzen\Documents\Zdroje dat
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-8
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-10
2016-07-03 17:07 - 2016-07-03 17:53 - 141997323 _____ C:\Users\Obzen\Downloads\GUEST ART.rar
2016-06-28 14:22 - 2016-06-28 22:34 - 1478343311 _____ C:\Users\Obzen\Downloads\Windows-10-ISO-CZ-x64.rar.part
2016-06-27 16:01 - 2016-06-30 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-27 12:17 - 2016-06-27 12:17 - 03703360 _____ C:\Users\Obzen\Downloads\AdwCleaner_5.200.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 09395584 _____ ( ) C:\Users\Obzen\Downloads\adwcleaner_5.016.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-06-27 11:38 - 2016-06-27 11:48 - 00000000 ____D C:\Users\Obzen\AppData\Local\FreeFixer
2016-06-27 11:38 - 2016-06-27 11:38 - 02552029 _____ C:\Users\Obzen\Downloads\freefixer_portable.zip
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\Downloads\freefixer_portable
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\FreeFixer
2016-06-19 15:02 - 2016-06-19 15:24 - 373750155 _____ C:\Users\Obzen\Downloads\Strapping-Young-Lad.rar
2016-06-19 14:58 - 2016-06-19 15:06 - 136443403 _____ C:\Users\Obzen\Downloads\Insomnium---Shadows-Of-The-Dying-Sun-(2014).zip
2016-06-19 14:55 - 2016-06-19 15:02 - 124239092 _____ C:\Users\Obzen\Downloads\salvation-insomnium.zip
2016-06-19 14:54 - 2016-06-19 14:58 - 54261386 _____ C:\Users\Obzen\Downloads\insomnium.rar
2016-06-19 14:47 - 2016-06-19 14:54 - 114458770 _____ C:\Users\Obzen\Downloads\2012-Dethklok-Dethalbum-III.rar
2016-06-19 14:40 - 2016-06-19 14:47 - 119280441 _____ C:\Users\Obzen\Downloads\2009-Dethklok-Dethalbum-II.rar
2016-06-19 14:31 - 2016-06-19 14:40 - 150560811 _____ C:\Users\Obzen\Downloads\2007-Dethklok-The-Dethalbum-(Deluxe-Edition).rar
2016-06-19 14:28 - 2016-06-19 14:31 - 50738066 _____ C:\Users\Obzen\Downloads\kalmah-swampsong-pres-MultiLoad.cz.zip
2016-06-19 14:25 - 2016-06-19 14:27 - 45140424 _____ C:\Users\Obzen\Downloads\kalmah-the-black-waltz-pres-MultiLoad.cz.zip
2016-06-19 14:22 - 2016-06-19 15:07 - 738095701 _____ C:\Users\Obzen\Downloads\P.O.D.-(discography).zip
2016-06-19 14:22 - 2016-06-19 14:54 - 540525929 _____ C:\Users\Obzen\Downloads\STATIC-X_complet_discography.rar
2016-06-19 14:22 - 2016-06-19 14:24 - 39495423 _____ C:\Users\Obzen\Downloads\kalmah-they-will-return-pres-MultiLoad.cz.zip
2016-06-19 11:25 - 2016-06-19 13:40 - 1247848448 _____ C:\Users\Obzen\Downloads\Lhář-lhář--cz.avi
2016-06-19 10:11 - 2016-06-19 12:20 - 1142171076 _____ C:\Users\Obzen\Downloads\Ace-Ventura---Zvířecí-Detektiv-(2009)-CZ-dabing.avi
2016-06-19 10:11 - 2016-06-19 11:49 - 805410816 _____ C:\Users\Obzen\Downloads\Blbý-a-blbější-1-cz.avi
2016-06-18 11:46 - 2016-06-18 13:07 - 00000000 ____D C:\Users\Obzen\Downloads\Deadpool 2016 1080p BluRay x264 DTS-JYK
2016-06-18 11:28 - 2016-06-18 13:22 - 797136832 _____ C:\Users\Obzen\Downloads\Fakjů-pane-učiteli-1.avi
2016-06-18 11:03 - 2016-06-18 12:46 - 716122392 _____ C:\Users\Obzen\Downloads\Truman-Show-CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 21:31 - 2012-03-18 21:03 - 00669176 _____ C:\Windows\system32\perfh005.dat
2016-07-11 21:31 - 2012-03-18 21:03 - 00141334 _____ C:\Windows\system32\perfc005.dat
2016-07-11 21:31 - 2009-07-14 07:13 - 01585684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-11 21:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-11 21:20 - 2015-09-29 20:07 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 21:17 - 2015-02-15 22:14 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job
2016-07-10 23:17 - 2015-02-15 22:14 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job
2016-07-10 00:22 - 2015-09-08 21:50 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-09 05:54 - 2015-09-18 15:07 - 00120824 _____ C:\Users\Obzen\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-09 05:53 - 2009-07-14 06:45 - 02453320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-06 22:05 - 2014-12-24 02:46 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1419381976
2016-07-06 22:05 - 2014-12-24 02:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-03 19:49 - 2016-02-10 18:16 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Media Player Classic
2016-06-30 07:19 - 2014-12-18 22:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 14:28 - 2015-01-14 16:31 - 00000000 ____D C:\Users\Obzen\Desktop\Foto
2016-06-27 12:36 - 2015-09-03 20:48 - 00000000 ____D C:\AdwCleaner
2016-06-27 12:10 - 2014-12-30 11:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-27 11:57 - 2014-12-18 22:17 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\DAEMON Tools Lite
2016-06-27 11:24 - 2015-09-18 15:38 - 00016224 _____ C:\Users\Obzen\rgmnr
2016-06-24 14:33 - 2014-12-18 23:45 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Adobe
2016-06-18 12:59 - 2015-01-09 20:22 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\uTorrent
2016-06-17 21:40 - 2015-02-02 11:05 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Skype
2016-06-17 13:38 - 2015-09-18 14:34 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-06-17 06:20 - 2015-09-29 20:07 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 06:20 - 2015-09-08 21:50 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 06:20 - 2014-12-18 23:42 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 06:20 - 2014-12-18 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 23:23 - 2016-04-29 15:47 - 00000000 ____D C:\Users\Obzen\Desktop\Diplomová práce-diplomový seminář
2016-06-16 12:26 - 2015-04-02 21:10 - 00000000 _____ C:\Windows\XXLGSC

==================== Files in the root of some directories =======

2015-09-04 18:07 - 2016-04-09 18:02 - 0000024 _____ () C:\Users\Obzen\AppData\Roaming\appdataFr25.bin
2015-11-02 22:12 - 2015-11-02 22:12 - 0000741 _____ () C:\Users\Obzen\AppData\Local\recently-used.xbel
2015-09-18 14:33 - 2015-09-18 14:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-18 14:55 - 2015-09-18 14:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Obzen\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Obzen\AppData\Local\Temp\libeay32.dll
C:\Users\Obzen\AppData\Local\Temp\msvcr120.dll
C:\Users\Obzen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-03-18 19:35] - [2012-03-14 19:54] - 3107328 ____A (Microsoft Corporation) F494F46EBFB95FB041CB06B8549B4363

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-08 20:02

==================== End of FRST.txt ============================




Log ADDITION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Obzen (2016-07-11 21:58:10)
Running from C:\Users\Obzen\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-18 13:06:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-794359640-1266989433-3461036011-500 - Administrator - Disabled)
Guest (S-1-5-21-794359640-1266989433-3461036011-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-794359640-1266989433-3461036011-1004 - Limited - Enabled)
Obzen (S-1-5-21-794359640-1266989433-3461036011-1000 - Administrator - Enabled) => C:\Users\Obzen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Czech (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Czech (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BSPlayer (HKLM-x32\...\BSPlayer1) (Version: - )
Bullzip PDF Printer 10.10.0.2307 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.10.0.2307 - Bullzip)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
Czech Soccer Manager (HKLM-x32\...\Czech Soccer Manager) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
Dropbox (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Flux) (Version: - )
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JustScrobble (HKLM-x32\...\JustScrobble) (Version: - blackcoder)
KillWinamp 1.61 (HKLM-x32\...\Kill Winamp_is1) (Version: - Johan Torp)
K-Lite Mega Codec Pack 5.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.4.4 - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (CSY) (HKLM\...\{C48AF3CF-C632-3C19-838E-7DAB7283D46A}) (Version: - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 cs)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Teruna (HKLM-x32\...\Teruna) (Version: 1.5b - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23181ACD-046A-4071-8FCB-0B38478F6AEB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5919203A-163D-4467-87D3-B1C016029D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5A843B73-F468-49A3-8C35-CDE2875C163A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {8328EE67-6E4F-43D3-819A-2FF25ABCA2ED} - System32\Tasks\{015D2B7D-50CE-4F64-9472-FB8118C2B847} => pcalua.exe -a "C:\ProgramData\NoMore Ads\NoMore Ads.exe" -c /progname=NoMore Ads /progver=3.4.2 /progpub=NoMore Ads /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {8D399CE3-0F88-4CEA-AA19-284FA5F13572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8ECCF2DA-F9FC-4CA7-A2D1-BE10462C35F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {D09DB6C6-A6C0-45D6-A8A9-36EE7896336B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {D652AD15-6E49-44A7-A9B4-CDD4B0ABE652} - System32\Tasks\Opera scheduled Autoupdate 1419381976 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
Task: {E25BC626-9283-4A86-BC5E-A3BC9B18104F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E60141B7-17D2-4E8C-AB84-6A5CEF36898E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {F309C8A2-3132-4ED1-8E9E-8FDCF4FD5EAB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2011-02-02 15:08 - 2011-02-02 15:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-12-30 11:18 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-30 11:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-30 11:18 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 16:17 - 2014-03-17 08:38 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-12-25 16:17 - 2013-12-10 09:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-12-25 16:17 - 2013-12-10 09:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2016-01-29 17:50 - 2009-11-09 20:00 - 03564544 _____ () C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax
2015-12-25 16:17 - 2014-03-17 05:12 - 00184584 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\AudioFilter\CLVistaAudioMixer.dll
2015-12-25 16:17 - 2013-12-10 09:39 - 00041984 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_sqlite3.pyd
2015-12-25 16:17 - 2013-12-10 09:39 - 00337920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\sqlite3.dll
2015-12-25 16:17 - 2013-12-10 09:39 - 00877056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_bsddb.pyd
2014-12-18 22:33 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-11 18:05 - 00001063 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 practivate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Obzen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pharrell Williams - Happy (Official Music Video).mp3.lnk => C:\Windows\pss\Pharrell Williams - Happy (Official Music Video).mp3.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Obzen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Greenshot => C:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: PowerDVD14Agent => "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5367DFE0-400C-4A90-8DF7-D811AB74B462}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{791A499A-5CD3-4792-8266-AF4AF02F27A5}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{504BBB86-DE25-44F3-AA97-9DB9EB4E79DE}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18374B7E-9178-4A66-AA77-18CC8C6C3E6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A1069224-5F78-4DF1-B7D3-88A5FB499EFD}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{36AB0854-DF38-44D2-BB87-28D36C6ED648}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{394D47BB-FD56-48A1-B910-9C184323C6AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CBCCB01C-0690-4BC1-B826-68450F339C74}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A779F27-75FC-4F09-806D-2D8DF5CCCF21}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2753BFF0-1F9D-4DCF-B194-04661096CBA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1FDDFCFC-9327-48AA-B402-D54C8E4CB275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{FC00F427-4494-4DBC-B30A-9C34D1A90811}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{39E21A3C-D1E2-44FC-8FDC-96865B1C0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{E73262F8-3329-4DB1-8948-388220CB2DED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{59828918-5398-43EE-8ACA-2F07B939FA6D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{7382E3A0-232D-49DC-AAAE-2F555EEC7198}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C43C97EA-39FF-49C7-A436-4B77A67C3F3B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

20-06-2016 15:51:39 Naplánovaný kontrolní bod
08-07-2016 20:09:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2016 09:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 09:26:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:32:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:32:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:24:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:23:53 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:18:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:17:48 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 03:17:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 03:16:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.


System errors:
=============
Error: (07/11/2016 09:27:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%2 = Systém nemůže nalézt uvedený soubor.


Error: (07/11/2016 09:27:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Security Center Service neuspěla při spuštění v důsledku následující chyby:
%%577 = V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.


Error: (07/11/2016 09:26:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (07/11/2016 09:26:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).

Error: (07/11/2016 09:25:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (07/11/2016 09:25:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (30000 ms).

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-07-11 21:57:58.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.787
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.558
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.515
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:27:14.865
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 19:27:15.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 20%
Total physical RAM: 8062.93 MB
Available physical RAM: 6438.13 MB
Total Virtual: 8061.13 MB
Available Virtual: 6093.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:648.28 GB) NTFS
Drive d: (A-DATA UFD) (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32
Drive e: () (Removable) (Total:7.6 GB) (Free:7.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 706B363B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

========================================================
Disk: 2 (Size: 7.6 GB) (Disk ID: 011CD972)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0B)

==================== End of Addition.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2016-03-21] ()
HKLM-x32\...\Run: [] => [X]
C:\Windows\AutoKMS.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Obzen\AppData\Local\Temp
End

Uložte do C:\Users\Obzen\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Opět obsahuje FRST Log a ADDITION Log

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Obzen (administrator) on OBZEN-PC (11-07-2016 22:25:41)
Running from C:\Users\Obzen\Downloads
Loaded Profiles: Obzen (Available Profiles: Obzen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\Common\CLMPSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD14\Common\clmediaparsersb.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2016-03-21] ()
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{54E2AA7E-B702-4BCE-ADC1-E33B1351D719}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={ ... R}&ar=home
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.sk
HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF ProfilePath: C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.449 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @talk.google.com/O1DPlugin -> C:\Users\Obzen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-794359640-1266989433-3461036011-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Obzen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-28]
FF Extension: eyeguard - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\jid1-4kGswXOBHEsvhQ@jetpack.xpi [2016-05-04]
FF Extension: Adblock Plus - C:\Users\Obzen\AppData\Roaming\Mozilla\Firefox\Profiles\0c749foq.default-1445361903113\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-04-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-18] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Obzen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-18]
CHR HKU\S-1-5-21-794359640-1266989433-3461036011-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-20] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-09-18] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-02] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-04-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-11] ()
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-03-17] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 22:25 - 2016-07-11 22:25 - 00001138 _____ C:\Users\Obzen\Downloads\fixlist.txt
2016-07-11 20:25 - 2016-07-11 20:26 - 03712064 _____ C:\Users\Obzen\Downloads\adwcleaner_5.201.exe
2016-07-11 19:27 - 2016-07-11 22:25 - 00020981 _____ C:\Users\Obzen\Downloads\FRST.txt
2016-07-11 19:27 - 2016-07-11 21:58 - 00039224 _____ C:\Users\Obzen\Downloads\Addition.txt
2016-07-11 19:26 - 2016-07-11 22:25 - 00000000 ____D C:\FRST
2016-07-11 19:26 - 2016-07-11 19:26 - 02390528 _____ (Farbar) C:\Users\Obzen\Downloads\FRST64.exe
2016-07-11 18:46 - 2016-07-11 18:46 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-11 18:44 - 2016-07-11 18:45 - 00001011 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-07-11 18:44 - 2016-07-11 18:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-07-11 18:43 - 2016-07-11 18:44 - 29003664 _____ (Adlice Software ) C:\Users\Obzen\Downloads\RogueKiller.exe
2016-07-11 18:35 - 2016-07-11 18:35 - 00008525 _____ C:\Users\Obzen\Desktop\UsbFix_Report.txt
2016-07-11 18:24 - 2016-07-11 18:24 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-11 18:12 - 2016-07-11 18:16 - 00000000 ____D C:\HiJackthis
2016-07-11 18:08 - 2016-07-11 18:22 - 00000000 ____D C:\Users\Obzen\Downloads\backups
2016-07-11 15:10 - 2016-07-11 15:11 - 00073768 _____ C:\Windows\ntbtlog.txt
2016-07-10 22:35 - 2016-07-10 22:38 - 11085492 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(23).avi.4624137152083426479.part
2016-07-10 22:19 - 2016-07-10 22:38 - 302122560 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(22).avi.4026865988881520559.part
2016-07-10 19:48 - 2016-07-10 22:38 - 758770828 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(21).avi.7421730725524875093.part
2016-07-10 19:43 - 2016-07-10 22:35 - 838760806 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(20).avi
2016-07-10 19:26 - 2016-07-10 22:18 - 838313032 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(19).avi
2016-07-10 18:59 - 2016-07-10 19:47 - 840950480 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(18).avi
2016-07-10 18:54 - 2016-07-10 19:42 - 834092658 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(17).avi
2016-07-10 18:27 - 2016-07-10 19:25 - 840181930 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(16).avi
2016-07-10 17:52 - 2016-07-10 18:59 - 839513350 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(15).avi
2016-07-10 17:48 - 2016-07-10 18:53 - 838551286 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(14).avi
2016-07-10 17:28 - 2016-07-10 18:23 - 807308838 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(13).avi
2016-07-10 16:56 - 2016-07-10 17:52 - 830052722 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(10).avi
2016-07-10 16:51 - 2016-07-10 17:48 - 836801412 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(12).avi
2016-07-10 16:35 - 2016-07-10 17:27 - 845933060 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(11).avi
2016-07-10 15:55 - 2016-07-10 16:51 - 830066422 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(9).avi
2016-07-10 15:49 - 2016-07-10 16:55 - 1010645124 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_08_Poušť---Válka-v-Severní-Africe.AVI
2016-07-10 15:38 - 2016-07-10 16:35 - 842634348 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(7).avi
2016-07-10 15:01 - 2016-07-10 15:49 - 781089238 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_06_Banzai---Japonsko.AVI
2016-07-10 15:00 - 2016-07-10 15:55 - 780667106 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_05_Barbarosa.AVI
2016-07-10 14:51 - 2016-07-10 15:38 - 688662424 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_04_Osamělá-Británie.AVI
2016-07-10 14:05 - 2016-07-10 15:01 - 838894870 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(3).avi
2016-07-10 14:05 - 2016-07-10 15:00 - 832630308 _____ C:\Users\Obzen\Downloads\Svět-ve-válce-(1).avi
2016-07-10 14:05 - 2016-07-10 14:51 - 736551464 _____ C:\Users\Obzen\Downloads\Svět-ve-válce_02_Vzdálená-válka.AVI
2016-07-09 07:42 - 2016-07-09 07:42 - 03124524 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Obzen\Downloads\UsbFix_2016_8.248.exe
2016-07-09 07:42 - 2016-07-09 07:42 - 00001448 _____ C:\Users\Obzen\Desktop\UsbFix.lnk
2016-07-09 07:42 - 2016-07-09 07:42 - 00000000 ____D C:\UsbFix
2016-07-08 19:01 - 2016-07-08 19:01 - 00000000 ____D C:\Users\Obzen\Desktop\Ailerons
2016-07-04 15:27 - 2016-07-04 15:27 - 00287248 _____ C:\Users\Obzen\Documents\Základní_info_2016.pdf
2016-07-04 15:02 - 2016-07-04 15:02 - 00000000 ___SD C:\Users\Obzen\Documents\Zdroje dat
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-8
2016-07-03 23:46 - 2016-07-03 23:46 - 00000000 ____D C:\Users\Obzen\Downloads\32-10
2016-07-03 17:07 - 2016-07-03 17:53 - 141997323 _____ C:\Users\Obzen\Downloads\GUEST ART.rar
2016-06-28 14:22 - 2016-06-28 22:34 - 1478343311 _____ C:\Users\Obzen\Downloads\Windows-10-ISO-CZ-x64.rar.part
2016-06-27 16:01 - 2016-06-30 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-27 12:17 - 2016-06-27 12:17 - 03703360 _____ C:\Users\Obzen\Downloads\AdwCleaner_5.200.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 09395584 _____ ( ) C:\Users\Obzen\Downloads\adwcleaner_5.016.exe
2016-06-27 12:16 - 2016-06-27 12:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-06-27 11:38 - 2016-06-27 11:48 - 00000000 ____D C:\Users\Obzen\AppData\Local\FreeFixer
2016-06-27 11:38 - 2016-06-27 11:38 - 02552029 _____ C:\Users\Obzen\Downloads\freefixer_portable.zip
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\Downloads\freefixer_portable
2016-06-27 11:38 - 2016-06-27 11:38 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\FreeFixer
2016-06-19 15:02 - 2016-06-19 15:24 - 373750155 _____ C:\Users\Obzen\Downloads\Strapping-Young-Lad.rar
2016-06-19 14:58 - 2016-06-19 15:06 - 136443403 _____ C:\Users\Obzen\Downloads\Insomnium---Shadows-Of-The-Dying-Sun-(2014).zip
2016-06-19 14:55 - 2016-06-19 15:02 - 124239092 _____ C:\Users\Obzen\Downloads\salvation-insomnium.zip
2016-06-19 14:54 - 2016-06-19 14:58 - 54261386 _____ C:\Users\Obzen\Downloads\insomnium.rar
2016-06-19 14:47 - 2016-06-19 14:54 - 114458770 _____ C:\Users\Obzen\Downloads\2012-Dethklok-Dethalbum-III.rar
2016-06-19 14:40 - 2016-06-19 14:47 - 119280441 _____ C:\Users\Obzen\Downloads\2009-Dethklok-Dethalbum-II.rar
2016-06-19 14:31 - 2016-06-19 14:40 - 150560811 _____ C:\Users\Obzen\Downloads\2007-Dethklok-The-Dethalbum-(Deluxe-Edition).rar
2016-06-19 14:28 - 2016-06-19 14:31 - 50738066 _____ C:\Users\Obzen\Downloads\kalmah-swampsong-pres-MultiLoad.cz.zip
2016-06-19 14:25 - 2016-06-19 14:27 - 45140424 _____ C:\Users\Obzen\Downloads\kalmah-the-black-waltz-pres-MultiLoad.cz.zip
2016-06-19 14:22 - 2016-06-19 15:07 - 738095701 _____ C:\Users\Obzen\Downloads\P.O.D.-(discography).zip
2016-06-19 14:22 - 2016-06-19 14:54 - 540525929 _____ C:\Users\Obzen\Downloads\STATIC-X_complet_discography.rar
2016-06-19 14:22 - 2016-06-19 14:24 - 39495423 _____ C:\Users\Obzen\Downloads\kalmah-they-will-return-pres-MultiLoad.cz.zip
2016-06-19 11:25 - 2016-06-19 13:40 - 1247848448 _____ C:\Users\Obzen\Downloads\Lhář-lhář--cz.avi
2016-06-19 10:11 - 2016-06-19 12:20 - 1142171076 _____ C:\Users\Obzen\Downloads\Ace-Ventura---Zvířecí-Detektiv-(2009)-CZ-dabing.avi
2016-06-19 10:11 - 2016-06-19 11:49 - 805410816 _____ C:\Users\Obzen\Downloads\Blbý-a-blbější-1-cz.avi
2016-06-18 11:46 - 2016-06-18 13:07 - 00000000 ____D C:\Users\Obzen\Downloads\Deadpool 2016 1080p BluRay x264 DTS-JYK
2016-06-18 11:28 - 2016-06-18 13:22 - 797136832 _____ C:\Users\Obzen\Downloads\Fakjů-pane-učiteli-1.avi
2016-06-18 11:03 - 2016-06-18 12:46 - 716122392 _____ C:\Users\Obzen\Downloads\Truman-Show-CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 22:20 - 2015-09-29 20:07 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 22:17 - 2015-02-15 22:14 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job
2016-07-11 21:31 - 2012-03-18 21:03 - 00669176 _____ C:\Windows\system32\perfh005.dat
2016-07-11 21:31 - 2012-03-18 21:03 - 00141334 _____ C:\Windows\system32\perfc005.dat
2016-07-11 21:31 - 2009-07-14 07:13 - 01585684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-11 21:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 23:17 - 2015-02-15 22:14 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job
2016-07-10 00:22 - 2015-09-08 21:50 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-09 05:54 - 2015-09-18 15:07 - 00120824 _____ C:\Users\Obzen\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-09 05:53 - 2009-07-14 06:45 - 02453320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-06 22:05 - 2014-12-24 02:46 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1419381976
2016-07-06 22:05 - 2014-12-24 02:45 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-03 19:49 - 2016-02-10 18:16 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Media Player Classic
2016-06-30 07:19 - 2014-12-18 22:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-30 01:53 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-28 14:28 - 2015-01-14 16:31 - 00000000 ____D C:\Users\Obzen\Desktop\Foto
2016-06-27 12:36 - 2015-09-03 20:48 - 00000000 ____D C:\AdwCleaner
2016-06-27 12:10 - 2014-12-30 11:18 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-27 11:57 - 2014-12-18 22:17 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\DAEMON Tools Lite
2016-06-27 11:24 - 2015-09-18 15:38 - 00016224 _____ C:\Users\Obzen\rgmnr
2016-06-24 14:33 - 2014-12-18 23:45 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Adobe
2016-06-18 12:59 - 2015-01-09 20:22 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\uTorrent
2016-06-17 21:40 - 2015-02-02 11:05 - 00000000 ____D C:\Users\Obzen\AppData\Roaming\Skype
2016-06-17 13:38 - 2015-09-18 14:34 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-06-17 06:20 - 2015-09-29 20:07 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 06:20 - 2015-09-08 21:50 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 06:20 - 2014-12-18 23:42 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 06:20 - 2014-12-18 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 23:23 - 2016-04-29 15:47 - 00000000 ____D C:\Users\Obzen\Desktop\Diplomová práce-diplomový seminář
2016-06-16 12:26 - 2015-04-02 21:10 - 00000000 _____ C:\Windows\XXLGSC

==================== Files in the root of some directories =======

2015-09-04 18:07 - 2016-04-09 18:02 - 0000024 _____ () C:\Users\Obzen\AppData\Roaming\appdataFr25.bin
2015-11-02 22:12 - 2015-11-02 22:12 - 0000741 _____ () C:\Users\Obzen\AppData\Local\recently-used.xbel
2015-09-18 14:33 - 2015-09-18 14:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-18 14:55 - 2015-09-18 14:55 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Obzen\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Obzen\AppData\Local\Temp\libeay32.dll
C:\Users\Obzen\AppData\Local\Temp\msvcr120.dll
C:\Users\Obzen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2012-03-18 19:35] - [2012-03-14 19:54] - 3107328 ____A (Microsoft Corporation) F494F46EBFB95FB041CB06B8549B4363

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2012-03-18 18:52] - [2015-09-18 15:48] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-08 20:02

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Obzen (2016-07-11 22:25:51)
Running from C:\Users\Obzen\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-18 13:06:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-794359640-1266989433-3461036011-500 - Administrator - Disabled)
Guest (S-1-5-21-794359640-1266989433-3461036011-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-794359640-1266989433-3461036011-1004 - Limited - Enabled)
Obzen (S-1-5-21-794359640-1266989433-3461036011-1000 - Administrator - Enabled) => C:\Users\Obzen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AutoCAD 2012 - Czech (HKLM\...\AutoCAD 2012 - Czech) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Czech (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Czech (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BSPlayer (HKLM-x32\...\BSPlayer1) (Version: - )
Bullzip PDF Printer 10.10.0.2307 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.10.0.2307 - Bullzip)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3917.58 - CyberLink Corp.)
Czech Soccer Manager (HKLM-x32\...\Czech Soccer Manager) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
Dropbox (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
DWG TrueView 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-794359640-1266989433-3461036011-1000\...\Flux) (Version: - )
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JustScrobble (HKLM-x32\...\JustScrobble) (Version: - blackcoder)
KillWinamp 1.61 (HKLM-x32\...\Kill Winamp_is1) (Version: - Johan Torp)
K-Lite Mega Codec Pack 5.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.4.4 - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (CSY) (HKLM\...\{C48AF3CF-C632-3C19-838E-7DAB7283D46A}) (Version: - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 cs)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Teruna (HKLM-x32\...\Teruna) (Version: 1.5b - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Czech\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Obzen\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-794359640-1266989433-3461036011-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Obzen\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23181ACD-046A-4071-8FCB-0B38478F6AEB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5919203A-163D-4467-87D3-B1C016029D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {5A843B73-F468-49A3-8C35-CDE2875C163A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {8328EE67-6E4F-43D3-819A-2FF25ABCA2ED} - System32\Tasks\{015D2B7D-50CE-4F64-9472-FB8118C2B847} => pcalua.exe -a "C:\ProgramData\NoMore Ads\NoMore Ads.exe" -c /progname=NoMore Ads /progver=3.4.2 /progpub=NoMore Ads /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {8D399CE3-0F88-4CEA-AA19-284FA5F13572} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8ECCF2DA-F9FC-4CA7-A2D1-BE10462C35F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {D09DB6C6-A6C0-45D6-A8A9-36EE7896336B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {D652AD15-6E49-44A7-A9B4-CDD4B0ABE652} - System32\Tasks\Opera scheduled Autoupdate 1419381976 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
Task: {E25BC626-9283-4A86-BC5E-A3BC9B18104F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E60141B7-17D2-4E8C-AB84-6A5CEF36898E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {F309C8A2-3132-4ED1-8E9E-8FDCF4FD5EAB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000Core.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-794359640-1266989433-3461036011-1000UA.job => C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{DF480F51-FA30-47E0-8A40-5F25869FF4B9}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/directory/ (No File)
Shortcut: C:\Users\Obzen\AppData\Local\Microsoft\Windows\GameExplorer\{447B4BA0-9EE0-4139-8A84-A5AD85D266BC}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.ensemblestudios.com/aoeiix/index.shtml/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2011-02-02 15:08 - 2011-02-02 15:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-12-30 11:18 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-12-30 11:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-12-30 11:18 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-12-18 22:33 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-25 16:17 - 2013-12-10 09:39 - 00074240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ctypes.pyd
2015-12-25 16:17 - 2013-12-10 09:39 - 00285184 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_hashlib.pyd
2015-12-25 16:17 - 2014-03-17 08:38 - 00866056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\common\UNO\UNO.dll
2015-12-25 16:17 - 2013-12-10 09:39 - 00040960 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_socket.pyd
2015-12-25 16:17 - 2013-12-10 09:39 - 00721920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\Koan\_ssl.pyd
2015-12-25 16:17 - 2014-03-17 08:38 - 00043784 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DHProcedure\DHProcedure.dll
2015-12-25 16:17 - 2014-03-17 08:27 - 00337920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\sqlite3.dll
2015-12-25 16:17 - 2014-03-17 05:10 - 00249344 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\libebml.dll
2015-12-25 16:17 - 2014-03-17 05:10 - 00548352 _____ () C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\libmatroska.dll
2015-02-11 15:48 - 2015-02-11 15:48 - 00014848 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_justscrobble.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-11 18:05 - 00001063 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 practivate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-794359640-1266989433-3461036011-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Obzen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Obzen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Pharrell Williams - Happy (Official Music Video).mp3.lnk => C:\Windows\pss\Pharrell Williams - Happy (Official Music Video).mp3.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Obzen\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Obzen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Greenshot => C:\Program Files\Greenshot\Greenshot.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: PlaysTV => "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
MSCONFIG\startupreg: PowerDVD14Agent => "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5367DFE0-400C-4A90-8DF7-D811AB74B462}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{791A499A-5CD3-4792-8266-AF4AF02F27A5}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{504BBB86-DE25-44F3-AA97-9DB9EB4E79DE}] => (Allow) C:\Users\Obzen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18374B7E-9178-4A66-AA77-18CC8C6C3E6D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A1069224-5F78-4DF1-B7D3-88A5FB499EFD}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{36AB0854-DF38-44D2-BB87-28D36C6ED648}] => (Allow) C:\Users\Obzen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{394D47BB-FD56-48A1-B910-9C184323C6AB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CBCCB01C-0690-4BC1-B826-68450F339C74}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4A779F27-75FC-4F09-806D-2D8DF5CCCF21}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2753BFF0-1F9D-4DCF-B194-04661096CBA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1FDDFCFC-9327-48AA-B402-D54C8E4CB275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{FC00F427-4494-4DBC-B30A-9C34D1A90811}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{39E21A3C-D1E2-44FC-8FDC-96865B1C0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{E73262F8-3329-4DB1-8948-388220CB2DED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{59828918-5398-43EE-8ACA-2F07B939FA6D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{7382E3A0-232D-49DC-AAAE-2F555EEC7198}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C43C97EA-39FF-49C7-A436-4B77A67C3F3B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

20-06-2016 15:51:39 Naplánovaný kontrolní bod
08-07-2016 20:09:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2016 09:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 09:26:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:32:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:32:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:24:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:23:53 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 06:18:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 06:17:48 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (07/11/2016 03:17:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2016 03:16:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.


System errors:
=============
Error: (07/11/2016 09:27:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Superfetch byla ukončena s následující chybou:
%%2 = Systém nemůže nalézt uvedený soubor.


Error: (07/11/2016 09:27:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Security Center Service neuspěla při spuštění v důsledku následující chyby:
%%577 = V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.


Error: (07/11/2016 09:26:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (07/11/2016 09:26:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo časového limitu (30000 ms).

Error: (07/11/2016 09:25:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (07/11/2016 09:25:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (30000 ms).

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/11/2016 09:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-07-11 22:25:43.762
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 22:25:43.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 22:25:43.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 22:25:43.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.787
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:57:58.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-07-11 21:56:25.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 26%
Total physical RAM: 8062.93 MB
Available physical RAM: 5909.63 MB
Total Virtual: 8061.13 MB
Available Virtual: 5746.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:648.27 GB) NTFS
Drive d: (A-DATA UFD) (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32
Drive e: () (Removable) (Total:7.6 GB) (Free:7.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 706B363B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

========================================================
Disk: 2 (Size: 7.6 GB) (Disk ID: 011CD972)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0B)

==================== End of Addition.txt ============================