Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakování reklam, nefunkční antvir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Vyskakování reklam, nefunkční antvir

#1 Příspěvek od ohmoni »

Dobrý den,
před asi dvěma týdny, jsem do pc omylem stáhla a nainstalovala soubor (honba za hledáním knihy na internetu) to způsobilo, že jsem do pc nainstalovala spoustu serepatiček, ze kterých mi začali vyskakovat reklamy na plochu. Sice se mi podařili všechny odinstalovat a pomocí Adwcleaner i z plochy dostat, ovšem některé museli zůstat (obnovu win zpět jsem neudělala a momentálně se tak zpátky v čase nedostanu), mám zavirovanou Operu, při načtení stránek mi vyskakují další reklamy, které zahlcují celé okno a také se v textu vytváří samostatné odkazy - odkazují na další reklamu. Další problém je, že když se přihlašuji do pc, občas se stane, že nefunguje enter, čili musím celý počítač restartovat. Další problém, který jsem zaznamenala, že občas když jsem na nestabilní wifi, a vyskočí, přehodí se připojení na internet na připojení na kabel, přitom žádný nepoužívám a nemohu se připojit zpátky na wifi, hází to chybu. Počítač je samozřejmě zpomalen. Přes léto jsem měla problémy, když jsem přeinstalovala pc na win 10, kdy evidentně hardware nezvládl nápor a přeinstalovávala jsem znovu do továrního nastavení na win 8, které mám něco přes měsíc.

Po scanu adwcleaner:

# AdwCleaner v6.030 - Log soubor vytvořen 10/11/2016 na 00:16:06
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-08.1 [Server]
# Operační systém : Windows 8.1 Pro (X64)
# Uživatelské jméno : Monika Ohrazdová - NOTEBOOK
# Beží od : C:\Users\Monika Ohrazdová\Desktop\adwcleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

SLužba nalezena: NetUtils2016


***** [ Adresáře ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Soubor nalezen: C:\Windows\SysNative\NetUtils2016.dll
Soubor nalezen: C:\Windows\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupce ] *****

Žádné infikovaný zástupce nenalezen.


***** [ Plánovač úloh ] *****

Žádný nebezpečná úloha nenalezena.


***** [ Registry ] *****

Klíč nalezen: HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\REOptimizer
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\REOptimizer
Klíč nalezen: [x64] HKLM\SOFTWARE\HDWallpaper
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\REOptimizer
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext [DisableAddonLoadTimePerformanceNotifications]


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium báze.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1566 Bajtů] - [22/10/2016 20:16:59]
C:\AdwCleaner\AdwCleaner[C2].txt - [1611 Bajtů] - [22/10/2016 20:22:19]
C:\AdwCleaner\AdwCleaner[C3].txt - [1668 Bajtů] - [22/10/2016 20:26:22]
C:\AdwCleaner\AdwCleaner[C4].txt - [1986 Bajtů] - [22/10/2016 20:35:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [20345 Bajtů] - [22/10/2016 19:52:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [20840 Bajtů] - [22/10/2016 20:06:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [1750 Bajtů] - [22/10/2016 20:16:40]
C:\AdwCleaner\AdwCleaner[S3].txt - [1816 Bajtů] - [22/10/2016 20:21:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [1925 Bajtů] - [22/10/2016 20:26:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [2118 Bajtů] - [22/10/2016 20:34:37]
C:\AdwCleaner\AdwCleaner[S6].txt - [2475 Bajtů] - [10/11/2016 00:16:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2549 Bajtů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#2 Příspěvek od Márty84 »

Zdravim :)

:arrow: Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#3 Příspěvek od ohmoni »

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
Date : 2016/11/10 13:11:36

-- Controller Map ----------------------------------------------------------
- Řadič prostorů úložišť [SCSI]
+ Intel(R) Mobile Express Chipset SATA RAID Controller [SCSI]
- WDC WD7500BPVT-60HXZT3

-- Disk List ---------------------------------------------------------------
(1) WDC WD7500BPVT-60HXZT3 : 750,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD7500BPVT-60HXZT3
----------------------------------------------------------------------------
Model : WDC WD7500BPVT-60HXZT3
Firmware : 01.01A01
Serial Number : WD-WX21E42W5858
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 9732 hod.
Power On Count : 3465 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 181 177 _21 000000000785 Čas na roztočení ploten
04 _97 _97 __0 000000000DA1 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _87 _87 __0 000000002604 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000D89 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000002 Časový limit příkazu
BE _67 _30 _40 001E211C0021 Teplota toku vzduchu
BF __1 __1 __0 000000001469 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 0000000000BD Počet vypnutí disku
C1 __1 __1 __0 0000000A6E63 Počet cyklů načítání/vymazání
C2 114 _77 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3231 4534 3257 3538 3538
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 5654 2D36 3048 585A 5433 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 0048
080: 01FE 0000 706B 7C09 6123 7069 BC09 6123 407F 0050
090: 0050 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 580D 5355 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0400
130: 0001 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 703D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 15A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B5 B1 85 07 00 00 00 00 00 04 32 00 61 61 A1
020: 0D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 57 57 04 26 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 89 0D 00 00 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 63 02 00 00 00 00 00 00 BE 22
0A0: 00 43 1E 21 00 1C 21 1E 00 00 BF 32 00 01 01 69
0B0: 14 00 00 00 00 00 C0 32 00 C8 C8 BD 00 00 00 00
0C0: 00 00 C1 32 00 01 01 63 6E 0A 00 00 00 00 C2 22
0D0: 00 72 4D 21 00 00 00 00 00 00 C4 32 00 C8 C8 00
0E0: 00 00 00 00 00 00 C5 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C6 30 00 64 FD 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 C8 09 00 64 FD 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A4 3D 01 51
170: 03 00 01 00 02 9B 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 65

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 33 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F8
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#4 Příspěvek od ohmoni »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by Monika Ohrazdová (administrator) on NOTEBOOK (10-11-2016 13:27:38)
Running from C:\Users\Monika Ohrazdová\Desktop
Loaded Profiles: Monika Ohrazdová (Available Profiles: Monika Ohrazdová)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\AutoKMS\AutoKMS.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera_crashreporter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera_autoupdate.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.46\opera.exe
(forum.viry.cz) C:\Users\Monika Ohrazdová\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Oleg N. Scherbakov) C:\Windows\Temp\RestartTAPAdapter.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-12-11] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [svchost.exe -start] => C:\Users\Monika Ohrazdová\AppData\Roaming\Tools\svchost.exe [736768 2016-10-20] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25424008 2016-10-24] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-07] (Spotify Ltd)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-07-09] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181488 2016-08-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159352 2016-08-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-08-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{8F899242-BE22-4CF7-900A-BD4C3A77ACE8}: [DhcpNameServer] 128.40.200.1 144.82.100.41

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-08-16] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-08]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [41576 2016-10-24] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-25] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-25] (NVIDIA Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2016-10-22] () <==== ATTENTION
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56376 2016-08-25] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204936 2014-02-12] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-07] (Synaptics Incorporated)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-10 13:27 - 2016-11-10 13:28 - 00024836 _____ C:\Users\Monika Ohrazdová\Desktop\FRST.txt
2016-11-10 13:27 - 2016-11-10 13:27 - 00112640 _____ (forum.viry.cz) C:\Users\Monika Ohrazdová\Desktop\FRSTLauncher.exe
2016-11-10 13:18 - 2016-11-10 13:27 - 00000000 ____D C:\FRST
2016-11-10 13:13 - 2016-11-10 13:13 - 02410496 _____ (Farbar) C:\Users\Monika Ohrazdová\Desktop\FRST64.exe
2016-11-10 13:11 - 2016-11-10 13:11 - 00001216 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo.lnk
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-11-10 13:10 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-11-10 13:09 - 2016-11-10 13:10 - 11413488 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo7_0_4-en.exe
2016-11-09 23:55 - 2016-11-09 23:55 - 03910208 _____ C:\Users\Monika Ohrazdová\Desktop\adwcleaner.exe
2016-11-09 22:37 - 2016-10-27 18:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 22:36 - 2016-11-02 14:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 22:36 - 2016-11-02 14:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 22:36 - 2016-10-27 18:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 22:36 - 2016-10-27 18:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 22:36 - 2016-10-27 18:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 22:36 - 2016-10-27 18:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 22:36 - 2016-10-27 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 22:36 - 2016-10-27 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 22:36 - 2016-10-27 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 22:36 - 2016-10-27 17:57 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 22:36 - 2016-10-27 17:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 22:36 - 2016-10-27 17:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 22:36 - 2016-10-27 17:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 22:36 - 2016-10-27 17:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 22:36 - 2016-10-27 17:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 22:36 - 2016-10-27 17:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 22:36 - 2016-10-27 16:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 22:36 - 2016-10-27 15:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 22:36 - 2016-10-25 14:11 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 22:36 - 2016-10-22 17:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 22:36 - 2016-10-22 17:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 22:36 - 2016-10-22 17:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 22:36 - 2016-10-22 17:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 22:36 - 2016-10-22 16:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 22:36 - 2016-10-22 16:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 22:36 - 2016-10-22 16:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 22:36 - 2016-10-22 16:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 22:36 - 2016-10-22 16:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 22:36 - 2016-10-22 16:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 22:36 - 2016-10-22 16:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 22:36 - 2016-10-22 16:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 22:36 - 2016-10-22 16:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 22:36 - 2016-10-12 08:01 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 22:36 - 2016-10-11 20:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 20:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 18:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 22:36 - 2016-10-11 17:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 22:36 - 2016-10-11 16:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 22:36 - 2016-10-09 22:59 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 22:36 - 2016-10-08 23:12 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 22:36 - 2016-10-08 22:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 22:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 22:36 - 2016-10-08 22:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-09 22:36 - 2016-10-08 22:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 22:02 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 22:36 - 2016-10-08 21:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 21:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 22:36 - 2016-10-04 20:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 22:36 - 2016-10-04 20:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 22:36 - 2016-09-09 22:52 - 00921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-11-09 22:36 - 2016-09-09 22:14 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-09 22:36 - 2016-09-09 14:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 22:36 - 2016-09-09 14:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 14:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 13:38 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 22:36 - 2016-09-03 18:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 18:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-09 22:36 - 2016-09-03 17:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 17:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-09 22:36 - 2016-09-03 16:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-09 22:36 - 2016-09-03 16:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-09 22:36 - 2016-09-03 15:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-09 22:36 - 2016-09-02 14:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-09 22:36 - 2016-09-02 14:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-09 22:36 - 2016-09-01 14:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-09 22:36 - 2016-08-30 14:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-09 22:36 - 2016-08-30 02:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-09 22:36 - 2016-08-22 13:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 20:50 - 2016-11-09 20:50 - 00000000 ____D C:\Users\Monika Ohrazdová\Downloads\dcache
2016-11-08 15:34 - 2016-11-08 15:34 - 00103230 _____ C:\Users\Monika Ohrazdová\Downloads\BPPV_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:34 - 2016-11-08 15:34 - 00079715 _____ C:\Users\Monika Ohrazdová\Downloads\BPPO_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:30 - 2016-11-08 15:30 - 00534833 _____ C:\Users\Monika Ohrazdová\Downloads\BPTX_2009_2__0_273798_0_88441.pdf
2016-11-06 16:18 - 2016-11-10 13:08 - 00000000 ___RD C:\Users\Monika Ohrazdová\Dropbox
2016-11-06 16:14 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-06 16:12 - 2016-11-06 16:12 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Dropbox
2016-11-06 16:11 - 2016-11-10 13:16 - 00000946 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-06 16:11 - 2016-11-10 13:06 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-06 16:11 - 2016-11-08 01:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-06 16:11 - 2016-11-06 16:15 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Dropbox
2016-11-06 16:11 - 2016-11-06 16:11 - 00003918 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-06 16:11 - 2016-11-06 16:11 - 00003682 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-06 16:11 - 2016-11-06 16:11 - 00000000 ____D C:\ProgramData\Dropbox
2016-11-02 12:19 - 2016-11-02 12:19 - 01979960 _____ C:\Users\Monika Ohrazdová\Downloads\MIPAD M1 Lecture 2 - Defining megaprojects - problems with boundaries - The case of CTRL - Part 1 - 17.10.16.pptx
2016-11-02 12:06 - 2016-11-02 12:06 - 124781526 _____ C:\Users\Monika Ohrazdová\Downloads\group B3.rar
2016-11-02 09:47 - 2016-11-10 13:06 - 00000000 ___RD C:\Users\Monika Ohrazdová\iCloudDrive
2016-11-02 09:47 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-02 09:47 - 2016-11-02 15:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\E85CE604-2864-445A-B366-0D620FBA4753.aplzod
2016-11-02 09:47 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Inc
2016-11-02 08:56 - 2016-11-05 10:51 - 00003442 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2016-11-01 10:52 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-31 21:26 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-31 21:25 - 2016-11-08 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-10-31 21:25 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\iPod
2016-10-31 21:14 - 2016-11-02 14:31 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Computer
2016-10-31 21:14 - 2016-11-02 09:48 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Apple Computer
2016-10-31 21:13 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-31 21:12 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-10-31 21:12 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple
2016-10-31 21:12 - 2016-10-31 21:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files\Bonjour
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-31 21:11 - 2016-11-08 01:35 - 00000000 ____D C:\ProgramData\Apple
2016-10-27 22:26 - 2016-10-27 22:26 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 41.lnk
2016-10-25 22:47 - 2016-10-25 22:47 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\SketchUp
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\ProgramData\Reprise
2016-10-25 09:20 - 2016-10-25 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\ProgramData\SketchUp
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\Program Files\SketchUp
2016-10-25 01:50 - 2016-10-27 22:26 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1477360204
2016-10-24 13:06 - 2016-10-24 13:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-10-24 13:06 - 2016-10-24 13:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-10-24 13:06 - 2016-10-24 13:06 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-10-24 13:06 - 2016-10-24 13:06 - 00041576 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝\AppData\Local\Adobe
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝
2016-10-22 21:25 - 2016-10-22 21:35 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1477171548
2016-10-22 21:25 - 2016-10-22 21:35 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-22 21:25 - 2016-10-22 21:25 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-22 21:24 - 2016-11-09 17:34 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-22 21:24 - 2016-10-22 21:23 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-22 21:23 - 2016-10-22 21:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 21:23 - 2016-10-22 21:23 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-22 21:23 - 2016-10-22 21:23 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-22 21:22 - 2016-10-22 21:25 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-22 20:48 - 2016-10-22 20:52 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-22 20:26 - 2012-07-15 15:48 - 00030720 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapoas.sys
2016-10-22 19:54 - 2016-10-25 01:40 - 00000000 ____D C:\Windows\Minidump
2016-10-22 19:51 - 2016-11-10 00:16 - 00000000 ____D C:\AdwCleaner
2016-10-21 13:21 - 2016-10-21 13:29 - 00000000 ____D C:\e039bd920337f86489
2016-10-21 13:18 - 2016-10-21 13:18 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashRpt
2016-10-21 13:13 - 2016-10-21 13:13 - 07214592 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 01911702 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.tst
2016-10-21 13:13 - 2016-10-21 13:13 - 01897573 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Hotfresh.bin
2016-10-21 13:13 - 2016-10-21 13:13 - 00190394 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Softex.bin
2016-10-21 13:13 - 2016-10-21 13:13 - 00126464 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\noah.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 00070704 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Config.xml
2016-10-21 13:13 - 2016-10-21 13:13 - 00018432 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 00005568 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\md.xml
2016-10-21 13:13 - 2016-10-21 13:10 - 00710656 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.exe
2016-10-21 13:11 - 2016-11-10 13:06 - 00625272 _____ C:\Windows\system32\NetUtils2016.dll
2016-10-21 13:11 - 2016-10-22 20:35 - 00909944 _____ C:\Windows\system32\Drivers\NetUtils2016.sys
2016-10-21 13:11 - 2016-10-22 10:07 - 00004284 _____ C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3533363838343539302d574a324178345a2a376c455a
2016-10-21 13:11 - 2016-10-21 13:13 - 00016224 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\InstallationConfiguration.xml
2016-10-21 13:11 - 2016-10-21 13:11 - 00140288 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\system32\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Program Files (x86)\Gruheph_
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Program Files (x86)\Gruheph
2016-10-21 13:10 - 2016-10-25 01:33 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Tools
2016-10-21 13:10 - 2016-10-21 13:10 - 00000000 _____ C:\TOSTACK
2016-10-21 13:08 - 2016-10-21 13:08 - 00002560 _____ C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe
2016-10-20 22:53 - 2016-10-21 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-19 20:08 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\PDF Writer
2016-10-19 20:08 - 2016-10-19 20:08 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:06 - 00000000 ____D C:\ProgramData\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Common Files\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Bullzip
2016-10-19 20:04 - 2014-11-19 19:25 - 00228352 _____ (Bullzip) C:\Windows\SysWOW64\bzFlRdr.dll
2016-10-19 20:04 - 2013-09-01 10:59 - 01103872 _____ C:\Windows\SysWOW64\CBLCtlsU.ocx
2016-10-19 20:04 - 2013-07-13 10:15 - 00805376 _____ C:\Windows\SysWOW64\EditCtlsU.ocx
2016-10-19 20:04 - 2013-07-12 20:57 - 00539648 _____ C:\Windows\SysWOW64\LblCtlsU.ocx
2016-10-19 20:04 - 2013-04-05 11:55 - 00476160 _____ C:\Windows\SysWOW64\TabStripCtlU.ocx
2016-10-19 20:04 - 2013-03-28 21:13 - 00645632 _____ C:\Windows\SysWOW64\BtnCtlsU.ocx
2016-10-19 20:04 - 2013-03-03 12:37 - 01061888 _____ C:\Windows\SysWOW64\ExLvwU.ocx
2016-10-19 20:04 - 2008-07-09 19:25 - 00103424 _____ (Bullzip) C:\Windows\SysWOW64\bzDCT.dll
2016-10-19 20:04 - 1999-05-12 22:00 - 01064456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2016-10-19 18:12 - 2016-10-19 18:57 - 795528986 _____ C:\Users\Monika Ohrazdová\Downloads\Palo.Alto.2013.m720p.BDRip.x264.AAC.CZ.titulky.mkv
2016-10-19 16:25 - 2016-10-19 16:25 - 00000000 ____D C:\Program Files\VideoLAN
2016-10-14 10:44 - 2016-11-09 17:29 - 00003752 _____ C:\Windows\System32\Tasks\AutoKMS
2016-10-12 09:50 - 2016-09-12 23:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 09:50 - 2016-09-09 13:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 09:50 - 2016-09-09 13:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 09:50 - 2016-08-27 19:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 09:50 - 2016-08-27 19:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 09:50 - 2016-08-27 19:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 09:50 - 2016-08-27 18:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 09:50 - 2016-08-27 18:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 09:50 - 2016-08-27 18:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 09:50 - 2016-08-27 16:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 09:50 - 2016-08-27 16:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 09:50 - 2016-08-27 16:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 09:50 - 2016-08-27 15:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-12 09:50 - 2016-08-20 22:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 09:50 - 2016-08-20 22:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 09:50 - 2016-08-12 21:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 09:50 - 2016-08-12 20:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 09:49 - 2016-10-01 00:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 09:49 - 2016-09-17 18:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 09:49 - 2016-09-17 17:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 09:49 - 2016-09-14 01:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 09:49 - 2016-09-14 01:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 09:49 - 2016-09-14 01:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 09:49 - 2016-09-14 01:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 09:49 - 2016-09-12 22:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 09:49 - 2016-09-12 21:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 09:49 - 2016-09-08 20:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 09:49 - 2016-09-08 14:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 09:49 - 2016-09-08 14:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 09:49 - 2016-09-07 22:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 09:49 - 2016-09-07 21:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 09:49 - 2016-09-07 21:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 09:49 - 2016-09-07 21:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 09:49 - 2016-09-07 21:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 09:49 - 2016-08-25 20:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-12 09:49 - 2016-08-25 19:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-12 09:49 - 2016-08-13 00:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 09:49 - 2016-08-13 00:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-12 09:49 - 2016-08-13 00:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-12 09:49 - 2016-08-13 00:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-12 09:49 - 2016-08-12 22:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-12 09:49 - 2016-08-12 22:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 09:49 - 2016-08-12 21:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-12 09:49 - 2016-08-12 01:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-12 09:49 - 2016-08-12 01:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-12 09:49 - 2016-08-11 18:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-12 09:49 - 2016-08-11 18:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-12 09:49 - 2016-08-11 18:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-12 09:49 - 2016-08-11 17:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-12 09:49 - 2016-08-11 05:46 - 00420184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-12 09:49 - 2016-08-03 15:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-12 09:49 - 2016-08-03 15:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-12 09:49 - 2016-08-03 15:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-12 09:49 - 2016-08-03 15:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-12 09:49 - 2016-07-30 17:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-12 09:49 - 2016-07-30 16:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-12 09:49 - 2016-07-26 13:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-12 09:49 - 2016-07-26 13:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-12 09:49 - 2016-07-23 18:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-12 09:49 - 2016-07-23 18:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 20:33 - 2016-11-09 23:58 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-11 20:33 - 2016-11-09 17:25 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-11 20:33 - 2016-11-08 15:58 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-10-11 20:33 - 2016-11-08 15:58 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 07:30 - 2016-10-11 07:30 - 00000000 ____D C:\Users\Monika Ohrazdová\Documents\Projekty aplikace Pinnacle
2016-10-11 07:28 - 2016-10-11 08:52 - 00005120 _____ C:\Users\Monika Ohrazdová\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-11 07:27 - 2016-10-11 07:28 - 00000000 ____D C:\Users\Monika Ohrazdová\temp
2016-10-11 07:27 - 2016-10-11 07:27 - 00000000 ____D C:\Users\Monika Ohrazdová\Documents\InstantCDDVD
2016-10-11 07:26 - 2016-10-11 07:26 - 00000207 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\NOTEBOOK.MTBF.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-10 13:26 - 2016-09-27 23:52 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashDumps
2016-11-10 13:10 - 2016-09-18 15:57 - 00004014 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC5F0145-F148-4B2F-B940-26B38BCA66AD}
2016-11-10 13:08 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2016-11-10 13:06 - 2016-09-29 20:03 - 00000000 ___RD C:\Users\Monika Ohrazdová\OneDrive
2016-11-10 13:04 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-10 13:04 - 2013-08-22 14:44 - 05296672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 12:57 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2016-11-10 12:54 - 2016-09-26 10:16 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 12:54 - 2016-09-26 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-11-10 12:54 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-09 23:26 - 2016-09-18 15:59 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-09 21:01 - 2016-10-06 12:13 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-09 15:12 - 2016-09-18 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Spotify
2016-11-09 15:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\NDF
2016-11-09 12:33 - 2016-09-18 21:22 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify
2016-11-08 17:49 - 2013-09-30 04:20 - 01661872 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-08 17:49 - 2013-09-30 03:57 - 00706544 _____ C:\Windows\system32\perfh005.dat
2016-11-08 17:49 - 2013-09-30 03:57 - 00144366 _____ C:\Windows\system32\perfc005.dat
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 10:22 - 2016-09-18 16:00 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1997252335-2128944848-2870876807-1001
2016-11-08 09:51 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová
2016-11-08 01:42 - 2016-09-28 13:09 - 00000000 ____D C:\ProgramData\Autodesk
2016-11-08 01:42 - 2016-09-25 20:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-08 01:42 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-11-08 01:39 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-08 01:37 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\registration
2016-11-08 01:36 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Packages
2016-11-08 01:33 - 2016-09-25 20:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-07 16:52 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-07 15:24 - 2016-10-05 22:03 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-04 12:46 - 2013-08-22 13:25 - 00000167 _____ C:\Windows\win.ini
2016-11-04 12:06 - 2016-10-05 22:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 09:48 - 2016-09-25 21:25 - 00000000 ____D C:\Users\Monika Ohrazdová\Documents\Outlook Files
2016-10-31 19:56 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 02:01 - 2016-10-05 22:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 02:00 - 2016-10-05 22:14 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Google
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Opera Software
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Opera Software
2016-10-24 22:04 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-24 21:54 - 2016-10-06 09:19 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-24 21:54 - 2016-10-06 09:19 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 12:16 - 2016-10-10 13:46 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\ElevatedDiagnostics
2016-10-22 20:42 - 2013-08-22 15:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-10-22 20:08 - 2016-09-18 15:54 - 00001003 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-22 19:54 - 2016-09-25 21:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 13:19 - 2016-09-25 21:40 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Mozilla
2016-10-21 10:28 - 2016-09-28 13:17 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Autodesk
2016-10-18 14:33 - 2016-09-18 16:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\vlc
2016-10-16 11:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:32 - 2016-10-05 23:54 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-14 10:32 - 2016-10-05 23:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-13 09:49 - 2016-10-07 15:38 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-12 17:21 - 2016-09-25 20:07 - 00000034 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\AdobeWLCMCache.dat
2016-10-11 20:32 - 2016-09-18 20:20 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Adobe
2016-10-11 07:29 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\VirtualStore
2016-10-11 07:27 - 2016-10-09 17:22 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Pinnacle
2016-10-11 07:26 - 2016-10-09 17:23 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI

==================== Files in the root of some directories =======

2016-09-25 20:07 - 2016-10-12 17:21 - 0000034 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\AdobeWLCMCache.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 7214592 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 0070704 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Config.xml
2016-10-21 13:13 - 2016-10-21 13:13 - 1897573 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Hotfresh.bin
2016-10-21 13:11 - 2016-10-21 13:13 - 0016224 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\InstallationConfiguration.xml
2016-10-21 13:11 - 2016-10-21 13:11 - 0140288 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:13 - 2016-10-21 13:10 - 0710656 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.exe
2016-10-21 13:13 - 2016-10-21 13:13 - 1911702 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.tst
2016-10-21 13:13 - 2016-10-21 13:13 - 0018432 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 0005568 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\md.xml
2016-10-21 13:13 - 2016-10-21 13:13 - 0126464 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\noah.dat
2016-10-11 07:26 - 2016-10-11 07:26 - 0000207 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\NOTEBOOK.MTBF.txt
2016-10-21 13:13 - 2016-10-21 13:13 - 0190394 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Softex.bin
2016-10-21 13:13 - 2016-10-21 13:13 - 0032038 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\uninstall_temp.ico
2016-10-11 07:27 - 2016-10-11 09:22 - 0000967 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\__AvidCloudManager.log
2016-10-11 07:28 - 2016-10-11 08:52 - 0005120 _____ () C:\Users\Monika Ohrazdová\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-25 19:31 - 2016-09-25 19:31 - 0000017 _____ () C:\Users\Monika Ohrazdová\AppData\Local\resmon.resmoncfg
2016-10-21 13:08 - 2016-10-21 13:08 - 0002560 _____ () C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Monika Ohrazdov \Desktop" je 17 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#5 Příspěvek od Márty84 »

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#6 Příspěvek od ohmoni »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 11. 2016
Čas skenování: 23:34
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.10.10
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Monika Ohrazdová

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 663392
Uplynulý čas: 15 hod, 30 min, 32 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 6
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{765B742F-8DDE-4806-A882-A23BF6D30285}, , [c6dccdf14b4fc86e53752ea2d929d729],
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_3533363838343539302d574a324178345a2a376c455a, , [881a902e1288ce68acc4559070913fc1],
PUP.Optional.BrowserAir, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\BrowserairExec.exe, , [91118737673326106d1c2194ff04817f],
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, , [c2e0a11dc3d7d462fe51136291729070],
PUP.Optional.BrowserAir, HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\CLIENTS\STARTMENUINTERNET\BrowserAir.BH3RXSGEMPEZ2YDM6SLWRC2EEA, , [4260b30ba3f7b6808d04f2b6aa585ea2],
PUP.Optional.BrowserAir, HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\BrowserairExec.exe, , [a5fdae103169181e0384a114b74cb848],

Hodnoty registru: 3
Trojan.Crypt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svchost.exe -start, C:\Users\Monika Ohrazdová\AppData\Roaming\Tools\svchost.exe -start, , [8c16625c7e1c25116cabbdfd8281ce32]
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{765B742F-8DDE-4806-A882-A23BF6D30285}|Path, \SMW_UpdateTask_Time_3533363838343539302d574a324178345a2a376c455a, , [c6dccdf14b4fc86e53752ea2d929d729]
PUP.Optional.BrowserAir, HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.BH3RXSGEMPEZ2YDM6SLWRC2EEA, Software\Clients\StartMenuInternet\BrowserAir.BH3RXSGEMPEZ2YDM6SLWRC2EEA\Capabilities, , [e5bd2599eab01422e28e2ea343bfaa56]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Elex, C:\Program Files (x86)\Gruheph, , [3d65dbe39bffb482a6c4a320649f926e],

Soubory: 58
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\drivers\NetUtils2016.sys, , [9ee21f7d46bd2b0f128e0907babc7d28],
Trojan.Crypt, C:\Users\Monika Ohrazdová\AppData\Roaming\Tools\svchost.exe, , [8c16625c7e1c25116cabbdfd8281ce32],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\cfvtonhpuxcjupfeiotcsaaxsqcgdvds.back, , [ebb7209e178337ffa719b7d926dde719],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\ejxvvkkztkozjhpffphvucxryysfgetn.back, , [564c4a749505b87e1da33858818232ce],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\eoowucxtcomgwbzgjztspotsuzwdbnbt.back, , [ebb73b834c4e8bab81551af95fa2d828],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\gbrytsbnanxzkowxxqjckrdovhsngnye.back, , [366c5a64900adb5b1fb671a25ea37b85],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\smllfwrymyvdicqbjcjcbfqzqncqfhzf.back, , [f1b17c42801a44f21eb7a76c11f0e51b],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tdxkfezgdhondxrwavcmzskobhstlijs.back, , [f8aad0eee3b7290d498cad66b1507d83],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\thlpsjknragpsugdotljjsjkrcmevlpy.back, , [adf54579495178be6d53aee225def50b],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\wkbvuwcwnjyzxrytizxxpzufzabvfoxv.back, , [00a2ebd33e5cc175a8189bf5b84bc937],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\wzjvpnubwccigygsqcfhupsaoiltbzpy.back, , [d3cf645a6634b086a61a3b55d13232ce],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\mrlvwlqwfrscabkjilvecfbjakgvlrgw.back, , [732f6d51dac0979f5c792be8d42d9d63],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\yzziuhqrhmdlghrbwyceanzxpvtboiha.back, , [4959ba042f6b2c0a2f913a561ee50af6],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\zgizaaavtqhfidqacfsqhfqdqasukrtd.back, , [8022912db0ea191da020b2de000330d0],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\zkiovddnnyhnuwxnbgcbjyftqvkbhifx.back, , [9b07605e39611224b60a8b05cb384bb5],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\heojfraztproqgmqnslypzjigugvltbd.back, , [edb5efcf376364d26f51721efc07dd23],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\hqgzvjtecbipwjsqmminwzvzckzyjgrv.back, , [dec4fdc127730f2704d138dbf50c7090],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\lcaxrtpgmmbdbgedgjxzxlkiqvrqnbqq.back, , [42605866b8e2b482f9c72f61b350728e],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\leunsnmflvycjkqjvkgjbodptzbnqled.back, , [c9d902bca7f3fa3cc5fb94fc867dd32d],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\glssbrumkqxkyggnhupyprgsqotahiez.back, , [178bfec0f9a15adc73904771b05321df],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine.dll, , [732fd4ea6c2e72c49f36b95ade239070],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine.exe, , [237f2b93663454e23e97de357c85936d],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine64.dll, , [b3ef922c653544f271644fc4ca37e21e],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdenginecert.dll, , [eab8843ac8d267cf64718a8941c07b85],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdinstaller.exe, , [1092d8e63961b383dafc1ef5956ca45c],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdwfp.sys, , [9c06685608922d090dc90f046a976e92],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdwfp64.sys, , [059d407e96041620805643d08d74c63a],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\ziengine.exe, , [049e1aa4ddbdc373478e54bf0df4916f],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\ziengine64.exe, , [dfc3724c6b2fd75f6a6b69aaa06122de],
PUP.Optional.LogicHandler, C:\AdwCleaner\quarantine\files\mgqwixuryohmaivtxcjutcwkhzsnannc\set.exe, , [b8eacbf3cecc340277e298a86d93cf31],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\sma.exe, , [7f23922c168400367e2de43f88795ea2],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smci32.dll, , [782a8f2fe9b148eed51063c0fa0710f0],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smci64.dll, , [0c965f5f2c6e54e27075140fe51c619f],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smu.exe, , [5d45b00e0d8d5dd91bca54cf2cd5e41c],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\BrowserairExec.exe, , [5c46f0ce2773082e2d610d2e8879e61a],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\chrome_elf.dll, , [adf5833b5248b284ade106351ae7e917],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\chrome_watcher.dll, , [a002efcf6c2ee65056387ac1fe037e82],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\delegate_execute.exe, , [edb503bb2a7053e34f3f43f87e832cd4],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\metro_driver.dll, , [e9b9318dbbdf6dc97618d56661a01ce4],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\nacl64.exe, , [653dc1fdf8a225119cf278c330d1a35d],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\Installer\setup.exe, , [4f532599cfcbee48a8a21bbe54acd42c],
PUP.Optional.Linkury, C:\AdwCleaner\quarantine\files\ysmfrnbgyvhojnusipfiaarftfbsvmrp\Nettrans.exe, , [f0b2b80658421323ae07e1c5cb38d12f],
RiskWare.FilePatcher, C:\Program Files\Rhinoceros 5.0 (64-bit)\rhinoceros_5.0_x64.exe, , [9b07a31bc2d81521643dedf453ad7987],
PUP.Optional.LogicHandler, C:\Users\Monika Ohrazdová\AppData\Roaming\Hotfresh.bin, , [940ec9f5faa057dfc495eb5522dec838],
PUP.Optional.Linkury, C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.exe, , [01a1229c663496a0a629e7c9e51ef60a],
PUP.Optional.Linkury, C:\Users\Monika Ohrazdová\AppData\Roaming\Softex.bin, , [a7fbb905b9e1cb6b4174545235ce13ed],
HackTool.AutoKMS, C:\Windows\AutoKMS\AutoKMS.exe, , [f2b0229c43575bdb8d8f4b3dc43fcd33],
PUP.Optional.StartGo123, C:\Windows\System32\NetUtils2016.dll, , [475bc5f94d4d90a652fc9dd89a69857b],
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMW_UpdateTask_Time_3533363838343539302d574a324178345a2a376c455a, , [adf587371387dd594de2509e20e19070],
PUP.Optional.Linkury, C:\Users\Monika Ohrazdová\AppData\Roaming\md.xml, , [980ac5f95842181e202600d06a982bd5],
PUP.Optional.Linkury, C:\Users\Monika Ohrazdová\AppData\Roaming\noah.dat, , [5a488f2ffd9da294d0776f6148ba4eb2],
PUP.Optional.Linkury, C:\Users\Monika Ohrazdová\AppData\Roaming\uninstall_temp.ico, , [782a0ab40f8b2d0987c101cf36cceb15],
PUP.Optional.Linkury.Gen, C:\Users\Monika Ohrazdová\AppData\Roaming\Kaytrax.tst, , [d5cde7d7e7b30234bcfcb327df23e41c],
PUP.Optional.Yontoo, C:\Users\Monika Ohrazdová\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage, , [11919e20594125112ae92d17bd463ec2],
PUP.Optional.Yontoo, C:\Users\Monika Ohrazdová\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal, , [1e846c52b8e290a61003f252669d26da],
PUP.Optional.Linkury.ACMB1, C:\Users\Monika Ohrazdová\AppData\Roaming\Config.xml, , [7d25b707d0cae84e9c12310cff04ec14],
PUP.Optional.Linkury.ACMB1, C:\Users\Monika Ohrazdová\AppData\Roaming\InstallationConfiguration.xml, , [c4de0ab4d5c5a4927a35f34a649f46ba],
PUP.Optional.CleanBrowser, C:\Windows\run.vbs, , [bfe32d9122782e080cebbdf654af45bb],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#7 Příspěvek od Márty84 »

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#8 Příspěvek od ohmoni »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13. 11. 2016
Čas skenování: 14:47
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.11.13.04
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Monika Ohrazdová

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 661899
Uplynulý čas: 4 hod, 9 min, 6 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 40
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\cfvtonhpuxcjupfeiotcsaaxsqcgdvds.back, , [bd0b0db23c5eef47962391ff12f18d73],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\ejxvvkkztkozjhpffphvucxryysfgetn.back, , [ac1c823d4456a195e7d2eba5ad5602fe],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\eoowucxtcomgwbzgjztspotsuzwdbnbt.back, , [71577e412c6e33032ba9f2212ed3867a],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\gbrytsbnanxzkowxxqjckrdovhsngnye.back, , [ffc9249bcfcbe74fc80b868d46bbdd23],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\smllfwrymyvdicqbjcjcbfqzqncqfhzf.back, , [c305348b7327ac8af0e3be55a65be41c],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tdxkfezgdhondxrwavcmzskobhstlijs.back, , [3f89a718a4f654e2cd065eb54bb66c94],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\thlpsjknragpsugdotljjsjkrcmevlpy.back, , [5474249b8b0fc2747a3f266aa85be11f],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\wkbvuwcwnjyzxrytizxxpzufzabvfoxv.back, , [dcecf3cc6a30c571c0f9414f13f052ae],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\wzjvpnubwccigygsqcfhupsaoiltbzpy.back, , [e2e6625d415961d58a2feaa643c0ef11],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\mrlvwlqwfrscabkjilvecfbjakgvlrgw.back, , [a325447b97035dd95b7851c2f40d7a86],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\yzziuhqrhmdlghrbwyceanzxpvtboiha.back, , [7355ffc0d6c4f1454178f0a0986b1ae6],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\zgizaaavtqhfidqacfsqhfqdqasukrtd.back, , [10b8bc03e4b656e0bbfec7c90201a858],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\zkiovddnnyhnuwxnbgcbjyftqvkbhifx.back, , [25a3fac50298d6607247d5bb1ee5ed13],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\heojfraztproqgmqnslypzjigugvltbd.back, , [6e5abb04851545f111a84b452fd4936d],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\hqgzvjtecbipwjsqmminwzvzckzyjgrv.back, , [88400fb05545aa8ccb080b08b84931cf],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\lcaxrtpgmmbdbgedgjxzxlkiqvrqnbqq.back, , [7553f0cf1c7e60d63b7ea0f0f70c27d9],
PUP.Optional.StartGo123, C:\AdwCleaner\quarantine\files\leunsnmflvycjkqjvkgjbodptzbnqled.back, , [b018c7f80c8ef640c4f5751b04ff629e],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\glssbrumkqxkyggnhupyprgsqotahiez.back, , [9533f4cb6931c57137c4bcfb44bf27d9],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine.dll, , [715704bbf7a3cb6b4e85858e966bfe02],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine.exe, , [9335c0ffbbdf89adede6c251e12059a7],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdengine64.dll, , [98301ea1376348ee924140d34bb65aa6],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdenginecert.dll, , [458313acb6e47db9f0e32be86b962bd5],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdinstaller.exe, , [6f59f4cb9bff0135874d26ed0af79c64],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdwfp.sys, , [8246c4fbf4a6c5713f9560b35ca5669a],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\zdwfp64.sys, , [ccfc67587e1cc37313c145ceb24f56aa],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\ziengine.exe, , [e6e2566926742016f7dcd53ed22fc33d],
PUP.Optional.Komodia, C:\AdwCleaner\quarantine\files\tulrglbqaubsnfzzuxfzohywdatcwnee\ziengine64.exe, , [8543645bb9e1b086bb18fc17639e669a],
PUP.Optional.LogicHandler, C:\AdwCleaner\quarantine\files\mgqwixuryohmaivtxcjutcwkhzsnannc\set.exe, , [7355c6f9435792a4da7fcf7156aa916f],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\sma.exe, , [3494803f207aec4a2c7d25fe48b9a957],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smci32.dll, , [c503dfe0e4b62a0c0ad9bc67629fe61a],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smci64.dll, , [b018b609584281b5f5ee33f0f70a847c],
PUP.Optional.SearchModule, C:\AdwCleaner\quarantine\files\qodosgoyjfzrbudfvmkogzvytcnlhtza\GNUpdate\smu.exe, , [814777481f7bcf673aa9d350f809da26],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\BrowserairExec.exe, , [1dabaa15346603333359b784f908de22],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\chrome_elf.dll, , [3c8c19a6d0cace68ddaf58e3ef12a15f],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\chrome_watcher.dll, , [5c6c3b841e7c5ed8d6b669d2d22f5ba5],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\delegate_execute.exe, , [b711a817bae08bab692378c3976ad030],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\metro_driver.dll, , [5177fac51981f73f4349fa41e21f837d],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\nacl64.exe, , [75534b74f3a7c670ace0e754788942be],
PUP.Optional.Goobzo, C:\AdwCleaner\quarantine\files\xwxrhczdpkrntliphxhgjwweqgjkczih\Application\48.0.0.0\Installer\setup.exe, , [1eaa16a9fb9f47ef80ca1dbc60a014ec],
PUP.Optional.Linkury, C:\AdwCleaner\quarantine\files\ysmfrnbgyvhojnusipfiaarftfbsvmrp\Nettrans.exe, , [d7f12c9324769c9a17968125f21115eb],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#9 Příspěvek od ohmoni »

Tak vše jsem smazala a musím říct, že mi teď nic nevyskakuje. Zatím se nic nového neobjevilo :)))
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#10 Příspěvek od Márty84 »

To jsem rad, ale melo by se to docistit :-)

:arrow: MBAM odinstalujte.

:arrow: Dejte nove logy z FRST
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#11 Příspěvek od ohmoni »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Monika Ohrazdová (administrator) on NOTEBOOK (13-11-2016 20:31:53)
Running from C:\Users\Monika Ohrazdová\Desktop
Loaded Profiles: Monika Ohrazdová (Available Profiles: Monika Ohrazdová)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(forum.viry.cz) C:\Users\Monika Ohrazdová\Desktop\FRST-OlderVersion\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-12-11] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-07] (Spotify Ltd)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-07-09] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181488 2016-08-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159352 2016-08-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-08-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8F899242-BE22-4CF7-900A-BD4C3A77ACE8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-08-16] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-08]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-25] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-25] (NVIDIA Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56376 2016-08-25] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204936 2014-02-12] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-07] (Synaptics Incorporated)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
S3 dbx; system32\DRIVERS\dbx.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-13 20:31 - 2016-11-13 20:34 - 00023838 _____ C:\Users\Monika Ohrazdová\Desktop\FRST.txt
2016-11-13 20:31 - 2016-11-13 20:31 - 00000000 ____D C:\Users\Monika Ohrazdová\Desktop\FRST-OlderVersion
2016-11-13 17:41 - 2016-11-13 17:41 - 02181745 _____ C:\Users\Monika Ohrazdová\Desktop\BENVGPL4_Pillars of Planning_Lecture 1_.pdf
2016-11-12 12:28 - 2016-11-12 12:30 - 302406101 _____ C:\Users\Monika Ohrazdová\Downloads\B1_Land uses Folder.zip
2016-11-11 15:06 - 2016-11-11 15:06 - 00010827 _____ C:\Users\Monika Ohrazdová\Desktop\malware.txt
2016-11-11 09:32 - 2016-11-11 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 23:25 - 2016-11-10 23:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-10 23:24 - 2016-11-10 23:24 - 22851472 _____ (Malwarebytes ) C:\Users\Monika Ohrazdová\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-10 13:18 - 2016-11-10 13:27 - 00000000 ____D C:\FRST
2016-11-10 13:13 - 2016-11-13 20:31 - 02411520 _____ (Farbar) C:\Users\Monika Ohrazdová\Desktop\FRST64.exe
2016-11-10 13:11 - 2016-11-13 14:39 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz
2016-11-10 13:11 - 2016-11-10 13:11 - 00001216 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo.lnk
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-11-10 13:10 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-11-10 13:09 - 2016-11-10 13:10 - 11413488 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo7_0_4-en.exe
2016-11-09 23:55 - 2016-11-09 23:55 - 03910208 _____ C:\Users\Monika Ohrazdová\Desktop\adwcleaner.exe
2016-11-09 22:37 - 2016-10-27 18:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 22:36 - 2016-11-02 14:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 22:36 - 2016-11-02 14:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 22:36 - 2016-10-27 18:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 22:36 - 2016-10-27 18:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 22:36 - 2016-10-27 18:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 22:36 - 2016-10-27 18:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 22:36 - 2016-10-27 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 22:36 - 2016-10-27 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 22:36 - 2016-10-27 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 22:36 - 2016-10-27 17:57 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 22:36 - 2016-10-27 17:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 22:36 - 2016-10-27 17:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 22:36 - 2016-10-27 17:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 22:36 - 2016-10-27 17:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 22:36 - 2016-10-27 17:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 22:36 - 2016-10-27 17:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 22:36 - 2016-10-27 16:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 22:36 - 2016-10-27 15:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 22:36 - 2016-10-25 14:11 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 22:36 - 2016-10-22 17:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 22:36 - 2016-10-22 17:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 22:36 - 2016-10-22 17:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 22:36 - 2016-10-22 17:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 22:36 - 2016-10-22 16:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 22:36 - 2016-10-22 16:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 22:36 - 2016-10-22 16:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 22:36 - 2016-10-22 16:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 22:36 - 2016-10-22 16:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 22:36 - 2016-10-22 16:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 22:36 - 2016-10-22 16:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 22:36 - 2016-10-22 16:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 22:36 - 2016-10-22 16:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 22:36 - 2016-10-12 08:01 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 22:36 - 2016-10-11 20:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 20:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 18:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 22:36 - 2016-10-11 17:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 22:36 - 2016-10-11 16:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 22:36 - 2016-10-09 22:59 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 22:36 - 2016-10-08 23:12 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 22:36 - 2016-10-08 22:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 22:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 22:36 - 2016-10-08 22:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-09 22:36 - 2016-10-08 22:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 22:02 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 22:36 - 2016-10-08 21:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 21:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 22:36 - 2016-10-04 20:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 22:36 - 2016-10-04 20:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 22:36 - 2016-09-09 22:52 - 00921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-11-09 22:36 - 2016-09-09 22:14 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-09 22:36 - 2016-09-09 14:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 22:36 - 2016-09-09 14:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 14:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 13:38 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 22:36 - 2016-09-03 18:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 18:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-09 22:36 - 2016-09-03 17:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 17:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-09 22:36 - 2016-09-03 16:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-09 22:36 - 2016-09-03 16:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-09 22:36 - 2016-09-03 15:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-09 22:36 - 2016-09-02 14:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-09 22:36 - 2016-09-02 14:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-09 22:36 - 2016-09-01 14:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-09 22:36 - 2016-08-30 14:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-09 22:36 - 2016-08-30 02:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-09 22:36 - 2016-08-22 13:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 20:50 - 2016-11-09 20:50 - 00000000 ____D C:\Users\Monika Ohrazdová\Downloads\dcache
2016-11-08 15:34 - 2016-11-08 15:34 - 00103230 _____ C:\Users\Monika Ohrazdová\Downloads\BPPV_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:34 - 2016-11-08 15:34 - 00079715 _____ C:\Users\Monika Ohrazdová\Downloads\BPPO_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:30 - 2016-11-08 15:30 - 00534833 _____ C:\Users\Monika Ohrazdová\Downloads\BPTX_2009_2__0_273798_0_88441.pdf
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-06 16:18 - 2016-11-13 14:35 - 00000000 ___RD C:\Users\Monika Ohrazdová\Dropbox
2016-11-06 16:12 - 2016-11-06 16:12 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Dropbox
2016-11-06 16:11 - 2016-11-13 14:34 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-06 16:11 - 2016-11-13 14:21 - 00000946 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-06 16:11 - 2016-11-11 09:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-06 16:11 - 2016-11-10 23:16 - 00003918 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-06 16:11 - 2016-11-10 23:16 - 00003682 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-06 16:11 - 2016-11-06 16:15 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Dropbox
2016-11-06 16:11 - 2016-11-06 16:11 - 00000000 ____D C:\ProgramData\Dropbox
2016-11-02 12:19 - 2016-11-02 12:19 - 01979960 _____ C:\Users\Monika Ohrazdová\Downloads\MIPAD M1 Lecture 2 - Defining megaprojects - problems with boundaries - The case of CTRL - Part 1 - 17.10.16.pptx
2016-11-02 12:06 - 2016-11-02 12:06 - 124781526 _____ C:\Users\Monika Ohrazdová\Downloads\group B3.rar
2016-11-02 09:47 - 2016-11-13 14:34 - 00000000 ___RD C:\Users\Monika Ohrazdová\iCloudDrive
2016-11-02 09:47 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-02 09:47 - 2016-11-02 15:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\E85CE604-2864-445A-B366-0D620FBA4753.aplzod
2016-11-02 09:47 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Inc
2016-11-02 08:56 - 2016-11-13 09:51 - 00003442 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2016-11-01 10:52 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-31 21:26 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-31 21:25 - 2016-11-08 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-10-31 21:25 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\iPod
2016-10-31 21:14 - 2016-11-02 14:31 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Computer
2016-10-31 21:14 - 2016-11-02 09:48 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Apple Computer
2016-10-31 21:13 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-31 21:12 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-10-31 21:12 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple
2016-10-31 21:12 - 2016-10-31 21:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files\Bonjour
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-31 21:11 - 2016-11-08 01:35 - 00000000 ____D C:\ProgramData\Apple
2016-10-27 22:26 - 2016-11-10 13:29 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 41.lnk
2016-10-25 22:47 - 2016-10-25 22:47 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\SketchUp
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\ProgramData\Reprise
2016-10-25 09:20 - 2016-10-25 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\ProgramData\SketchUp
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\Program Files\SketchUp
2016-10-25 01:50 - 2016-11-10 13:29 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1477360204
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝\AppData\Local\Adobe
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝
2016-10-22 21:25 - 2016-10-22 21:35 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1477171548
2016-10-22 21:25 - 2016-10-22 21:35 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-22 21:25 - 2016-10-22 21:25 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-22 21:24 - 2016-11-09 17:34 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-22 21:24 - 2016-10-22 21:23 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-22 21:23 - 2016-10-22 21:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 21:23 - 2016-10-22 21:23 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-22 21:23 - 2016-10-22 21:23 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-22 21:22 - 2016-10-22 21:25 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-22 20:48 - 2016-10-22 20:52 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-22 20:26 - 2012-07-15 15:48 - 00030720 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapoas.sys
2016-10-22 19:54 - 2016-10-25 01:40 - 00000000 ____D C:\Windows\Minidump
2016-10-22 19:51 - 2016-11-10 00:16 - 00000000 ____D C:\AdwCleaner
2016-10-21 13:21 - 2016-10-21 13:29 - 00000000 ____D C:\e039bd920337f86489
2016-10-21 13:18 - 2016-10-21 13:18 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashRpt
2016-10-21 13:13 - 2016-10-21 13:13 - 07214592 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 00018432 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 00140288 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\system32\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Program Files (x86)\Gruheph_
2016-10-21 13:10 - 2016-11-13 14:31 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Tools
2016-10-21 13:10 - 2016-10-21 13:10 - 00000000 _____ C:\TOSTACK
2016-10-21 13:08 - 2016-10-21 13:08 - 00002560 _____ C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe
2016-10-20 22:53 - 2016-10-21 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-19 20:08 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\PDF Writer
2016-10-19 20:08 - 2016-10-19 20:08 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:06 - 00000000 ____D C:\ProgramData\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Common Files\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Bullzip
2016-10-19 20:04 - 2014-11-19 19:25 - 00228352 _____ (Bullzip) C:\Windows\SysWOW64\bzFlRdr.dll
2016-10-19 20:04 - 2013-09-01 10:59 - 01103872 _____ C:\Windows\SysWOW64\CBLCtlsU.ocx
2016-10-19 20:04 - 2013-07-13 10:15 - 00805376 _____ C:\Windows\SysWOW64\EditCtlsU.ocx
2016-10-19 20:04 - 2013-07-12 20:57 - 00539648 _____ C:\Windows\SysWOW64\LblCtlsU.ocx
2016-10-19 20:04 - 2013-04-05 11:55 - 00476160 _____ C:\Windows\SysWOW64\TabStripCtlU.ocx
2016-10-19 20:04 - 2013-03-28 21:13 - 00645632 _____ C:\Windows\SysWOW64\BtnCtlsU.ocx
2016-10-19 20:04 - 2013-03-03 12:37 - 01061888 _____ C:\Windows\SysWOW64\ExLvwU.ocx
2016-10-19 20:04 - 2008-07-09 19:25 - 00103424 _____ (Bullzip) C:\Windows\SysWOW64\bzDCT.dll
2016-10-19 20:04 - 1999-05-12 22:00 - 01064456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2016-10-19 18:12 - 2016-10-19 18:57 - 795528986 _____ C:\Users\Monika Ohrazdová\Downloads\Palo.Alto.2013.m720p.BDRip.x264.AAC.CZ.titulky.mkv
2016-10-19 16:25 - 2016-10-19 16:25 - 00000000 ____D C:\Program Files\VideoLAN
2016-10-14 10:44 - 2016-11-12 12:16 - 00003756 _____ C:\Windows\System32\Tasks\AutoKMS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-13 20:35 - 2016-09-18 16:00 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1997252335-2128944848-2870876807-1001
2016-11-13 14:34 - 2016-09-29 20:03 - 00000000 ___RD C:\Users\Monika Ohrazdová\OneDrive
2016-11-13 14:33 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 13:58 - 2016-10-11 20:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-13 12:16 - 2016-09-18 18:04 - 00000000 ____D C:\Windows\AutoKMS
2016-11-13 10:07 - 2016-09-18 15:57 - 00004014 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC5F0145-F148-4B2F-B940-26B38BCA66AD}
2016-11-13 00:18 - 2016-10-11 20:33 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-12 12:07 - 2016-09-18 15:59 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-11 13:30 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Packages
2016-11-10 15:28 - 2016-09-25 20:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-10 14:43 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-10 13:26 - 2016-09-27 23:52 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashDumps
2016-11-10 13:08 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2016-11-10 13:04 - 2013-08-22 14:44 - 05296672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 12:57 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2016-11-10 12:54 - 2016-09-26 10:16 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 12:54 - 2016-09-26 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 21:01 - 2016-10-06 12:13 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-09 15:12 - 2016-09-18 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Spotify
2016-11-09 15:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\NDF
2016-11-09 12:33 - 2016-09-18 21:22 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify
2016-11-08 17:49 - 2013-09-30 04:20 - 01661872 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-08 17:49 - 2013-09-30 03:57 - 00706544 _____ C:\Windows\system32\perfh005.dat
2016-11-08 17:49 - 2013-09-30 03:57 - 00144366 _____ C:\Windows\system32\perfc005.dat
2016-11-08 15:58 - 2016-10-11 20:33 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-08 15:58 - 2016-10-11 20:33 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 09:51 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová
2016-11-08 01:42 - 2016-09-28 13:09 - 00000000 ____D C:\ProgramData\Autodesk
2016-11-08 01:42 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-11-08 01:39 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-08 01:37 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\registration
2016-11-08 01:33 - 2016-09-25 20:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-07 16:52 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-07 15:24 - 2016-10-05 22:03 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-04 12:46 - 2013-08-22 13:25 - 00000167 _____ C:\Windows\win.ini
2016-11-04 12:06 - 2016-10-05 22:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 09:48 - 2016-09-25 21:25 - 00000000 ____D C:\Users\Monika Ohrazdová\Documents\Outlook Files
2016-10-31 19:56 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-28 21:04 - 2016-10-06 09:19 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-28 21:04 - 2016-10-06 09:19 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 02:01 - 2016-10-05 22:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 02:00 - 2016-10-05 22:14 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Google
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Opera Software
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Opera Software
2016-10-24 22:04 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-24 12:16 - 2016-10-10 13:46 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\ElevatedDiagnostics
2016-10-22 20:42 - 2013-08-22 15:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-10-22 20:08 - 2016-09-18 15:54 - 00001003 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-22 19:54 - 2016-09-25 21:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 13:19 - 2016-09-25 21:40 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Mozilla
2016-10-21 10:28 - 2016-09-28 13:17 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Autodesk
2016-10-18 14:33 - 2016-09-18 16:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\vlc
2016-10-16 11:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:32 - 2016-10-05 23:54 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-14 10:32 - 2016-10-05 23:52 - 00000000 ___SD C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2016-09-25 20:07 - 2016-10-12 17:21 - 0000034 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\AdobeWLCMCache.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 7214592 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 0140288 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 0018432 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-11 07:26 - 2016-10-11 07:26 - 0000207 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\NOTEBOOK.MTBF.txt
2016-10-11 07:27 - 2016-10-11 09:22 - 0000967 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\__AvidCloudManager.log
2016-10-11 07:28 - 2016-10-11 08:52 - 0005120 _____ () C:\Users\Monika Ohrazdová\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-25 19:31 - 2016-09-25 19:31 - 0000017 _____ () C:\Users\Monika Ohrazdová\AppData\Local\resmon.resmoncfg
2016-10-21 13:08 - 2016-10-21 13:08 - 0002560 _____ () C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#12 Příspěvek od ohmoni »

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Monika Ohrazdov \Desktop" je 43 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Monika Ohrazdová (administrator) on NOTEBOOK (13-11-2016 21:29:18)
Running from C:\Users\Monika Ohrazdová\Desktop
Loaded Profiles: Monika Ohrazdová (Available Profiles: Monika Ohrazdová)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(forum.viry.cz) C:\Users\Monika Ohrazdová\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-12-11] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-07] (Spotify Ltd)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1084688 2016-07-09] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181488 2016-08-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159352 2016-08-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-08-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8F899242-BE22-4CF7-900A-BD4C3A77ACE8}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-08-16] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-08]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-27] (Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-25] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-25] (NVIDIA Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56376 2016-08-25] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204936 2014-02-12] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-07] (Synaptics Incorporated)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (HP)
S3 dbx; system32\DRIVERS\dbx.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-13 21:29 - 2016-11-13 21:30 - 00023692 _____ C:\Users\Monika Ohrazdová\Desktop\FRST.txt
2016-11-13 21:28 - 2016-11-13 21:28 - 00112640 _____ (forum.viry.cz) C:\Users\Monika Ohrazdová\Desktop\FRSTLauncher.exe
2016-11-13 20:36 - 2016-11-13 20:36 - 00057414 _____ C:\Users\Monika Ohrazdová\Desktop\FRST3.txt
2016-11-13 20:31 - 2016-11-13 20:31 - 00000000 ____D C:\Users\Monika Ohrazdová\Desktop\FRST-OlderVersion
2016-11-13 17:41 - 2016-11-13 17:41 - 02181745 _____ C:\Users\Monika Ohrazdová\Desktop\BENVGPL4_Pillars of Planning_Lecture 1_.pdf
2016-11-12 12:28 - 2016-11-12 12:30 - 302406101 _____ C:\Users\Monika Ohrazdová\Downloads\B1_Land uses Folder.zip
2016-11-11 15:06 - 2016-11-11 15:06 - 00010827 _____ C:\Users\Monika Ohrazdová\Desktop\malware.txt
2016-11-11 09:32 - 2016-11-11 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-10 23:25 - 2016-11-10 23:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-10 23:24 - 2016-11-10 23:24 - 22851472 _____ (Malwarebytes ) C:\Users\Monika Ohrazdová\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-10 13:18 - 2016-11-13 21:29 - 00000000 ____D C:\FRST
2016-11-10 13:13 - 2016-11-13 20:31 - 02411520 _____ (Farbar) C:\Users\Monika Ohrazdová\Desktop\FRST64.exe
2016-11-10 13:11 - 2016-11-13 14:39 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz
2016-11-10 13:11 - 2016-11-10 13:11 - 00001216 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo.lnk
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-11-10 13:11 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-11-10 13:10 - 2016-11-10 13:11 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-11-10 13:09 - 2016-11-10 13:10 - 11413488 _____ C:\Users\Monika Ohrazdová\Desktop\CrystalDiskInfo7_0_4-en.exe
2016-11-09 23:55 - 2016-11-09 23:55 - 03910208 _____ C:\Users\Monika Ohrazdová\Desktop\adwcleaner.exe
2016-11-09 22:37 - 2016-10-27 18:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 22:36 - 2016-11-02 20:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 22:36 - 2016-11-02 14:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 22:36 - 2016-11-02 14:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 22:36 - 2016-10-27 18:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 22:36 - 2016-10-27 18:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 22:36 - 2016-10-27 18:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 22:36 - 2016-10-27 18:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 22:36 - 2016-10-27 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 22:36 - 2016-10-27 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 22:36 - 2016-10-27 18:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 22:36 - 2016-10-27 17:57 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 22:36 - 2016-10-27 17:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 22:36 - 2016-10-27 17:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 22:36 - 2016-10-27 17:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 22:36 - 2016-10-27 17:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 22:36 - 2016-10-27 17:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 22:36 - 2016-10-27 17:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 22:36 - 2016-10-27 17:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 22:36 - 2016-10-27 16:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 22:36 - 2016-10-27 15:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 22:36 - 2016-10-25 14:11 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 22:36 - 2016-10-22 17:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 22:36 - 2016-10-22 17:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 22:36 - 2016-10-22 17:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 22:36 - 2016-10-22 17:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 22:36 - 2016-10-22 16:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 22:36 - 2016-10-22 16:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 22:36 - 2016-10-22 16:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 22:36 - 2016-10-22 16:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 22:36 - 2016-10-22 16:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 22:36 - 2016-10-22 16:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 22:36 - 2016-10-22 16:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 22:36 - 2016-10-22 16:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 22:36 - 2016-10-22 16:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 22:36 - 2016-10-22 16:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 22:36 - 2016-10-22 16:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 22:36 - 2016-10-13 19:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 22:36 - 2016-10-12 08:01 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 22:36 - 2016-10-11 20:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 20:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 22:36 - 2016-10-11 18:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 22:36 - 2016-10-11 17:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 22:36 - 2016-10-11 16:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 22:36 - 2016-10-10 21:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 22:36 - 2016-10-09 22:59 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 22:36 - 2016-10-08 23:12 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 22:36 - 2016-10-08 22:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 22:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 22:36 - 2016-10-08 22:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-09 22:36 - 2016-10-08 22:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 22:02 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 22:36 - 2016-10-08 21:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 22:36 - 2016-10-08 21:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 22:36 - 2016-10-08 01:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 22:36 - 2016-10-04 20:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 22:36 - 2016-10-04 20:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 22:36 - 2016-10-04 20:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 22:36 - 2016-09-09 22:52 - 00921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-11-09 22:36 - 2016-09-09 22:14 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-09 22:36 - 2016-09-09 14:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-09 22:36 - 2016-09-09 14:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 22:36 - 2016-09-09 14:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 14:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-09 22:36 - 2016-09-09 13:38 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 22:36 - 2016-09-03 18:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 18:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-09 22:36 - 2016-09-03 17:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-09 22:36 - 2016-09-03 17:18 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2016-11-09 22:36 - 2016-09-03 16:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-09 22:36 - 2016-09-03 16:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-09 22:36 - 2016-09-03 15:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-09 22:36 - 2016-09-02 14:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-09 22:36 - 2016-09-02 14:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-09 22:36 - 2016-09-01 14:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-09 22:36 - 2016-09-01 14:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-09 22:36 - 2016-08-30 14:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-09 22:36 - 2016-08-30 02:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-09 22:36 - 2016-08-30 02:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-09 22:36 - 2016-08-30 02:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-09 22:36 - 2016-08-22 13:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-09 20:50 - 2016-11-09 20:50 - 00000000 ____D C:\Users\Monika Ohrazdová\Downloads\dcache
2016-11-08 15:34 - 2016-11-08 15:34 - 00103230 _____ C:\Users\Monika Ohrazdová\Downloads\BPPV_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:34 - 2016-11-08 15:34 - 00079715 _____ C:\Users\Monika Ohrazdová\Downloads\BPPO_2009_2_11280_0_273798_0_88441.pdf
2016-11-08 15:30 - 2016-11-08 15:30 - 00534833 _____ C:\Users\Monika Ohrazdová\Downloads\BPTX_2009_2__0_273798_0_88441.pdf
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 22:49 - 2016-11-07 22:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-06 16:18 - 2016-11-13 14:35 - 00000000 ___RD C:\Users\Monika Ohrazdová\Dropbox
2016-11-06 16:12 - 2016-11-06 16:12 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Dropbox
2016-11-06 16:11 - 2016-11-13 14:34 - 00000942 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-06 16:11 - 2016-11-13 14:21 - 00000946 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-06 16:11 - 2016-11-11 09:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-06 16:11 - 2016-11-10 23:16 - 00003918 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-06 16:11 - 2016-11-10 23:16 - 00003682 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-06 16:11 - 2016-11-06 16:15 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Dropbox
2016-11-06 16:11 - 2016-11-06 16:11 - 00000000 ____D C:\ProgramData\Dropbox
2016-11-02 12:19 - 2016-11-02 12:19 - 01979960 _____ C:\Users\Monika Ohrazdová\Downloads\MIPAD M1 Lecture 2 - Defining megaprojects - problems with boundaries - The case of CTRL - Part 1 - 17.10.16.pptx
2016-11-02 12:06 - 2016-11-02 12:06 - 124781526 _____ C:\Users\Monika Ohrazdová\Downloads\group B3.rar
2016-11-02 09:47 - 2016-11-13 14:34 - 00000000 ___RD C:\Users\Monika Ohrazdová\iCloudDrive
2016-11-02 09:47 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-02 09:47 - 2016-11-02 15:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\E85CE604-2864-445A-B366-0D620FBA4753.aplzod
2016-11-02 09:47 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Inc
2016-11-02 08:56 - 2016-11-13 09:51 - 00003442 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2016-11-01 10:52 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-31 21:26 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-31 21:25 - 2016-11-08 01:44 - 00000000 ____D C:\Program Files\iTunes
2016-10-31 21:25 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\iPod
2016-10-31 21:14 - 2016-11-02 14:31 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple Computer
2016-10-31 21:14 - 2016-11-02 09:48 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Apple Computer
2016-10-31 21:13 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-10-31 21:12 - 2016-11-08 01:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-31 21:12 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-10-31 21:12 - 2016-11-02 09:47 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Apple
2016-10-31 21:12 - 2016-10-31 21:12 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files\Bonjour
2016-10-31 21:11 - 2016-11-08 01:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-31 21:11 - 2016-11-08 01:35 - 00000000 ____D C:\ProgramData\Apple
2016-10-27 22:26 - 2016-11-10 13:29 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 41.lnk
2016-10-25 22:47 - 2016-10-25 22:47 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\SketchUp
2016-10-25 09:24 - 2016-10-25 09:24 - 00000000 ____D C:\ProgramData\Reprise
2016-10-25 09:20 - 2016-10-25 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\ProgramData\SketchUp
2016-10-25 09:19 - 2016-10-25 09:19 - 00000000 ____D C:\Program Files\SketchUp
2016-10-25 01:50 - 2016-11-10 13:29 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1477360204
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝\AppData\Local\Adobe
2016-10-24 12:32 - 2016-10-24 12:32 - 00000000 ____D C:\Users\Monika Ohrazdovďż˝
2016-10-22 21:25 - 2016-10-22 21:35 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1477171548
2016-10-22 21:25 - 2016-10-22 21:35 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-22 21:25 - 2016-10-22 21:25 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-22 21:24 - 2016-11-09 17:34 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-10-22 21:24 - 2016-11-08 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\AVAST Software
2016-10-22 21:24 - 2016-10-22 21:24 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-22 21:24 - 2016-10-22 21:23 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-22 21:24 - 2016-10-22 21:23 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-22 21:23 - 2016-10-22 21:25 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 21:23 - 2016-10-22 21:23 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-22 21:23 - 2016-10-22 21:23 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-22 21:22 - 2016-10-22 21:25 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-22 20:48 - 2016-10-22 20:52 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-22 20:26 - 2012-07-15 15:48 - 00030720 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapoas.sys
2016-10-22 19:54 - 2016-10-25 01:40 - 00000000 ____D C:\Windows\Minidump
2016-10-22 19:51 - 2016-11-10 00:16 - 00000000 ____D C:\AdwCleaner
2016-10-21 13:21 - 2016-10-21 13:29 - 00000000 ____D C:\e039bd920337f86489
2016-10-21 13:18 - 2016-10-21 13:18 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashRpt
2016-10-21 13:13 - 2016-10-21 13:13 - 07214592 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 00018432 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 00140288 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\SysWOW64\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Windows\system32\sstmp
2016-10-21 13:11 - 2016-10-21 13:11 - 00000000 ____D C:\Program Files (x86)\Gruheph_
2016-10-21 13:10 - 2016-11-13 14:31 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Tools
2016-10-21 13:10 - 2016-10-21 13:10 - 00000000 _____ C:\TOSTACK
2016-10-21 13:08 - 2016-10-21 13:08 - 00002560 _____ C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe
2016-10-20 22:53 - 2016-10-21 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-19 20:08 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\PDF Writer
2016-10-19 20:08 - 2016-10-19 20:08 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:06 - 00000000 ____D C:\ProgramData\PDF Writer
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Common Files\Bullzip
2016-10-19 20:04 - 2016-10-19 20:04 - 00000000 ____D C:\Program Files\Bullzip
2016-10-19 20:04 - 2014-11-19 19:25 - 00228352 _____ (Bullzip) C:\Windows\SysWOW64\bzFlRdr.dll
2016-10-19 20:04 - 2013-09-01 10:59 - 01103872 _____ C:\Windows\SysWOW64\CBLCtlsU.ocx
2016-10-19 20:04 - 2013-07-13 10:15 - 00805376 _____ C:\Windows\SysWOW64\EditCtlsU.ocx
2016-10-19 20:04 - 2013-07-12 20:57 - 00539648 _____ C:\Windows\SysWOW64\LblCtlsU.ocx
2016-10-19 20:04 - 2013-04-05 11:55 - 00476160 _____ C:\Windows\SysWOW64\TabStripCtlU.ocx
2016-10-19 20:04 - 2013-03-28 21:13 - 00645632 _____ C:\Windows\SysWOW64\BtnCtlsU.ocx
2016-10-19 20:04 - 2013-03-03 12:37 - 01061888 _____ C:\Windows\SysWOW64\ExLvwU.ocx
2016-10-19 20:04 - 2008-07-09 19:25 - 00103424 _____ (Bullzip) C:\Windows\SysWOW64\bzDCT.dll
2016-10-19 20:04 - 1999-05-12 22:00 - 01064456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2016-10-19 18:12 - 2016-10-19 18:57 - 795528986 _____ C:\Users\Monika Ohrazdová\Downloads\Palo.Alto.2013.m720p.BDRip.x264.AAC.CZ.titulky.mkv
2016-10-19 16:25 - 2016-10-19 16:25 - 00000000 ____D C:\Program Files\VideoLAN
2016-10-14 10:44 - 2016-11-12 12:16 - 00003756 _____ C:\Windows\System32\Tasks\AutoKMS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-13 21:30 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Packages
2016-11-13 20:40 - 2016-09-18 16:00 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1997252335-2128944848-2870876807-1001
2016-11-13 14:34 - 2016-09-29 20:03 - 00000000 ___RD C:\Users\Monika Ohrazdová\OneDrive
2016-11-13 14:33 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 13:58 - 2016-10-11 20:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-13 12:16 - 2016-09-18 18:04 - 00000000 ____D C:\Windows\AutoKMS
2016-11-13 10:07 - 2016-09-18 15:57 - 00004014 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC5F0145-F148-4B2F-B940-26B38BCA66AD}
2016-11-13 00:18 - 2016-10-11 20:33 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-12 12:07 - 2016-09-18 15:59 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-10 15:28 - 2016-09-25 20:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-10 14:43 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-10 13:26 - 2016-09-27 23:52 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\CrashDumps
2016-11-10 13:08 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Inf
2016-11-10 13:04 - 2013-08-22 14:44 - 05296672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-10 12:57 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2016-11-10 12:54 - 2016-09-26 10:16 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-10 12:54 - 2016-09-26 10:16 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 21:01 - 2016-10-06 12:13 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-11-09 15:12 - 2016-09-18 21:24 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Spotify
2016-11-09 15:10 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\NDF
2016-11-09 12:33 - 2016-09-18 21:22 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify
2016-11-08 17:49 - 2013-09-30 04:20 - 01661872 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-08 17:49 - 2013-09-30 03:57 - 00706544 _____ C:\Windows\system32\perfh005.dat
2016-11-08 17:49 - 2013-09-30 03:57 - 00144366 _____ C:\Windows\system32\perfc005.dat
2016-11-08 15:58 - 2016-10-11 20:33 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-08 15:58 - 2016-10-11 20:33 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 15:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 09:51 - 2016-09-18 15:54 - 00000000 ____D C:\Users\Monika Ohrazdová
2016-11-08 01:42 - 2016-09-28 13:09 - 00000000 ____D C:\ProgramData\Autodesk
2016-11-08 01:42 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-11-08 01:39 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-08 01:37 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\registration
2016-11-08 01:33 - 2016-09-25 20:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-07 16:52 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-07 15:24 - 2016-10-05 22:03 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-04 12:46 - 2013-08-22 13:25 - 00000167 _____ C:\Windows\win.ini
2016-11-04 12:06 - 2016-10-05 22:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 09:48 - 2016-09-25 21:25 - 00000000 ____D C:\Users\Monika Ohrazdová\Documents\Outlook Files
2016-10-31 19:56 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-28 21:04 - 2016-10-06 09:19 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-28 21:04 - 2016-10-06 09:19 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 22:47 - 2016-09-18 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-25 02:01 - 2016-10-05 22:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 02:00 - 2016-10-05 22:14 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Google
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Opera Software
2016-10-25 01:35 - 2016-09-18 16:00 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Opera Software
2016-10-24 22:04 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-24 12:16 - 2016-10-10 13:46 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\ElevatedDiagnostics
2016-10-22 20:42 - 2013-08-22 15:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-10-22 20:08 - 2016-09-18 15:54 - 00001003 _____ C:\Users\Monika Ohrazdová\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-22 19:54 - 2016-09-25 21:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 13:19 - 2016-09-25 21:40 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\Mozilla
2016-10-21 10:28 - 2016-09-28 13:17 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Local\Autodesk
2016-10-18 14:33 - 2016-09-18 16:05 - 00000000 ____D C:\Users\Monika Ohrazdová\AppData\Roaming\vlc
2016-10-16 11:42 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:32 - 2016-10-05 23:54 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-14 10:32 - 2016-10-05 23:52 - 00000000 ___SD C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2016-09-25 20:07 - 2016-10-12 17:21 - 0000034 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\AdobeWLCMCache.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 7214592 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\agent.dat
2016-10-21 13:11 - 2016-10-21 13:11 - 0140288 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Installer.dat
2016-10-21 13:13 - 2016-10-21 13:13 - 0018432 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\Main.dat
2016-10-11 07:26 - 2016-10-11 07:26 - 0000207 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\NOTEBOOK.MTBF.txt
2016-10-11 07:27 - 2016-10-11 09:22 - 0000967 _____ () C:\Users\Monika Ohrazdová\AppData\Roaming\__AvidCloudManager.log
2016-10-11 07:28 - 2016-10-11 08:52 - 0005120 _____ () C:\Users\Monika Ohrazdová\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-25 19:31 - 2016-09-25 19:31 - 0000017 _____ () C:\Users\Monika Ohrazdová\AppData\Local\resmon.resmoncfg
2016-10-21 13:08 - 2016-10-21 13:08 - 0002560 _____ () C:\Users\Monika Ohrazdová\AppData\Local\uninstallro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Monika Ohrazdov \Desktop" je 43 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#13 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-07] (Spotify Ltd)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Policies\Explorer: []
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2016-11-10 23:24 - 2016-11-10 23:24 - 22851472 _____ (Malwarebytes ) C:\Users\Monika Ohrazdová\Desktop\mbam-setup-2.2.1.1043.exe

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
ohmoni
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 10 lis 2016 01:06

Re: Vyskakování reklam, nefunkční antvir

#14 Příspěvek od ohmoni »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Monika Ohrazdová (15-11-2016 11:54:46) Run:1
Running from C:\Users\Monika Ohrazdová\Desktop
Loaded Profiles: Monika Ohrazdová (Available Profiles: Monika Ohrazdová)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika Ohrazdová\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-07] (Spotify Ltd)
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Monika Ohrazdová\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\...\Policies\Explorer: []
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2016-11-10 23:24 - 2016-11-10 23:24 - 22851472 _____ (Malwarebytes ) C:\Users\Monika Ohrazdová\Desktop\mbam-setup-2.2.1.1043.exe

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value removed successfully
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found.
C:\Windows\system32\GroupPolicy\User => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1997252335-2128944848-2870876807-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
MBAMSwissArmy => Unable to stop service.
MBAMSwissArmy => service removed successfully
C:\Users\Monika Ohrazdová\Desktop\mbam-setup-2.2.1.1043.exe => moved successfully
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16284926 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 22406835 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 504344596 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 66445 B
NetworkService => 0 B
Monika Ohrazdová => 291795495 B

RecycleBin => 2408518 B
EmptyTemp: => 806.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:56:30 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Vyskakování reklam, nefunkční antvir

#15 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“