VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Lokalizované vírusy

https://forum.viry.cz:443/viewtopic.php?t=152349

Stránka 1 z 2

Lokalizované vírusy

Napsal: 16 čer 2017 18:57
od jakub1234222
Dobrý deň.

Chcel by som Vás požiadať o pomoc.
Vopred Vás, ale chcem varovať, že má berte ako amatéra a neznalého v tomto svete.
Takže aj o strpenie prosím :D.

Dúfam, že to píšem do správnej sekcie. Ak nie tak sa Vám vopred ospravedlňujem.
A teraz k veci.

Videl som, že riešite problémy pomocou nejakých výpisov z logou.
A tu vzniká moja prvá otázka. Stiahol som si platený scanner "WiperSoft",
ktorý mi virúsy síce našiel, lenže vymazanie si vyžaduje platenú registráciu.
Nepochybujem, že o tom programe ste určite už počuli a poznáte ho lepšie než ja.

Preto sa pýtam či sa nejak nedá z toho spraviť výpis lokácii daných virusov nájdených
v danom scannery a jednoduchým spôsobom začať odstraňovať?

Videl som už na tejto stránke aj návod na ručne odstraňovanie, lenže bez rád
by som sa nechcel do ničoho púšťať, a tak sa by som potreboval "nasmerovávať"
a presmerovať má na tie správne "cesty"

Vopred ďakujem.

Re: Lokalizované vírusy

Napsal: 16 čer 2017 19:52
od Rudy
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Lokalizované vírusy

Napsal: 16 čer 2017 20:24
od jakub1234222
Ok mám to posielam nižšie:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by Zuzana (administrator) on ZUZANA-PC (16-06-2017 21:17:51)
Running from C:\Users\Zuzana\Desktop
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Razer Inc.) D:\Razer Cortex\RzKLService.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(© 2015 Microsoft Corporation) C:\Users\Zuzana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
Failed to access process -> metin2client.bin
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Akamai Technologies, Inc.) C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(forum.viry.cz) C:\Users\Zuzana\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1736704 2009-12-24] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [133627792 2017-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => D:\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-04-14] (Check Point Software Technologies Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [BingSvc] => C:\Users\Zuzana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [UXMmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Zuzana\AppData\Local\Ection\krjcyjsl.dll <===== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [RandomMouseClicker] => C:\Users\Zuzana\AppData\Roaming\Random Mouse Clicker\RandomMouseClicker.exe [70824 2017-03-25] (MurGee.com)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {1610ee0f-288b-11e6-a619-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813981-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-04-16]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{971cec70-40b5-43ab-bc2d-a3d517d22fc4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9b975b26-1a3c-4e8e-b865-d389505137be}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {80733003-3383-4917-ABD7-74851716E952} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3609AB91-3CA2-44D7-BD43-F5ED88E333A0}&mid=93f43bd0f91047cd8aad99127fa88762-f724f7d7058e5f369c0ec174fa68ea91b5d5e40b&lang=sk&ds=AVG&coid=avgtbavg&cmpid=1116tb&pr=fr&d=2015-03-10 11:59:03&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-16] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-10-07] (Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-16] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-18] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-10-07] (Intel Security)
Toolbar: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: qbsn0dh5.default
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\qbsn0dh5.default\Profiles\qbsn0dh5.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default [2017-06-16]
FF NewTab: Mozilla\Firefox\Profiles\qbsn0dh5.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Avast SafePrice) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\sp@avast.com.xpi [2017-06-14]
FF Extension: (Avast Online Security) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\wrc@avast.com.xpi [2017-06-14]
FF Extension: (Adblock Plus) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-14]
FF Extension: (MONOGRAM AMR Splitter) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{D7A6D34E-6F49-9829-BB70-5B2C8E33E272} [2017-04-12] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-06-14]
FF SearchPlugin: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\searchplugins\google-avast.xml [2017-06-14]
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Firefox\Firefox\Profiles\qbsn0dh5.default [2017-06-14]
FF SearchEngineOrder.3: Firefox\Firefox\Profiles\qbsn0dh5.default -> Bing
FF Keyword.URL: Firefox\Firefox\Profiles\qbsn0dh5.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Zuzana\AppData\Roaming\Firefox\Firefox\Profiles\qbsn0dh5.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-05-24] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Zuzana\AppData\Roaming\Firefox\Firefox\Profiles\qbsn0dh5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-11]
FF Extension: (Seznam lištička) - C:\Users\Zuzana\AppData\Roaming\Firefox\Firefox\Profiles\qbsn0dh5.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-06-11]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (No Name) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-03-10] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ourluckysites.xml [2017-05-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-02-22]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-04-06] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> msn.com
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.com/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/index.php? ... earchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> mystarting123
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-16] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-03]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-03]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-03]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-03]
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-04-03]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (AdBlock) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-16]
CHR Extension: (Skype) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-06-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-03]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-16]
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-05-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Peňaženka Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-16]
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-05-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Peňaženka Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-06-20] ()
S4 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S3 fussvc; D:\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-05-22] (Microsoft Corporation) [File not signed]
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S4 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
S4 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3425416 2010-03-23] (INCA Internet Co., Ltd.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-10-11] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [202040 2015-10-31] ()
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-04-19] (Razer Inc)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
R2 RzKLService; D:\Razer Cortex\RzKLService.exe [252176 2017-04-28] (Razer Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 Te.Service; D:\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S4 TeamViewer; D:\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [987048 2016-09-30] (McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-09-30] (McAfee, Inc.)
S4 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-09-30] (McAfee, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-04-14] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-04-14] (Check Point Software Technologies Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-25] (Disc Soft Ltd)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-02-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-16] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [871408 2010-09-30] (Duplex Secure Ltd.)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2017-04-13] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 hczxsorb; \??\C:\WINDOWS\system32\drivers\hczxsorb.sys [X]
S1 hsqbsivj; \??\C:\WINDOWS\system32\drivers\hsqbsivj.sys [X]
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
S1 qiirgyep; \??\C:\WINDOWS\system32\drivers\qiirgyep.sys [X]
S1 rkvmxbap; \??\C:\WINDOWS\system32\drivers\rkvmxbap.sys [X]
U2 snare; no ImagePath
S1 wezlxbpq; \??\C:\WINDOWS\system32\drivers\wezlxbpq.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-16 21:17 - 2017-06-16 21:19 - 00035626 _____ C:\Users\Zuzana\Desktop\FRST.txt
2017-06-16 21:16 - 2017-06-16 21:17 - 00000000 ____D C:\FRST
2017-06-16 21:16 - 2017-06-16 21:16 - 00112640 _____ (forum.viry.cz) C:\Users\Zuzana\Desktop\FRSTLauncher.exe
2017-06-16 21:10 - 2017-06-16 21:10 - 02438656 _____ (Farbar) C:\Users\Zuzana\Desktop\FRST64.exe
2017-06-16 17:08 - 2017-06-16 18:25 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\WiperSoft
2017-06-16 17:08 - 2017-06-16 17:08 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-06-16 17:08 - 2017-06-16 17:08 - 00000813 _____ C:\Users\Zuzana\Desktop\WiperSoft.lnk
2017-06-16 17:08 - 2017-06-16 17:08 - 00000000 ____D C:\Program Files\WiperSoft
2017-06-16 17:01 - 2017-06-16 17:01 - 01979944 _____ (WiperSoft) C:\Users\Zuzana\Downloads\WiperSoft-installer.exe
2017-06-15 19:00 - 2017-06-15 19:00 - 00000000 ____D C:\Users\Zuzana\Desktop\Alex
2017-06-15 16:13 - 2017-06-15 16:13 - 00000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2017-06-15 15:43 - 2017-06-15 15:46 - 00441296 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2017-06-15 15:42 - 2017-06-15 15:42 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2017-06-15 15:42 - 2017-06-15 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2017-06-15 15:42 - 2017-06-15 15:42 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2017-06-15 15:41 - 2017-06-15 15:41 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-15 15:41 - 2017-06-15 15:41 - 00000000 ____D C:\ProgramData\CheckPoint
2017-06-14 22:06 - 2017-06-14 22:06 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 17:07 - 2017-06-14 18:00 - 05984464 _____ (Check Point Software Technologies Ltd.) C:\Users\Zuzana\Downloads\zafwSetupWeb_151_504_17269.exe
2017-06-14 16:42 - 2017-06-14 16:42 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-14 16:41 - 2017-06-14 16:41 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-14 16:41 - 2017-06-14 16:41 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-14 16:40 - 2017-06-16 16:49 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-14 16:40 - 2017-06-14 16:40 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-14 16:40 - 2017-06-14 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-14 16:40 - 2017-06-14 16:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-14 16:40 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-14 16:39 - 2017-06-14 16:39 - 64232976 _____ (Malwarebytes ) C:\Users\Zuzana\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-14 11:20 - 2017-06-14 15:53 - 00001555 _____ C:\Users\Zuzana\Desktop\firefox – odkaz.lnk
2017-06-14 09:56 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 09:56 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 09:56 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 09:56 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 09:56 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 09:56 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 09:56 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 09:56 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 09:56 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 09:56 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 09:56 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 09:56 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 09:56 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 09:56 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 09:56 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 09:56 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 09:56 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 09:56 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 09:56 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 09:56 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 09:56 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 09:56 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 09:56 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 09:56 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 09:56 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 09:56 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 09:56 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 09:56 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 09:56 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 09:56 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 09:56 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 09:56 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 09:56 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 09:56 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 09:56 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 09:56 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 09:56 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 09:56 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 09:56 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 09:56 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 09:56 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 09:56 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 09:56 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 09:56 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 09:56 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 09:56 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 09:56 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 09:55 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 09:55 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 09:55 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 09:55 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 09:55 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 09:55 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 09:55 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 09:55 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 09:55 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 09:55 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 09:55 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 09:55 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 09:55 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 09:55 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 09:55 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 09:55 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 09:55 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 09:55 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 09:55 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 09:55 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 09:55 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 09:55 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 09:55 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 09:55 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 09:55 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 09:55 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 09:55 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 09:55 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 09:55 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 09:55 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 09:55 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 09:55 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 09:55 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 09:55 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 09:55 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 09:55 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 09:55 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 09:55 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 09:55 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 09:55 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 09:55 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 09:55 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 09:55 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 09:55 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 09:55 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 09:55 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 09:55 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 09:55 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 09:55 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 09:55 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 09:55 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 09:55 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 09:55 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 09:55 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 09:55 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 09:55 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 09:55 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 09:55 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 09:55 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 09:55 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-13 20:45 - 2017-06-13 20:45 - 00000000 ____D C:\WINDOWS\pss
2017-06-13 20:30 - 2016-10-08 08:56 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2017-06-13 20:29 - 2017-06-13 20:30 - 00000000 ____D C:\Program Files (x86)\Razer
2017-06-13 20:29 - 2017-06-13 20:29 - 00000687 _____ C:\Users\Zuzana\Desktop\Razer Cortex.lnk
2017-06-13 20:29 - 2017-06-13 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-06-13 20:26 - 2017-06-13 20:27 - 160951800 _____ (Razer Inc. ) C:\Users\Zuzana\Downloads\RazerCortexSetup_8.1.7.463.exe
2017-06-12 16:00 - 2017-06-12 16:00 - 06754944 _____ (ESET spol. s r.o.) C:\Users\Zuzana\Downloads\esetonlinescanner_enu.exe
2017-06-12 15:50 - 2017-06-12 15:50 - 00000000 ____D C:\Program Files (x86)\GUM7D8E.tmp
2017-06-12 15:43 - 2017-06-12 15:44 - 01130328 _____ (Google Inc.) C:\Users\Zuzana\Downloads\ChromeSetup.exe
2017-06-12 15:36 - 2017-06-12 15:36 - 00260724 _____ C:\cc_20170612_153602 (navrat 2).reg
2017-06-11 12:38 - 2017-06-11 12:38 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-08 19:07 - 2017-06-08 19:07 - 00001294 _____ C:\Users\Zuzana\Desktop\Launcher – odkaz.lnk
2017-06-08 12:27 - 2017-06-08 12:32 - 00000000 ____D C:\Users\Zuzana\AppData\Local\FreeReign
2017-06-08 12:27 - 2017-06-08 12:27 - 00000000 ____D C:\Users\Zuzana\Documents\FreeReign
2017-06-03 12:33 - 2017-06-03 12:33 - 00345680 _____ (MurGee.com ) C:\Users\Zuzana\Downloads\setup.exe
2017-06-03 12:33 - 2017-06-03 12:33 - 00001156 _____ C:\Users\Zuzana\Desktop\Random Mouse Clicker.lnk
2017-06-03 12:33 - 2017-06-03 12:33 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Random Mouse Clicker
2017-06-03 12:33 - 2017-06-03 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Random Mouse Clicker
2017-06-03 12:29 - 2017-06-03 12:29 - 00000633 _____ C:\Users\Public\Desktop\ReMouse Micro.lnk
2017-06-03 12:29 - 2017-06-03 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
2017-06-03 12:28 - 2017-06-03 12:29 - 00996192 _____ (AutomaticSolution Software ) C:\Users\Zuzana\Downloads\ReMouseMicro-Setup.exe
2017-06-01 13:39 - 2017-06-12 15:48 - 00000000 ____D C:\Users\Zuzana\AppData\Local\glory
2017-06-01 13:37 - 2017-06-01 13:37 - 00000000 ____D C:\Program Files (x86)\{5FFA5FA0-680F-4CAE-A3F5-3F6C5394088D}
2017-06-01 10:01 - 2017-06-01 10:01 - 00000000 ____D C:\Users\Public\Documents\chrome
2017-05-27 13:37 - 2017-05-27 13:37 - 00000000 ____D C:\Program Files (x86)\{D8A8AF45-45C1-40FF-ABD8-1A76AC4E629F}
2017-05-25 20:05 - 2017-05-25 20:05 - 00000000 ____D C:\Users\Zuzana\AppData\LocalLow\U-Play online
2017-05-25 19:57 - 2017-05-25 19:57 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-05-25 19:53 - 2017-05-25 19:53 - 00000000 ____D C:\Users\Zuzana\Documents\U-Play online
2017-05-25 18:15 - 2017-05-25 18:15 - 00000630 _____ C:\Users\Zuzana\Desktop\Youtubers Life.lnk
2017-05-25 11:51 - 2017-06-14 17:21 - 00000000 ____D C:\Users\Zuzana\AppData\Local\background_fault
2017-05-24 11:39 - 2017-06-14 17:52 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-05-21 15:09 - 2017-06-03 12:29 - 00000000 ____D C:\Users\Zuzana\Documents\AutomaticSolution Software
2017-05-19 14:22 - 2017-05-19 14:22 - 00003708 _____ C:\WINDOWS\System32\Tasks\DivXUpdate
2017-05-19 14:20 - 2017-05-19 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-05-19 14:07 - 2017-05-19 14:07 - 00000000 ____D C:\Users\Zuzana\AppData\Local\AVAST Software
2017-05-18 18:51 - 2017-05-18 18:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-05-18 18:51 - 2017-05-18 18:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-05-18 18:37 - 2017-05-19 07:27 - 00000000 ____D C:\Program Files (x86)\{A8A21A63-F187-4F9F-8458-6B6E350032F8}
2017-05-18 13:37 - 2017-05-19 07:27 - 00000000 ____D C:\Program Files (x86)\{34E62A34-3D22-4002-ACE1-AE6A0085677D}
2017-05-17 10:49 - 2017-05-24 11:37 - 00000000 _____ C:\WINDOWS\SysWOW64\1111
2017-05-17 10:49 - 2017-05-17 10:49 - 00000000 ____D C:\Program Files (x86)\Default Company Name

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-16 19:30 - 2016-09-19 19:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-16 19:03 - 2016-10-31 10:59 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Akamai
2017-06-16 16:13 - 2017-03-17 17:01 - 00000000 ____D C:\Users\Zuzana\AppData\LocalLow\Mozilla
2017-06-16 14:09 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 14:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 14:01 - 2016-09-19 19:06 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-16 13:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 21:47 - 2016-10-16 19:23 - 00004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86DBA17E-8F69-46B2-BE50-6DD413D2A89D}
2017-06-15 16:19 - 2017-01-15 21:36 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-06-15 15:54 - 2016-10-02 08:51 - 00734174 _____ C:\WINDOWS\system32\perfh01B.dat
2017-06-15 15:54 - 2016-10-02 08:51 - 00220106 _____ C:\WINDOWS\system32\perfc01B.dat
2017-06-15 15:54 - 2016-09-19 19:09 - 02405494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-15 15:46 - 2016-09-19 19:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-15 15:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-15 15:36 - 2016-09-19 19:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:09 - 2016-09-19 19:03 - 00458632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 22:08 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-14 22:08 - 2015-03-10 16:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 22:08 - 2015-03-10 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 21:55 - 2017-05-16 13:38 - 00000000 ____D C:\Program Files (x86)\MIO
2017-06-14 21:55 - 2017-04-13 12:01 - 00000000 ____D C:\Users\Zuzana\AppData\Local\SNARE
2017-06-14 17:54 - 2017-04-15 19:01 - 00002300 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-14 17:52 - 2017-04-07 08:39 - 00000000 ____D C:\Users\Zuzana\AppData\Local\AMD
2017-06-14 17:19 - 2017-03-28 13:54 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Elex-tech
2017-06-14 17:14 - 2015-09-17 15:34 - 00000000 ____D C:\Users\Zuzana\Desktop\skola
2017-06-14 16:31 - 2015-11-24 08:25 - 00000000 ____D C:\Users\Zuzana\AppData\Local\CrashDumps
2017-06-14 15:53 - 2017-03-17 16:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-14 11:24 - 2015-06-24 17:07 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Razer
2017-06-14 10:33 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 10:17 - 2015-03-10 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 10:07 - 2015-03-10 16:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 10:07 - 2010-07-31 15:47 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 08:40 - 2017-03-28 13:52 - 00000023 _____ C:\Users\Public\Documents\temp.dat
2017-06-13 20:54 - 2015-05-31 19:26 - 00000000 ____D C:\Users\Zuzana\AppData\Local\NVIDIA Corporation
2017-06-13 20:42 - 2016-04-03 12:25 - 00000199 _____ C:\Users\Zuzana\Desktop\Counter-Strike Global Offensive.url
2017-06-13 20:35 - 2015-05-31 19:25 - 00000000 ____D C:\Users\Zuzana\AppData\Local\NVIDIA
2017-06-13 20:34 - 2016-09-19 19:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-13 20:33 - 2016-09-19 19:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-13 20:33 - 2015-05-31 19:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-13 20:31 - 2015-06-24 17:02 - 00000000 ____D C:\ProgramData\Razer
2017-06-13 19:34 - 2017-03-28 13:52 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-06-12 15:40 - 2017-03-25 13:36 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\DAEMON Tools Lite
2017-06-12 15:40 - 2010-08-15 13:23 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\TeamViewer
2017-06-12 15:39 - 2016-09-21 14:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-11 13:51 - 2010-10-27 15:19 - 00000000 ____D C:\Users\Zuzana\AppData\Local\ElevatedDiagnostics
2017-06-10 22:39 - 2016-09-19 19:10 - 00000000 ____D C:\Users\Zuzana
2017-06-10 22:16 - 2017-05-16 13:38 - 00000000 ____D C:\ProgramData\BIT
2017-06-10 15:10 - 2015-03-20 19:24 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\vlc
2017-06-10 11:40 - 2010-07-29 12:11 - 00000000 ____D C:\ProgramData\Skype
2017-06-10 11:39 - 2015-03-15 11:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-06 20:21 - 2010-07-29 12:11 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Skype
2017-06-04 08:27 - 2010-04-16 06:28 - 00003096 _____ C:\WINDOWS\system32\AutoRunFilter.ini
2017-06-03 21:29 - 2015-03-20 19:23 - 00000533 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 14:34 - 2017-05-16 13:37 - 00000000 ____D C:\Program Files\MK
2017-05-31 15:42 - 2017-05-13 15:41 - 00004044 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1494682877
2017-05-31 15:42 - 2017-05-13 15:41 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-29 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-27 15:33 - 2015-05-23 12:50 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-23 08:24 - 2017-03-28 13:49 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-05-19 16:06 - 2010-09-13 13:11 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\DivX
2017-05-19 14:57 - 2010-09-13 13:06 - 00000000 ____D C:\ProgramData\DivX
2017-05-19 14:22 - 2010-09-13 13:07 - 00000000 ____D C:\Program Files (x86)\DivX
2017-05-19 14:21 - 2010-09-13 13:10 - 00000000 ____D C:\Program Files\DivX
2017-05-19 13:21 - 2017-03-28 13:54 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2017-05-18 19:05 - 2015-05-22 18:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-18 19:05 - 2015-05-22 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-18 19:05 - 2015-05-22 18:12 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-05-18 18:51 - 2010-07-25 10:27 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Adobe
2017-05-18 18:51 - 2010-04-16 05:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-05-18 18:50 - 2010-08-20 17:13 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Adobe

==================== Files in the root of some directories =======

2016-06-14 17:16 - 2016-06-16 16:02 - 0000098 _____ () C:\Users\Zuzana\AppData\Roaming\LauncherSettings_live.cfg
2016-06-14 17:03 - 2016-06-14 17:03 - 0010309 _____ () C:\Users\Zuzana\AppData\Roaming\TheHunterSettings_live.bin
2016-06-14 14:38 - 2016-06-14 17:32 - 0000039 _____ () C:\Users\Zuzana\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-05-26 15:47 - 2016-05-26 16:04 - 0004608 _____ () C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 22:58 - 2015-05-01 22:58 - 0000000 ___SH () C:\Users\Zuzana\AppData\Local\LumaEmu
2015-06-09 18:10 - 2015-06-09 18:10 - 0000017 _____ () C:\Users\Zuzana\AppData\Local\resmon.resmoncfg
2010-04-16 06:10 - 2009-12-24 14:38 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-04-16 05:53 - 2010-04-16 05:54 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-04-16 05:53 - 2010-04-16 05:53 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zuzana\Desktop" je 5061 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Lokalizované vírusy

Napsal: 16 čer 2017 20:55
od Rudy
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Lokalizované vírusy

Napsal: 16 čer 2017 21:22
od jakub1234222
(len popisujem čo sa dialo) Po vyčistení adwcleanerom sa reštartoval PC a po spustení
nabehol tento log kopirujem--->:
# AdwCleaner v6.047 - *Logfile created 16/06/2017 *at 22:14:47
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-16.2 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Zuzana - ZUZANA-PC
# *Running from : C:\Users\Zuzana\Desktop\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\ProgramData\Avg_Update_0215tb
[-] *Folder deleted: C:\ProgramData\{ef843aab-748b-853a-ef84-43aab748eaad}
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\3DM
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\background_fault
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\Footjane
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\snare
[-] *Folder deleted: C:\Users\Zuzana\AppData\Roaming\Elex-tech
[-] *Folder deleted: C:\Users\Zuzana\AppData\Roaming\WiperSoft
[-] *Folder deleted: C:\Program Files\WiperSoft
[-] *Folder deleted: C:\ProgramData\AVG Security Toolbar
[-] *Folder deleted: C:\ProgramData\Partner
[-] *Folder deleted: C:\Program Files (x86)\Elex-tech
[-] *Folder deleted: C:\Program Files (x86)\deskapp
[-] *Folder deleted: C:\Program Files (x86)\Default Company Name
[-] *Folder deleted: C:\Program Files (x86)\Firefox
[-] *Folder deleted: C:\Users\Zuzana\AppData\Roaming\Firefox
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\Firefox
[-] *Folder deleted: C:\UPDATE\PSGO
[#] *Folder deleted on reboot: C:\Users\Zuzana\AppData\Local\SNARE
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\Kitty
[-] *Folder deleted: C:\ProgramData\BIT
[#] *Folder deleted on reboot: C:\Users\Zuzana\AppData\Local\background_fault
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\clean
[-] *Folder deleted: C:\Program Files (x86)\MK
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\glory
[#] *Folder deleted on reboot: C:\Users\Zuzana\AppData\Local\..\Roaming\Firefox\Firefox\naweriweentcofise
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] *Folder deleted: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ *Files ] *****

[-] *File deleted: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] *File deleted: C:\Users\Public\Documents\temp.dat
[-] *File deleted: C:\Users\Public\Documents\report.dat
[-] *File deleted: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\invalidprefs.js
[-] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ourluckysites.xml
[#] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ourluckysites.xml
[#] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] *File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ourluckysites.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\FirefoxU
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\glory
[#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\glory
[#] *Key deleted on reboot: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\snare
[#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\snare
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] *Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] *Key deleted: HKU\.DEFAULT\Software\ompndb
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Softonic
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\WinSnare
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\WiperSoft
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\deskapp
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Yeshat
[#] *Key deleted on reboot: HKU\S-1-5-18\Software\ompndb
[#] *Key deleted on reboot: HKCU\Software\Softonic
[#] *Key deleted on reboot: HKCU\Software\WinSnare
[#] *Key deleted on reboot: HKCU\Software\WiperSoft
[#] *Key deleted on reboot: HKCU\Software\deskapp
[#] *Key deleted on reboot: HKCU\Software\Yeshat
[-] *Key deleted: HKLM\SOFTWARE\Elex-tech
[-] *Key deleted: HKLM\SOFTWARE\SNDA
[-] *Key deleted: HKLM\SOFTWARE\ompndb
[-] *Key deleted: HKLM\SOFTWARE\ecb`nl
[-] *Key deleted: HKLM\SOFTWARE\msServer
[-] *Key deleted: HKLM\SOFTWARE\ourluckysitesSoftware
[-] *Key deleted: HKLM\SOFTWARE\Footjane
[-] *Key deleted: HKLM\SOFTWARE\Yeshat
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C652C0A-EC71-4797-8077-F67649177AB0}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{51639FCA-678F-4D71-8044-E16E3D49187F}
[#] *Key deleted on reboot: [x64] HKCU\Software\Softonic
[#] *Key deleted on reboot: [x64] HKCU\Software\WinSnare
[#] *Key deleted on reboot: [x64] HKCU\Software\WiperSoft
[#] *Key deleted on reboot: [x64] HKCU\Software\deskapp
[#] *Key deleted on reboot: [x64] HKCU\Software\Yeshat
[-] *Key deleted: [x64] HKLM\SOFTWARE\ompndb
[-] *Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] *Key deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] *Value deleted: HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [background_fault]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] *Key deleted: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [3DM]
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
[-] *Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] *Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ *Browsers ] *****

[-] *Firefox preferences cleaned: "browser.search.searchengine.hp" - "hxxp://www.youndoo.com/?z=a6848876d1a95df134e1 ... 8J&type=hp"
[-] *Firefox preferences cleaned: "browser.search.searchengine.iconURL" - "hxxp://www.luckysearch123.com/favicon.ico?t=1"
[-] *Firefox preferences cleaned: "browser.search.searchengine.sp" - "hxxp://www.youndoo.com/search/?from=dam&q={sea ... fzbg9b8z7c"
[-] *Firefox preferences cleaned: "browser.search.searchengine.url" - "hxxp://www.luckysearch123.com/search.php?type= ... earchTerms}"
[-] [C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] *Deleted: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] *Deleted: ourluckysites
[-] [C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] *Deleted: mystarting123
[-] [C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [extension] *Deleted: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] *Deleted: hxxp://www.ourluckysites.com/?type=hp&ts=14950 ... XX5VJ4828J


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10310 *Bytes] - [16/06/2017 22:14:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [10003 *Bytes] - [16/06/2017 22:06:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10460 *Bytes] ##########

Re: Lokalizované vírusy

Napsal: 17 čer 2017 10:20
od Rudy
Dejte nový log FRST.

Re: Lokalizované vírusy

Napsal: 17 čer 2017 11:06
od jakub1234222
Nový log :) a taktiež addition (ten je v prílohe) :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by Zuzana (administrator) on ZUZANA-PC (17-06-2017 12:01:48)
Running from C:\Users\Zuzana\Desktop
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) D:\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(© 2015 Microsoft Corporation) C:\Users\Zuzana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Akamai Technologies, Inc.) C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Failed to access process -> FRST64.exe
(forum.viry.cz) C:\Users\Zuzana\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1736704 2009-12-24] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [133627792 2017-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => D:\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-04-14] (Check Point Software Technologies Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [BingSvc] => C:\Users\Zuzana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [UXMmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Zuzana\AppData\Local\Ection\krjcyjsl.dll <===== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [RandomMouseClicker] => C:\Users\Zuzana\AppData\Roaming\Random Mouse Clicker\RandomMouseClicker.exe [70824 2017-03-25] (MurGee.com)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {1610ee0f-288b-11e6-a619-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813981-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-04-16]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{971cec70-40b5-43ab-bc2d-a3d517d22fc4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9b975b26-1a3c-4e8e-b865-d389505137be}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {80733003-3383-4917-ABD7-74851716E952} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-16] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-10-07] (Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-16] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-18] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-10-07] (Intel Security)
DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> hxxp://www.google.com

FireFox:
========
FF DefaultProfile: qbsn0dh5.default
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default [2017-06-16]
FF NewTab: Mozilla\Firefox\Profiles\qbsn0dh5.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF Extension: (Avast SafePrice) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\sp@avast.com.xpi [2017-06-14]
FF Extension: (Avast Online Security) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\wrc@avast.com.xpi [2017-06-14]
FF Extension: (Adblock Plus) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-14]
FF Extension: (MONOGRAM AMR Splitter) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{D7A6D34E-6F49-9829-BB70-5B2C8E33E272} [2017-04-12] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-06-14]
FF SearchPlugin: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\searchplugins\google-avast.xml [2017-06-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (No Name) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-03-10] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-04-06] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.com/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/index.php? ... earchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> mystarting123
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-17] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-03]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-03]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-03]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-03]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03]
CHR Extension: (AdBlock) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-16]
CHR Extension: (Skype) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-06-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-03]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-06-16]
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Peňaženka Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-16]
CHR Extension: (Prezentácie Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Dokumenty Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Disk Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-05-27]
CHR Extension: (Tabuľky Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Peňaženka Google) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-06-20] ()
S4 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S3 fussvc; D:\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-05-22] (Microsoft Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S4 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
S4 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3425416 2010-03-23] (INCA Internet Co., Ltd.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-10-11] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [202040 2015-10-31] ()
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-04-19] (Razer Inc)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
R2 RzKLService; D:\Razer Cortex\RzKLService.exe [252176 2017-04-28] (Razer Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 Te.Service; D:\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S4 TeamViewer; D:\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S4 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [987048 2016-09-30] (McAfee, Inc.)
S4 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-09-30] (McAfee, Inc.)
S4 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-09-30] (McAfee, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-04-14] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-04-14] (Check Point Software Technologies Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-25] (Disc Soft Ltd)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-02-16] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [15416 2009-07-20] ( )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [871408 2010-09-30] (Duplex Secure Ltd.)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2017-04-13] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 hczxsorb; \??\C:\WINDOWS\system32\drivers\hczxsorb.sys [X]
S1 hsqbsivj; \??\C:\WINDOWS\system32\drivers\hsqbsivj.sys [X]
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
S1 qiirgyep; \??\C:\WINDOWS\system32\drivers\qiirgyep.sys [X]
S1 rkvmxbap; \??\C:\WINDOWS\system32\drivers\rkvmxbap.sys [X]
U2 snare; no ImagePath
S1 wezlxbpq; \??\C:\WINDOWS\system32\drivers\wezlxbpq.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-17 12:01 - 2017-06-17 12:02 - 00031972 _____ C:\Users\Zuzana\Desktop\FRST.txt
2017-06-17 12:01 - 2017-06-17 12:01 - 00112640 _____ (forum.viry.cz) C:\Users\Zuzana\Desktop\FRSTLauncher.exe
2017-06-16 22:19 - 2017-06-16 22:19 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-16 22:03 - 2017-06-16 22:33 - 00000000 ____D C:\AdwCleaner
2017-06-16 22:02 - 2017-06-16 22:03 - 04110280 _____ C:\Users\Zuzana\Desktop\adwcleaner_6.047.exe
2017-06-16 21:16 - 2017-06-16 21:17 - 00000000 ____D C:\FRST
2017-06-16 21:10 - 2017-06-17 11:50 - 02438656 _____ (Farbar) C:\Users\Zuzana\Desktop\FRST64.exe
2017-06-16 17:08 - 2017-06-16 17:08 - 00023032 _____ (Wiper Software) C:\WINDOWS\system32\wiperrm.exe
2017-06-16 17:08 - 2017-06-16 17:08 - 00000813 _____ C:\Users\Zuzana\Desktop\WiperSoft.lnk
2017-06-16 17:01 - 2017-06-16 17:01 - 01979944 _____ (WiperSoft) C:\Users\Zuzana\Downloads\WiperSoft-installer.exe
2017-06-15 19:00 - 2017-06-15 19:00 - 00000000 ____D C:\Users\Zuzana\Desktop\Alex
2017-06-15 16:13 - 2017-06-15 16:13 - 00000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2017-06-15 15:43 - 2017-06-15 15:46 - 00441296 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml
2017-06-15 15:42 - 2017-06-15 15:42 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2017-06-15 15:42 - 2017-06-15 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2017-06-15 15:42 - 2017-06-15 15:42 - 00000000 ____D C:\Program Files (x86)\CheckPoint
2017-06-15 15:41 - 2017-06-15 15:41 - 00000000 ____D C:\ProgramData\CheckPoint
2017-06-14 22:06 - 2017-06-14 22:06 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 17:07 - 2017-06-14 18:00 - 05984464 _____ (Check Point Software Technologies Ltd.) C:\Users\Zuzana\Downloads\zafwSetupWeb_151_504_17269.exe
2017-06-14 16:42 - 2017-06-14 16:42 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-14 16:41 - 2017-06-14 16:41 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-14 16:41 - 2017-06-14 16:41 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-14 16:40 - 2017-06-16 16:49 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-14 16:40 - 2017-06-14 16:40 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-14 16:40 - 2017-06-14 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-14 16:40 - 2017-06-14 16:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-14 16:40 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-14 16:39 - 2017-06-14 16:39 - 64232976 _____ (Malwarebytes ) C:\Users\Zuzana\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-14 11:20 - 2017-06-14 15:53 - 00001555 _____ C:\Users\Zuzana\Desktop\firefox – odkaz.lnk
2017-06-14 09:56 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 09:56 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 09:56 - 2017-06-03 12:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 09:56 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 09:56 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 09:56 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 09:56 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 09:56 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 09:56 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 09:56 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 09:56 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 09:56 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 09:56 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 09:56 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 09:56 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 09:56 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 09:56 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 09:56 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 09:56 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 09:56 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 09:56 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 09:56 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 09:56 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 09:56 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 09:56 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 09:56 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 09:56 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 09:56 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 09:56 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 09:56 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 09:56 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 09:56 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 09:56 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 09:56 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 09:56 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 09:56 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 09:56 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 09:56 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 09:56 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 09:56 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 09:56 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 09:56 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 09:56 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 09:56 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 09:56 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 09:56 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 09:56 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 09:56 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 09:55 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 09:55 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 09:55 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 09:55 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 09:55 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 09:55 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 09:55 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 09:55 - 2017-06-03 12:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 09:55 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 09:55 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 09:55 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 09:55 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 09:55 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 09:55 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 09:55 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 09:55 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 09:55 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 09:55 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 09:55 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 09:55 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 09:55 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 09:55 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 09:55 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 09:55 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 09:55 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 09:55 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 09:55 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 09:55 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 09:55 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 09:55 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 09:55 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 09:55 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 09:55 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 09:55 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 09:55 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 09:55 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 09:55 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 09:55 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 09:55 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 09:55 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 09:55 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 09:55 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 09:55 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 09:55 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 09:55 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 09:55 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 09:55 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 09:55 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 09:55 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 09:55 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 09:55 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 09:55 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 09:55 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 09:55 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 09:55 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 09:55 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 09:55 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 09:55 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 09:55 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 09:55 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 09:55 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 09:55 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 09:55 - 2017-06-03 08:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 09:55 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 09:55 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 09:55 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 09:55 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-13 20:45 - 2017-06-13 20:45 - 00000000 ____D C:\WINDOWS\pss
2017-06-13 20:30 - 2016-10-08 08:56 - 00137840 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2017-06-13 20:29 - 2017-06-13 20:30 - 00000000 ____D C:\Program Files (x86)\Razer
2017-06-13 20:29 - 2017-06-13 20:29 - 00000687 _____ C:\Users\Zuzana\Desktop\Razer Cortex.lnk
2017-06-13 20:29 - 2017-06-13 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-06-13 20:26 - 2017-06-13 20:27 - 160951800 _____ (Razer Inc. ) C:\Users\Zuzana\Downloads\RazerCortexSetup_8.1.7.463.exe
2017-06-12 16:00 - 2017-06-12 16:00 - 06754944 _____ (ESET spol. s r.o.) C:\Users\Zuzana\Downloads\esetonlinescanner_enu.exe
2017-06-12 15:50 - 2017-06-12 15:50 - 00000000 ____D C:\Program Files (x86)\GUM7D8E.tmp
2017-06-12 15:43 - 2017-06-12 15:44 - 01130328 _____ (Google Inc.) C:\Users\Zuzana\Downloads\ChromeSetup.exe
2017-06-12 15:36 - 2017-06-12 15:36 - 00260724 _____ C:\cc_20170612_153602 (navrat 2).reg
2017-06-11 12:38 - 2017-06-11 12:38 - 00061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-08 19:07 - 2017-06-08 19:07 - 00001294 _____ C:\Users\Zuzana\Desktop\Launcher – odkaz.lnk
2017-06-08 12:27 - 2017-06-08 12:32 - 00000000 ____D C:\Users\Zuzana\AppData\Local\FreeReign
2017-06-08 12:27 - 2017-06-08 12:27 - 00000000 ____D C:\Users\Zuzana\Documents\FreeReign
2017-06-03 12:33 - 2017-06-03 12:33 - 00345680 _____ (MurGee.com ) C:\Users\Zuzana\Downloads\setup.exe
2017-06-03 12:33 - 2017-06-03 12:33 - 00001156 _____ C:\Users\Zuzana\Desktop\Random Mouse Clicker.lnk
2017-06-03 12:33 - 2017-06-03 12:33 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Random Mouse Clicker
2017-06-03 12:33 - 2017-06-03 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Random Mouse Clicker
2017-06-03 12:29 - 2017-06-03 12:29 - 00000633 _____ C:\Users\Public\Desktop\ReMouse Micro.lnk
2017-06-03 12:29 - 2017-06-03 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Micro
2017-06-03 12:28 - 2017-06-03 12:29 - 00996192 _____ (AutomaticSolution Software ) C:\Users\Zuzana\Downloads\ReMouseMicro-Setup.exe
2017-06-01 13:37 - 2017-06-01 13:37 - 00000000 ____D C:\Program Files (x86)\{5FFA5FA0-680F-4CAE-A3F5-3F6C5394088D}
2017-06-01 10:01 - 2017-06-01 10:01 - 00000000 ____D C:\Users\Public\Documents\chrome
2017-05-27 13:37 - 2017-05-27 13:37 - 00000000 ____D C:\Program Files (x86)\{D8A8AF45-45C1-40FF-ABD8-1A76AC4E629F}
2017-05-25 20:05 - 2017-05-25 20:05 - 00000000 ____D C:\Users\Zuzana\AppData\LocalLow\U-Play online
2017-05-25 19:57 - 2017-05-25 19:57 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-05-25 19:53 - 2017-05-25 19:53 - 00000000 ____D C:\Users\Zuzana\Documents\U-Play online
2017-05-25 18:15 - 2017-05-25 18:15 - 00000630 _____ C:\Users\Zuzana\Desktop\Youtubers Life.lnk
2017-05-21 15:09 - 2017-06-03 12:29 - 00000000 ____D C:\Users\Zuzana\Documents\AutomaticSolution Software
2017-05-19 14:22 - 2017-05-19 14:22 - 00003708 _____ C:\WINDOWS\System32\Tasks\DivXUpdate
2017-05-19 14:20 - 2017-05-19 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-05-19 14:07 - 2017-05-19 14:07 - 00000000 ____D C:\Users\Zuzana\AppData\Local\AVAST Software
2017-05-18 18:51 - 2017-05-18 18:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-05-18 18:51 - 2017-05-18 18:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-05-18 18:37 - 2017-05-19 07:27 - 00000000 ____D C:\Program Files (x86)\{A8A21A63-F187-4F9F-8458-6B6E350032F8}
2017-05-18 13:37 - 2017-05-19 07:27 - 00000000 ____D C:\Program Files (x86)\{34E62A34-3D22-4002-ACE1-AE6A0085677D}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-17 11:01 - 2016-10-31 10:59 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Akamai
2017-06-17 08:58 - 2016-09-19 19:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-17 06:59 - 2016-10-16 19:23 - 00004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{86DBA17E-8F69-46B2-BE50-6DD413D2A89D}
2017-06-17 06:57 - 2016-10-02 08:51 - 00763738 _____ C:\WINDOWS\system32\perfh01B.dat
2017-06-17 06:57 - 2016-10-02 08:51 - 00228914 _____ C:\WINDOWS\system32\perfc01B.dat
2017-06-17 06:57 - 2016-09-19 19:09 - 02462770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-17 06:52 - 2016-09-19 19:10 - 00000000 ____D C:\Users\Zuzana
2017-06-17 06:52 - 2016-09-19 19:06 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-17 06:51 - 2016-09-19 19:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-16 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 22:16 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-16 22:14 - 2010-07-25 10:20 - 00000000 ____D C:\WINDOWS\system32\log
2017-06-16 22:13 - 2017-03-30 13:38 - 00000000 ____D C:\Update
2017-06-16 22:11 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 16:13 - 2017-03-17 17:01 - 00000000 ____D C:\Users\Zuzana\AppData\LocalLow\Mozilla
2017-06-16 13:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 16:19 - 2017-01-15 21:36 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-06-15 15:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-15 15:36 - 2016-09-19 19:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:09 - 2016-09-19 19:03 - 00458632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 22:08 - 2015-03-10 16:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 22:08 - 2015-03-10 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 22:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 21:55 - 2017-05-16 13:38 - 00000000 ____D C:\Program Files (x86)\MIO
2017-06-14 17:54 - 2017-04-15 19:01 - 00002300 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-14 17:52 - 2017-04-07 08:39 - 00000000 ____D C:\Users\Zuzana\AppData\Local\AMD
2017-06-14 17:14 - 2015-09-17 15:34 - 00000000 ____D C:\Users\Zuzana\Desktop\skola
2017-06-14 16:31 - 2015-11-24 08:25 - 00000000 ____D C:\Users\Zuzana\AppData\Local\CrashDumps
2017-06-14 15:53 - 2017-03-17 16:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-14 11:24 - 2015-06-24 17:07 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Razer
2017-06-14 10:33 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 10:17 - 2015-03-10 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 10:07 - 2015-03-10 16:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 10:07 - 2010-07-31 15:47 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-13 20:54 - 2015-05-31 19:26 - 00000000 ____D C:\Users\Zuzana\AppData\Local\NVIDIA Corporation
2017-06-13 20:42 - 2016-04-03 12:25 - 00000199 _____ C:\Users\Zuzana\Desktop\Counter-Strike Global Offensive.url
2017-06-13 20:35 - 2015-05-31 19:25 - 00000000 ____D C:\Users\Zuzana\AppData\Local\NVIDIA
2017-06-13 20:34 - 2016-09-19 19:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-13 20:33 - 2016-09-19 19:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-13 20:33 - 2015-05-31 19:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-13 20:31 - 2015-06-24 17:02 - 00000000 ____D C:\ProgramData\Razer
2017-06-12 15:40 - 2017-03-25 13:36 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\DAEMON Tools Lite
2017-06-12 15:40 - 2010-08-15 13:23 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\TeamViewer
2017-06-12 15:39 - 2016-09-21 14:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-11 13:51 - 2010-10-27 15:19 - 00000000 ____D C:\Users\Zuzana\AppData\Local\ElevatedDiagnostics
2017-06-10 15:10 - 2015-03-20 19:24 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\vlc
2017-06-10 11:40 - 2010-07-29 12:11 - 00000000 ____D C:\ProgramData\Skype
2017-06-10 11:39 - 2015-03-15 11:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-06 20:21 - 2010-07-29 12:11 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Skype
2017-06-04 08:27 - 2010-04-16 06:28 - 00003096 _____ C:\WINDOWS\system32\AutoRunFilter.ini
2017-06-03 21:29 - 2015-03-20 19:23 - 00000533 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 14:34 - 2017-05-16 13:37 - 00000000 ____D C:\Program Files\MK
2017-05-31 15:42 - 2017-05-13 15:41 - 00004044 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1494682877
2017-05-31 15:42 - 2017-05-13 15:41 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-29 14:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-27 15:33 - 2015-05-23 12:50 - 00002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-24 11:37 - 2017-05-17 10:49 - 00000000 _____ C:\WINDOWS\SysWOW64\1111
2017-05-23 08:24 - 2017-03-28 13:49 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-05-19 16:06 - 2010-09-13 13:11 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\DivX
2017-05-19 14:57 - 2010-09-13 13:06 - 00000000 ____D C:\ProgramData\DivX
2017-05-19 14:22 - 2010-09-13 13:07 - 00000000 ____D C:\Program Files (x86)\DivX
2017-05-19 14:21 - 2010-09-13 13:10 - 00000000 ____D C:\Program Files\DivX
2017-05-18 19:05 - 2015-05-22 18:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-18 19:05 - 2015-05-22 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-18 19:05 - 2015-05-22 18:12 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-18 18:52 - 2010-08-06 20:23 - 00000000 ____D C:\Program Files (x86)\WinRAR
2017-05-18 18:51 - 2010-07-25 10:27 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Adobe
2017-05-18 18:51 - 2010-04-16 05:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-05-18 18:50 - 2010-08-20 17:13 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Adobe

==================== Files in the root of some directories =======

2016-06-14 17:16 - 2016-06-16 16:02 - 0000098 _____ () C:\Users\Zuzana\AppData\Roaming\LauncherSettings_live.cfg
2016-06-14 17:03 - 2016-06-14 17:03 - 0010309 _____ () C:\Users\Zuzana\AppData\Roaming\TheHunterSettings_live.bin
2016-06-14 14:38 - 2016-06-14 17:32 - 0000039 _____ () C:\Users\Zuzana\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-05-26 15:47 - 2016-05-26 16:04 - 0004608 _____ () C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 22:58 - 2015-05-01 22:58 - 0000000 ___SH () C:\Users\Zuzana\AppData\Local\LumaEmu
2015-06-09 18:10 - 2015-06-09 18:10 - 0000017 _____ () C:\Users\Zuzana\AppData\Local\resmon.resmoncfg
2010-04-16 06:10 - 2009-12-24 14:38 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-04-16 05:53 - 2010-04-16 05:54 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-04-16 05:53 - 2010-04-16 05:53 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zuzana\Desktop" je 5065 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Lokalizované vírusy

Napsal: 17 čer 2017 11:45
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Users\Zuzana\AppData\Local\Akamai
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [UXMmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Zuzana\AppData\Local\Ection\krjcyjsl.dll <===== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {1610ee0f-288b-11e6-a619-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813981-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
hellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-16] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/ind ... g5t4g2m&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> mystarting123
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-17] <==== ATTENTION
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-05-27]
S1 hczxsorb; \??\C:\WINDOWS\system32\drivers\hczxsorb.sys [X]
S1 hsqbsivj; \??\C:\WINDOWS\system32\drivers\hsqbsivj.sys [X]
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
S1 qiirgyep; \??\C:\WINDOWS\system32\drivers\qiirgyep.sys [X]
S1 rkvmxbap; \??\C:\WINDOWS\system32\drivers\rkvmxbap.sys [X]
U2 snare; no ImagePath
S1 wezlxbpq; \??\C:\WINDOWS\system32\drivers\wezlxbpq.sys [X]
U3 wpcsvc; no ImagePath
C:\WINDOWS\SysWOW64\1111
C:\WINDOWS\SysWOW64\1
C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== ATTENTION
WINSNARE (HKLM-x32\...\{56D19032-B59F-4020-994B-15912A49CD96}) (Version: 4.4.6 - WINSNARE) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {18964E71-F235-4EAC-AF7E-251A3ADB3AA6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1E757B34-3EAB-4B31-9A63-4A619D78AABC} - System32\Tasks\{FC6E6D27-85C2-448A-8CC4-E467DEC908D7} => pcalua.exe -a E:\setup.exe -d E:\
Task: {26BC2D17-7B0A-4BEE-B310-421836107863} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38103ABB-B1F7-46BC-8A72-39BCA08240E3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {48F98DFD-D51B-4C23-9061-C411CC7F889C} - System32\Tasks\{DEF6EB1B-89EA-452C-8446-123879FE6670} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {5B7D58DF-5722-4344-B2FE-B92543D4DA18} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\Zuzana\AppData\Local\Temp\Ujg.exe <==== ATTENTION
Task: {5DD85E03-B316-4141-8EF2-4DDD8E1A5067} - System32\Tasks\{83BFC6F9-E05F-4802-8E7C-189A7C057475} => pcalua.exe -a C:\Users\Zuzana\Downloads\autodesklicensinghotfix.exe
Task: {6638D039-A8C1-43F7-95AF-F68A1E0A77F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {79962E5E-9D6F-46A5-BC10-E3556C637125} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {889A9DF0-A894-428E-8CF7-C3E3536D7017} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {951705EC-29DF-491B-B846-1413DADBF80D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BCD5F53-9DC2-4301-AF34-E26BD5DCCF51} - System32\Tasks\{4F90B999-86C4-4A6C-BA2F-252599C7598F} => pcalua.exe -a C:\Windows\DIIUnin.exe -c C:\Windows\DIIUnin.dat
Task: {AEF0FAFF-5811-4F02-8BC7-AB05CB6EB7D9} - \Griespshifight -> No File <==== ATTENTION
Task: {C82E9DDA-3543-46A2-8F18-BCAF10E3D61F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC18DDF4-273F-4BA4-8F2E-08A69CF7F6D8} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E2487904-F234-4BC1-AA36-DA2EF062FC5E} - System32\Tasks\{EC740BE3-18DF-45C0-9EAD-23C775FDD6B2} => pcalua.exe -a "D:\Program Files\Rockstar Games\GTA SA\Uninstall GTA_SA_SK.exe" -d "D:\Program Files\Rockstar Games\GTA SA"

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\Zuzana\Desktop" je 5065 MB.
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Zuzana novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Re: Lokalizované vírusy

Napsal: 17 čer 2017 12:30
od jakub1234222
Na presune tích dát už pracujem. Vďaka za radu :) , nevedel som to.
Kopírujem LOG :
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Zuzana (17-06-2017 13:09:08) Run:1
Running from C:\Users\Zuzana\Desktop
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Zuzana\AppData\Local\Akamai
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zuzana\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\Run: [UXMmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Zuzana\AppData\Local\Ection\krjcyjsl.dll <===== ATTENTION
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {1610ee0f-288b-11e6-a619-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813981-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\...\MountPoints2: {f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} - "F:\HiSuiteDownLoader.exe"
hellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-410513314-2793736357-1887953017-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-16] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-16] (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-16] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-16] (Google Inc.)
DPF: HKLM-x32 {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\qbsn0dh5.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\qbsn0dh5.default -> hxxps://www.google.com/search?bcutc=sp-006
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/ind ... g5t4g2m&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> mystarting123
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-06-17] <==== ATTENTION
CHR Extension: (Bing) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-05-27]
S1 hczxsorb; \??\C:\WINDOWS\system32\drivers\hczxsorb.sys [X]
S1 hsqbsivj; \??\C:\WINDOWS\system32\drivers\hsqbsivj.sys [X]
U3 idsvc; no ImagePath
U3 iswSvc; no ImagePath
S1 qiirgyep; \??\C:\WINDOWS\system32\drivers\qiirgyep.sys [X]
S1 rkvmxbap; \??\C:\WINDOWS\system32\drivers\rkvmxbap.sys [X]
U2 snare; no ImagePath
S1 wezlxbpq; \??\C:\WINDOWS\system32\drivers\wezlxbpq.sys [X]
U3 wpcsvc; no ImagePath
C:\WINDOWS\SysWOW64\1111
C:\WINDOWS\SysWOW64\1
C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== ATTENTION
WINSNARE (HKLM-x32\...\{56D19032-B59F-4020-994B-15912A49CD96}) (Version: 4.4.6 - WINSNARE) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {18964E71-F235-4EAC-AF7E-251A3ADB3AA6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1E757B34-3EAB-4B31-9A63-4A619D78AABC} - System32\Tasks\{FC6E6D27-85C2-448A-8CC4-E467DEC908D7} => pcalua.exe -a E:\setup.exe -d E:\
Task: {26BC2D17-7B0A-4BEE-B310-421836107863} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38103ABB-B1F7-46BC-8A72-39BCA08240E3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {48F98DFD-D51B-4C23-9061-C411CC7F889C} - System32\Tasks\{DEF6EB1B-89EA-452C-8446-123879FE6670} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {5B7D58DF-5722-4344-B2FE-B92543D4DA18} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\Zuzana\AppData\Local\Temp\Ujg.exe <==== ATTENTION
Task: {5DD85E03-B316-4141-8EF2-4DDD8E1A5067} - System32\Tasks\{83BFC6F9-E05F-4802-8E7C-189A7C057475} => pcalua.exe -a C:\Users\Zuzana\Downloads\autodesklicensinghotfix.exe
Task: {6638D039-A8C1-43F7-95AF-F68A1E0A77F3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {79962E5E-9D6F-46A5-BC10-E3556C637125} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {889A9DF0-A894-428E-8CF7-C3E3536D7017} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {951705EC-29DF-491B-B846-1413DADBF80D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9BCD5F53-9DC2-4301-AF34-E26BD5DCCF51} - System32\Tasks\{4F90B999-86C4-4A6C-BA2F-252599C7598F} => pcalua.exe -a C:\Windows\DIIUnin.exe -c C:\Windows\DIIUnin.dat
Task: {AEF0FAFF-5811-4F02-8BC7-AB05CB6EB7D9} - \Griespshifight -> No File <==== ATTENTION
Task: {C82E9DDA-3543-46A2-8F18-BCAF10E3D61F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC18DDF4-273F-4BA4-8F2E-08A69CF7F6D8} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E2487904-F234-4BC1-AA36-DA2EF062FC5E} - System32\Tasks\{EC740BE3-18DF-45C0-9EAD-23C775FDD6B2} => pcalua.exe -a "D:\Program Files\Rockstar Games\GTA SA\Uninstall GTA_SA_SK.exe" -d "D:\Program Files\Rockstar Games\GTA SA"

EmptyTemp:
End
*****************


"C:\Users\Zuzana\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Zuzana\AppData\Local\Akamai" => Scheduled to move on reboot.

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION => restored successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\Software\Microsoft\Windows\CurrentVersion\Run\\UXMmedia => value removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1610ee0f-288b-11e6-a619-1c4bd60c65ca} => key removed successfully
HKLM\Software\Classes\CLSID\{1610ee0f-288b-11e6-a619-1c4bd60c65ca} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd813981-c92e-11e6-bb95-1c4bd6c58a0e} => key removed successfully
HKLM\Software\Classes\CLSID\{dd813981-c92e-11e6-bb95-1c4bd6c58a0e} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} => key removed successfully
HKLM\Software\Classes\CLSID\{dd813a6e-c92e-11e6-bb95-1c4bd6c58a0e} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} => key removed successfully
HKLM\Software\Classes\CLSID\{eb3bf39d-cd6d-11e5-9a3c-1c4bd60c65ca} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} => key removed successfully
HKLM\Software\Classes\CLSID\{f0f6cde7-f68b-11e6-bba0-1c4bd6c58a0e} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} => key removed successfully
HKLM\Software\Classes\CLSID\{f4bdbc88-03dc-11e7-bba1-1c4bd6c58a0e} => key not found.
hellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File => Error: No automatic fix found for this entry.
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => key removed successfully
HKLM\Software\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
C:\Program Files\Google\GoogleToolbarNotifier => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{C212D449-8B3C-41F2-BD9A-047BD770550F} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C212D449-8B3C-41F2-BD9A-047BD770550F} => key removed successfully
Firefox DefaultSearchUrl removed successfully
Firefox SearchEngineOrder.3 removed successfully
Firefox "homepage" removed successfully
Firefox "Keyword.URL" removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\fcfenmboojpjinhpgggodefccipikbpd => moved successfully
HKLM\System\CurrentControlSet\Services\hczxsorb => key removed successfully
hczxsorb => service removed successfully
HKLM\System\CurrentControlSet\Services\hsqbsivj => key removed successfully
hsqbsivj => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\iswSvc => key removed successfully
iswSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\qiirgyep => key removed successfully
qiirgyep => service removed successfully
HKLM\System\CurrentControlSet\Services\rkvmxbap => key removed successfully
rkvmxbap => service removed successfully
HKLM\System\CurrentControlSet\Services\snare => key removed successfully
snare => service removed successfully
HKLM\System\CurrentControlSet\Services\wezlxbpq => key removed successfully
wezlxbpq => service removed successfully
HKLM\System\CurrentControlSet\Services\wpcsvc => key removed successfully
wpcsvc => service removed successfully
C:\WINDOWS\SysWOW64\1111 => moved successfully
C:\WINDOWS\SysWOW64\1 => moved successfully
C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== ATTENTION => Error: No automatic fix found for this entry.
WINSNARE (HKLM-x32\...\{56D19032-B59F-4020-994B-15912A49CD96}) (Version: 4.4.6 - WINSNARE) <==== ATTENTION => Error: No automatic fix found for this entry.
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => key removed successfully
HKU\S-1-5-21-410513314-2793736357-1887953017-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18964E71-F235-4EAC-AF7E-251A3ADB3AA6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18964E71-F235-4EAC-AF7E-251A3ADB3AA6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E757B34-3EAB-4B31-9A63-4A619D78AABC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E757B34-3EAB-4B31-9A63-4A619D78AABC} => key removed successfully
C:\WINDOWS\System32\Tasks\{FC6E6D27-85C2-448A-8CC4-E467DEC908D7} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FC6E6D27-85C2-448A-8CC4-E467DEC908D7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26BC2D17-7B0A-4BEE-B310-421836107863} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26BC2D17-7B0A-4BEE-B310-421836107863} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38103ABB-B1F7-46BC-8A72-39BCA08240E3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38103ABB-B1F7-46BC-8A72-39BCA08240E3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48F98DFD-D51B-4C23-9061-C411CC7F889C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F98DFD-D51B-4C23-9061-C411CC7F889C} => key removed successfully
C:\WINDOWS\System32\Tasks\{DEF6EB1B-89EA-452C-8446-123879FE6670} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DEF6EB1B-89EA-452C-8446-123879FE6670} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B7D58DF-5722-4344-B2FE-B92543D4DA18} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B7D58DF-5722-4344-B2FE-B92543D4DA18} => key removed successfully
C:\WINDOWS\System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22116563-108C-42c0-A7CE-60161B75E508} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DD85E03-B316-4141-8EF2-4DDD8E1A5067} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DD85E03-B316-4141-8EF2-4DDD8E1A5067} => key removed successfully
C:\WINDOWS\System32\Tasks\{83BFC6F9-E05F-4802-8E7C-189A7C057475} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{83BFC6F9-E05F-4802-8E7C-189A7C057475} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6638D039-A8C1-43F7-95AF-F68A1E0A77F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6638D039-A8C1-43F7-95AF-F68A1E0A77F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79962E5E-9D6F-46A5-BC10-E3556C637125} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79962E5E-9D6F-46A5-BC10-E3556C637125} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{889A9DF0-A894-428E-8CF7-C3E3536D7017} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{889A9DF0-A894-428E-8CF7-C3E3536D7017} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{951705EC-29DF-491B-B846-1413DADBF80D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{951705EC-29DF-491B-B846-1413DADBF80D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BCD5F53-9DC2-4301-AF34-E26BD5DCCF51} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BCD5F53-9DC2-4301-AF34-E26BD5DCCF51} => key removed successfully
C:\WINDOWS\System32\Tasks\{4F90B999-86C4-4A6C-BA2F-252599C7598F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F90B999-86C4-4A6C-BA2F-252599C7598F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEF0FAFF-5811-4F02-8BC7-AB05CB6EB7D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEF0FAFF-5811-4F02-8BC7-AB05CB6EB7D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Griespshifight => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82E9DDA-3543-46A2-8F18-BCAF10E3D61F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82E9DDA-3543-46A2-8F18-BCAF10E3D61F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC18DDF4-273F-4BA4-8F2E-08A69CF7F6D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC18DDF4-273F-4BA4-8F2E-08A69CF7F6D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2487904-F234-4BC1-AA36-DA2EF062FC5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2487904-F234-4BC1-AA36-DA2EF062FC5E} => key removed successfully
C:\WINDOWS\System32\Tasks\{EC740BE3-18DF-45C0-9EAD-23C775FDD6B2} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EC740BE3-18DF-45C0-9EAD-23C775FDD6B2} => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 2236288 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78719591 B
Java, Flash, Steam htmlcache => 358947460 B
Windows/system/drivers => 26987247 B
Edge => 580858 B
Chrome => 249856 B
Firefox => 377199063 B
Opera => 1558528 B

Temp, IE cache, history, cookies, recent:
Default => 32610 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 9 B
LocalService => 97922 B
NetworkService => 152559000 B
Zuzana => 66190341 B

RecycleBin => 82109401 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-06-2017 13:16:16)

C:\Users\Zuzana\AppData\Local\Akamai => Is moved successfully

==== End of Fixlog 13:16:17 ====

Re: Lokalizované vírusy

Napsal: 17 čer 2017 17:35
od Rudy
Smazáno. Nastala nějaká změna?

Re: Lokalizované vírusy

Napsal: 17 čer 2017 18:57
od jakub1234222
Určite je viac prečistený ako zo začiatku :) .
Zato Vám ďakujem.

Lenže jednu vec ne a ne vymazať ten mystarting123.
Toto ma ešte dosť irituje. Ak mate nejaké nápady, tak
som im "otvorený".
Možno keď odinštalujem chrom a nainštalujem tak to prestane či?
Ale nepochybne to bol kedysi malver, len nwm či ešte stále, ale zrušiť
to nejde.

Btw aj tak ste mi veľmi pomohli, takže vďaka ešte raz.

Re: Lokalizované vírusy

Napsal: 17 čer 2017 19:56
od Rudy
Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: Lokalizované vírusy

Napsal: 18 čer 2017 10:29
od jakub1234222
Prepáčte, že takto neskoro odpísujem a v najbližších dňoch
budem asi tiež menej odpísovať, ale k veci.

Včera večer som sa pustil do toho prvého kroku (zoek.exe).
Hneď na začiatku som mal síce problém to spustiť, ale potom sa to zaplo.
Lenže na prvom bode som skončil takže k druhému programu som sa bohužial nedostal.
Takže popíšem čo sa dialo. Spustil som Zoek.exe napísal tam to čo spomenuli a začalo to robiť asi čo malo
robilo to asi 45 minút a potom došiel ten program až k nejakému "Firefox Extensions" a tam to stalo
10 minút, 20, 30 až som to nechal hodinu a stále sa to nepohlo. A už bolo dosť hodín tak som šiel už spať
a vypol som počítač. Neviem či by to ešte niečo robilo alebo nie či to narazilo na nejaký problém a prestalo to
pracovať alebo bolo treba niečo urobiť. Takže ku logu som bohužial nedošiel. Podotýkam, že na PC som nič nerobil medzi
tým.

Tak sa Vás opýtam čo navrhujete, dať to odznova robiť a počkať? Alebo môžem ísť vyskúšať Junkware removal tool?

Re: Lokalizované vírusy

Napsal: 18 čer 2017 10:36
od Rudy
Zkuste to spustit v nouz. režimu.

Re: Lokalizované vírusy

Napsal: 18 čer 2017 12:00
od jakub1234222
Šlo to v núdzo. režime paráda :), vďaka za radu .
Takže najprv som to prešiel teda Zoekom a potom JRTčkom .
Vkladám sem teda logy. No to predvolené vyhľadávanie mystarting123
je tam stále.
Výsledky Zoek.exe->
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Zuzana on ne 18. 06. 2017 at 12:14:52,59.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Safe Mode NETWORK No Internet Access Detected
Launched: C:\Users\Zuzana\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-06-17-200241.log 7430 bytes

==== Empty Folders Check ======================

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IswSvc deleted successfully

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

Bookmark Manager - Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik

==== Chromium Startpages ======================

C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
"homepage": "http://www.seznam.cz/?clid=12454",


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... 02&pc=UE15"
{80733003-3383-4917-ABD7-74851716E952} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Web Datagoobackup was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zuzana\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Zuzana\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=282 folders=170 512052936 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Zuzana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Zuzana\AppData\Local\AVAST Software\APM\Zuzana\kv_pam.db" not found
"C:\Users\Zuzana\AppData\Local\AVAST Software\APM\Zuzana\kv_pamcore.db" not found
"C:\Users\Zuzana\AppData\Local\AVAST Software\APM\Zuzana\kv_pampub.db" not found
"C:\Users\Zuzana\AppData\Local\AVAST Software\APM\Zuzana\pam.db" not found
"C:\Users\Zuzana\AppData\Local\AVAST Software" not found

==== EOF on ne 18. 06. 2017 at 12:47:52,68 ======================

Log z JRT->
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by Zuzana (Administrator) on ne 18. 06. 2017 at 12:51:38,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


Deleted the following from C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\qbsn0dh5.default\prefs.js
user_pref(browser.search.searchengine.alias, );
user_pref(browser.search.searchengine.name, luck);
user_pref(browser.search.searchengine.ref, );
user_pref(browser.search.searchengine.ts, 1495097041);
user_pref(browser.search.searchengine.type, );
user_pref(browser.search.searchengine.uid, st9500420as_5vj4828jxxxx5vj4828j);



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 18. 06. 2017 at 12:56:12,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz