Připíná se Chrome a podezřelé procesy Vyřešeno

[jaro3]

smaž vše.

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[Scientific]

ZOEK
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by ASUS on po 02. 05. 2016 at 22:28:02,73.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ASUS\Desktop\zoek(1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-08-08-110804.log 8919 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully
C:\PROGRA~3\Mozilla deleted successfully
C:\PROGRA~3\RealVNC-Service deleted successfully
C:\PROGRA~3\TightVNC deleted successfully
C:\Users\ASUS\AppData\Roaming\TightVNC deleted successfully
C:\Users\ASUS\AppData\Local\Skype deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-476371452-1358899968-4222303151-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{208045FD-8E5A-42EC-AD46-8A2945FEBF20} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-476371452-1358899968-4222303151-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{208045FD-8E5A-42EC-AD46-8A2945FEBF20} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\prefs.js:
user_pref("browser.newtab.url", "");

Added to C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.defaultenginename", "Google");

Added to C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\ASUS\AppData\Roaming\Thunderbird\Profiles\dr53unva.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\ASUS\AppData\Roaming\Thunderbird\Profiles\dr53unva.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cahkuipm.default\prefs.js:

Added to C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cahkuipm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201508.08._1258_.backup
prefs_201602.05._2245_.backup

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1

user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- FireFox user.js and prefs.js backups ----

prefs_201508.08._1258_.backup
prefs_201602.05._2245_.backup

ProfilePath: C:\Users\ASUS\AppData\Roaming\Thunderbird\Profiles\dr53unva.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201508.08._1258_.backup
prefs_201602.05._2245_.backup

ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cahkuipm.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201602.05._2245_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Skillbrains deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ASUS\AppData\Local\Unity deleted
C:\Users\Public\Documents\dmp deleted
C:\Users\ASUS\AppData\LocalLow\Unity deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\ASUS\AppData\Roaming\Thunderbird\Profiles\dr53unva.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\cahkuipm.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Page Hacker em:descriptionAdds a button to edit the current page em:creatornico@nc em:idpagehacker-nico@nc em:version1.2.1-signed em:homepageURLhttp:nicopensource.free.frdotclearindex.php?staticPage-Hacker em:iconURLchrome:pagehackerskinicon.png - %ProfilePath%\extensions\pagehacker-nico@nc.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Page Hacker em:descriptionAdds a button to edit the current page em:creatornico@nc em:idpagehacker-nico@nc em:version1.2.1-signed.1-signed em:homepageURLhttp:nicopensource.free.frdotclearindex.php?staticPage-Hacker em:iconURLchrome:pagehackerskinicon.png - %ProfilePath%\extensions\pagehacker-nico@nc.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\ASUS\AppData\Roaming\Thunderbird\Profiles\dr53unva.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- MinimizeToTray revived MinTrayR - %ProfilePath%\extensions\mintrayr@tn123.ath.cx
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================



==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{D519BA79-B780-429D-AA32-DF97AF04A4E8}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D519BA79-B780-429D-AA32-DF97AF04A4E8}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesgbak was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Secure Preferencesgbak was reset successfully
C:\Users\ASUS\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Datagbak was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Web Data-journal was reset successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Web Datagbak was reset successfully
C:\Users\ASUS\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\ASUS\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\ASUS\AppData\Local\Mozilla\Firefox\Profiles\41A66E7E5EE1\cache2 emptied successfully
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\storage\default\https+++www.pinterest.com\cache emptied successfully
C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\storage\default\https+++www.pinterest.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ASUS\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ASUS\AppData\Local\jIxmRfR\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=628 folders=665 1768382421 bytes)

==== Empty Temp Folders ======================

C:\Users\ASUS\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ASUS\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 02. 05. 2016 at 23:02:18,56 ======================

[Scientific]

RFST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-05-2016
Ran by ASUS (administrator) on AS (03-05-2016 21:57:33)
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: UpdatusUser & ASUS & Guest)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(Microsoft Corporation) D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [tvncontrol] => D:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\ASUS\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-30] (Electronic Arts)
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\system32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-10-03] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2016-05-02]
ShortcutTarget: DeskPins.lnk -> D:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk [2016-05-02]
ShortcutTarget: MultiSkypeLauncher.lnk -> D:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Psi.lnk [2016-05-02]
ShortcutTarget: Psi.lnk -> D:\Program Files\Psi\Psi.exe ()
Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk [2016-05-02]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BF88943C-5C09-4E49-96CC-A1D0D2279D5C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-476371452-1358899968-4222303151-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Extension: Page Hacker - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\pagehacker-nico@nc.xpi [2016-04-28]
FF Extension: Google Translator for Firefox - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\translator@zoli.bod.xpi [2016-04-28]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\Extensions\cs@dictionaries.addons.mozilla.org [2016-01-10]
FF Extension: Page Hacker - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\Extensions\pagehacker-nico@nc.xpi [2015-11-09]
FF Extension: Google Translator for Firefox - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\Extensions\translator@zoli.bod.xpi [2015-11-30]
FF Extension: Flagfox - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-03-17]
FF Extension: Adblock Plus - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\3hjordno.default-1438929665688\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\cs@dictionaries.addons.mozilla.org [2016-04-05]
FF Extension: Flagfox - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-04-21]
FF Extension: Adblock Plus - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

Chrome:
=======
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Google Docs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Google Drive) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google Search) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Google Sheets) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Google Docs Offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-30] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 tvnserver; D:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
S3 vncserver; D:\Program Files\RealVNC\VNC Server\vncserver.exe [5664336 2016-03-23] (RealVNC Ltd)
R3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 MozillaMaintenance; "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-04-30] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 21:57 - 2016-05-03 21:58 - 00021869 _____ C:\Users\ASUS\Desktop\FRST.txt
2016-05-03 21:57 - 2016-05-03 21:57 - 00000000 ____D C:\FRST
2016-05-03 21:52 - 2016-05-03 21:52 - 02377216 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
2016-05-03 11:38 - 2016-05-03 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-05-03 11:38 - 2016-05-03 11:38 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-05-03 11:37 - 2016-05-03 11:37 - 02530408 _____ (Skillbrains ) C:\Users\ASUS\Downloads\setup-lightshot(2).exe
2016-05-02 23:05 - 2016-05-02 23:05 - 00014264 _____ C:\Users\ASUS\Desktop\zoek-results.txt
2016-05-02 22:52 - 2016-05-02 22:27 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-05-02 22:15 - 2016-05-02 22:15 - 01309184 _____ C:\Users\ASUS\Desktop\zoek(1).exe
2016-05-02 22:14 - 2016-05-02 22:14 - 01309184 _____ C:\Users\ASUS\Downloads\zoek.exe
2016-05-02 21:40 - 2016-05-02 21:48 - 1048612899 _____ C:\Users\ASUS\Downloads\Mizerové 2 2003 cz dabing.avi
2016-05-02 21:26 - 2016-05-02 21:35 - 1468581888 _____ C:\Users\ASUS\Downloads\Mizerové 1 .CZ dabing DVD kvalita KIM.CZ.avi
2016-05-02 15:34 - 2016-05-02 15:36 - 00001143 _____ C:\Users\ASUS\Desktop\mbam2.txt
2016-05-02 15:31 - 2016-05-02 16:01 - 00001143 _____ C:\Users\ASUS\Desktop\mbam1.txt
2016-05-01 10:57 - 2016-05-01 11:03 - 735967232 _____ C:\Users\ASUS\Downloads\Nico víc než zákon-S.Seagal 1988 Cz.avi
2016-05-01 10:57 - 2016-05-01 11:03 - 735606316 _____ C:\Users\ASUS\Downloads\Lovec policajtu.avi
2016-05-01 10:51 - 2016-05-01 10:57 - 1678198784 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Na-pokraji-smrti-(2002)-CZ.avi
2016-05-01 10:45 - 2016-05-01 11:06 - 1678170112 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Bestie-(2003)-CZ.avi
2016-05-01 10:40 - 2016-05-02 08:32 - 247708262 _____ C:\Users\ASUS\Downloads\Hvězdná brána SG-1 [Stargate SG-1] 07x09.Mstitel 2.0.cz.avi.part
2016-05-01 10:36 - 2016-05-02 08:34 - 666787162 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Dnes-zemres-(2005)-CZ.avi.part
2016-05-01 10:31 - 2016-05-02 08:35 - 1245271580 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Stiny-minulosti-(2006)-CZ.avi.part
2016-05-01 10:31 - 2016-05-02 08:34 - 730711830 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Zoldaci-spravedlnosti-(2006)-CZ.avi.part
2016-05-01 10:30 - 2016-05-02 08:35 - 931504287 _____ C:\Users\ASUS\Downloads\Steven-Seagal-Hlidac-(2009)-CZ.avi.part
2016-05-01 10:29 - 2016-05-01 10:36 - 731238400 _____ C:\Users\ASUS\Downloads\Cesta smrti (2010) akční.avi
2016-05-01 10:28 - 2016-05-01 10:40 - 899186688 _____ C:\Users\ASUS\Downloads\Naprostá sebedůvěra (2012) akční.avi
2016-05-01 10:27 - 2016-05-02 08:35 - 1541196972 _____ C:\Users\ASUS\Downloads\Cesta za pomstou [A Good Man](2014).cz.avi.part
2016-04-30 22:14 - 2016-04-30 22:14 - 24004168 _____ C:\Users\ASUS\Desktop\RogueKillerX64(1).exe
2016-04-30 15:02 - 2016-04-30 15:02 - 00000000 ___SD C:\Users\ASUS\Documents\Zdroje dat
2016-04-30 14:59 - 2016-04-30 14:59 - 00073450 _____ C:\Users\ASUS\Downloads\invoices_2015.csv
2016-04-29 13:35 - 2016-04-29 13:35 - 06149728 _____ C:\Users\ASUS\Downloads\cast-1.ods
2016-04-29 10:50 - 2016-04-29 10:55 - 00000000 ____D C:\Users\ASUS\AppData\Local\Adobe
2016-04-29 10:48 - 2016-04-29 10:48 - 00040214 _____ C:\Users\ASUS\Downloads\1-20160026.pdf
2016-04-29 09:59 - 2016-04-29 10:00 - 06792969 _____ C:\Users\ASUS\Downloads\stovkomat.zip
2016-04-28 09:30 - 2016-04-28 09:30 - 00311248 _____ C:\WINDOWS\Minidump\042816-25343-01.dmp
2016-04-25 20:33 - 2016-04-25 20:33 - 00072483 _____ C:\Users\ASUS\Downloads\Reklamacni-formular.pdf
2016-04-24 21:42 - 2016-04-24 21:42 - 00007684 _____ C:\Users\ASUS\Downloads\odkaz-na-video-wordpress-revolution-slider-hack.txt
2016-04-24 15:53 - 2016-04-24 15:53 - 00000728 _____ C:\Users\ASUS\Desktop\JRT.txt
2016-04-24 15:48 - 2016-04-24 15:54 - 00009487 _____ C:\Users\ASUS\Desktop\Nový textový dokument.txt
2016-04-24 15:48 - 2016-04-24 15:48 - 01610008 _____ (Malwarebytes) C:\Users\ASUS\Desktop\JRT.exe
2016-04-24 14:20 - 2016-05-02 23:02 - 00000080 _____ C:\Users\ASUS\Desktop\Zálohy - zástupce.lnk
2016-04-24 14:20 - 2016-05-02 23:02 - 00000080 _____ C:\Users\ASUS\Desktop\Účetnictví - zástupce.lnk
2016-04-24 14:20 - 2016-05-02 23:02 - 00000080 _____ C:\Users\ASUS\Desktop\Plocha - zástupce.lnk
2016-04-24 14:20 - 2016-05-02 23:02 - 00000080 _____ C:\Users\ASUS\Desktop\Hudba - zástupce.lnk
2016-04-24 12:19 - 2016-05-02 21:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-24 12:18 - 2016-05-02 23:03 - 00001070 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-24 12:18 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-24 12:18 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-24 12:18 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-24 12:16 - 2016-04-24 12:17 - 22851472 _____ (Malwarebytes ) C:\Users\ASUS\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-24 12:09 - 2016-05-03 15:35 - 00000000 ____D C:\Users\ASUS\AppData\Local\CrashDumps
2016-04-24 12:08 - 2016-04-24 12:08 - 03683904 _____ C:\Users\ASUS\Desktop\AdwCleaner.exe
2016-04-24 12:05 - 2016-04-24 12:06 - 00000000 ____D C:\Users\ASUS\AppData\Local\ASUS
2016-04-24 11:51 - 2016-04-24 11:51 - 00448512 _____ (OldTimer Tools) C:\Users\ASUS\Downloads\TFC(3).exe
2016-04-24 11:49 - 2016-04-24 11:49 - 00050688 _____ (Atribune.org) C:\Users\ASUS\Downloads\ATF-Cleaner(4).exe
2016-04-21 14:46 - 2016-05-02 23:02 - 00002080 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-21 14:46 - 2016-04-21 14:46 - 00000000 ____D C:\Users\Public\Documents\jIxmRfR
2016-04-21 14:46 - 2016-04-21 14:46 - 00000000 ____D C:\Users\ASUS\AppData\Local\jIxmRfR
2016-04-21 14:45 - 2016-04-24 14:15 - 00000000 ____D C:\Program Files (x86)\jIxmRfR
2016-04-20 11:38 - 2016-04-20 11:38 - 00043003 _____ C:\Users\ASUS\Downloads\Steelovina.rar
2016-04-18 19:53 - 2016-04-18 19:54 - 49803323 _____ C:\Users\ASUS\Downloads\db_auren_sk.sql
2016-04-18 15:53 - 2016-04-24 15:40 - 00000000 ____D C:\WINDOWS\system32\log
2016-04-16 22:05 - 2016-04-16 22:06 - 07639056 _____ C:\Users\ASUS\Downloads\ipv4calc.exe
2016-04-16 00:12 - 2016-04-16 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
2016-04-16 00:08 - 2016-04-16 00:08 - 02367488 _____ C:\Users\ASUS\Downloads\tightvnc-2.7.10-setup-64bit.msi
2016-04-15 22:09 - 2016-04-15 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2016-04-15 22:09 - 2016-03-23 16:17 - 00037704 _____ (RealVNC Ltd) C:\WINDOWS\system32\VNCpm.dll
2016-04-15 22:06 - 2016-04-21 06:42 - 00000000 ____D C:\Users\ASUS\AppData\Local\RealVNC
2016-04-15 22:05 - 2016-04-15 22:06 - 18406960 _____ (RealVNC Ltd ) C:\Users\ASUS\Downloads\VNC-5.3.1-Windows.exe
2016-04-15 20:35 - 2016-04-15 20:36 - 49802957 _____ C:\Users\ASUS\Downloads\auren_cz.sql
2016-04-15 14:16 - 2016-04-15 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-04-15 14:15 - 2016-04-24 15:43 - 00000000 ____D C:\ProgramData\4winp4
2016-04-09 20:27 - 2016-04-09 20:31 - 00566726 _____ C:\Users\ASUS\Downloads\!Prehled latky BIT(2).pdf
2016-04-09 20:04 - 2016-04-09 22:10 - 2004623044 _____ C:\Users\ASUS\Downloads\Akvaristika.rar.part
2016-04-08 09:31 - 2016-04-08 09:31 - 05934784 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-04-05 09:10 - 2016-04-05 09:10 - 00566726 _____ C:\Users\ASUS\Downloads\!Prehled latky BIT(1).pdf
2016-04-04 21:55 - 2016-04-04 21:55 - 01283658 _____ C:\Users\ASUS\Downloads\YaTQA-Setup_3.5b.exe
2016-04-03 09:40 - 2016-04-03 09:40 - 07483434 _____ C:\Users\ASUS\Downloads\Circular-waves-background.zip
2016-04-03 09:16 - 2016-04-03 09:16 - 01482448 _____ C:\Users\ASUS\Downloads\Bathroom-mosaic-pattern.zip
2016-04-03 00:14 - 2016-04-03 00:14 - 00001576 _____ C:\Users\ASUS\Downloads\SMTPmail(2).zip
2016-04-03 00:12 - 2016-04-03 00:12 - 00001576 _____ C:\Users\ASUS\Downloads\SMTPmail(1).zip
2016-04-03 00:10 - 2016-04-03 00:10 - 00458837 _____ C:\Users\ASUS\Downloads\form_mail.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 21:35 - 2015-12-10 10:23 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-03 19:33 - 2015-11-06 16:31 - 00000000 ____D C:\KMPlayer
2016-05-03 14:03 - 2015-08-22 23:09 - 00000000 ____D C:\Users\ASUS\Documents\Visual Studio 2015
2016-05-03 13:19 - 2016-03-02 11:46 - 00000000 ____D C:\Users\ASUS\Desktop\smazat
2016-05-03 13:01 - 2016-03-01 21:49 - 00000550 _____ C:\WINDOWS\Tasks\MATLAB R2013b Startup Accelerator.job
2016-05-03 12:02 - 2015-04-12 12:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-476371452-1358899968-4222303151-1002
2016-05-03 07:56 - 2016-03-17 20:13 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Seznam.cz
2016-05-02 23:03 - 2016-03-01 21:52 - 00000905 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2013b.lnk
2016-05-02 23:03 - 2016-02-25 13:01 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-02 23:03 - 2015-12-10 10:24 - 00002020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-02 23:03 - 2015-10-02 19:58 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2016-05-02 23:03 - 2015-08-22 21:43 - 00001265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-05-02 23:03 - 2015-08-22 21:34 - 00001264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-05-02 23:03 - 2015-07-02 10:57 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-02 23:03 - 2015-06-17 11:06 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-02 23:03 - 2015-06-12 15:45 - 00000706 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
2016-05-02 23:03 - 2015-04-01 16:09 - 00000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-05-02 23:03 - 2015-04-01 16:09 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-05-02 23:03 - 2015-04-01 16:08 - 00000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-05-02 23:03 - 2015-04-01 16:07 - 00000860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-05-02 23:03 - 2015-04-01 16:04 - 00001509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-05-02 23:03 - 2015-04-01 16:04 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-05-02 23:03 - 2015-03-31 18:50 - 00000764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2016-05-02 23:03 - 2015-03-31 18:49 - 00000810 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-05-02 23:03 - 2015-03-31 18:41 - 00001857 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-02 23:03 - 2015-03-16 14:34 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2016-05-02 23:03 - 2013-05-01 13:17 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-05-02 23:03 - 2013-05-01 13:17 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-05-02 23:03 - 2013-05-01 13:14 - 00001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-05-02 23:02 - 2016-03-17 20:14 - 00001267 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam Pošťák.lnk
2016-05-02 23:02 - 2016-03-06 18:14 - 00002175 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vnitřní úložiště.lnk
2016-05-02 23:02 - 2015-06-17 11:27 - 00001424 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-02 23:02 - 2015-06-17 10:58 - 00000469 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-05-02 23:02 - 2015-06-17 10:58 - 00000467 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-05-02 22:54 - 2015-08-14 10:11 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-05-02 22:54 - 2015-03-16 14:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 22:54 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-02 22:51 - 2016-01-24 22:19 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2016-05-02 22:46 - 2015-08-08 12:33 - 00000000 ____D C:\zoek_backup
2016-05-02 22:35 - 2015-12-10 10:23 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-02 22:31 - 2015-04-01 16:45 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-02 21:41 - 2014-11-21 06:53 - 01873716 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-02 21:41 - 2014-11-21 06:10 - 00782050 _____ C:\WINDOWS\system32\perfh005.dat
2016-05-02 21:41 - 2014-11-21 06:10 - 00173410 _____ C:\WINDOWS\system32\perfc005.dat
2016-05-02 21:41 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-02 18:20 - 2015-03-31 18:52 - 00000600 _____ C:\Users\ASUS\AppData\Roaming\winscp.rnd
2016-05-02 13:50 - 2016-03-01 22:23 - 00000000 ____D C:\Users\ASUS\Documents\MATLAB
2016-04-30 22:15 - 2015-08-07 21:32 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-30 22:05 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-30 18:59 - 2015-05-24 12:06 - 00000000 ____D C:\Users\ASUS\AppData\Local\ElevatedDiagnostics
2016-04-29 19:07 - 2015-06-17 10:58 - 00000000 ____D C:\Users\ASUS
2016-04-29 15:52 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-29 15:52 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-28 09:30 - 2016-03-31 18:20 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-28 09:30 - 2015-04-24 19:33 - 823894067 _____ C:\WINDOWS\MEMORY.DMP
2016-04-27 12:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-26 14:02 - 2015-03-31 18:52 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\KeePass
2016-04-25 12:45 - 2015-08-10 19:34 - 00000600 _____ C:\Users\ASUS\AppData\Local\PUTTY.RND
2016-04-24 15:43 - 2013-05-01 13:17 - 00000000 ____D C:\WINDOWS\hu
2016-04-24 15:40 - 2015-08-07 12:06 - 00000000 ____D C:\AdwCleaner
2016-04-24 14:20 - 2015-07-27 20:04 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-04-22 09:57 - 2015-05-07 08:29 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-19 13:29 - 2016-02-29 20:14 - 00000186 _____ C:\Users\ASUS\.packettracer
2016-04-15 22:41 - 2015-04-26 11:33 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\TS3Client
2016-04-13 18:33 - 2015-08-06 21:49 - 00003834 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438890535
2016-04-13 18:33 - 2015-08-06 21:48 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-08 09:32 - 2015-04-01 16:45 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-04 19:27 - 2015-06-28 14:43 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{31E90E02-2996-4027-91EC-22294BD585E5}
2016-04-03 12:18 - 2015-04-26 18:26 - 00000132 _____ C:\Users\ASUS\AppData\Roaming\Adobe Formát PNG CS6 – předvolby

==================== Files in the root of some directories =======

2015-04-26 18:26 - 2016-04-03 12:18 - 0000132 _____ () C:\Users\ASUS\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-04-01 18:52 - 2015-04-10 16:45 - 0000132 _____ () C:\Users\ASUS\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-10-03 13:23 - 2015-10-03 13:23 - 0000600 _____ () C:\Users\ASUS\AppData\Roaming\PUTTY.RND
2015-03-31 18:52 - 2016-05-02 18:20 - 0000600 _____ () C:\Users\ASUS\AppData\Roaming\winscp.rnd
2015-05-01 09:21 - 2015-05-01 09:21 - 0000092 _____ () C:\Users\ASUS\AppData\Local\fusioncache.dat
2015-08-10 19:34 - 2016-04-25 12:45 - 0000600 _____ () C:\Users\ASUS\AppData\Local\PUTTY.RND
2015-10-28 17:31 - 2015-10-28 17:31 - 0001347 _____ () C:\Users\ASUS\AppData\Local\recently-used.xbel
2015-04-01 18:56 - 2015-04-23 18:05 - 0000424 _____ () C:\Users\ASUS\AppData\Local\UserProducts.xml
2016-02-20 14:58 - 2016-02-20 14:58 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-05-05 21:39 - 2015-05-05 21:39 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-05-01 13:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 13:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-30 22:40

==================== End of FRST.txt ============================

[Scientific]

ADDITIONAL
Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-05-2016
Ran by ASUS (2016-05-03 21:58:44)
Running from C:\Users\ASUS\Desktop
Windows 8.1 (X64) (2015-06-17 09:26:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-476371452-1358899968-4222303151-500 - Administrator - Disabled)
ASPNET (S-1-5-21-476371452-1358899968-4222303151-1005 - Limited - Enabled)
ASUS (S-1-5-21-476371452-1358899968-4222303151-1002 - Administrator - Enabled) => C:\Users\ASUS
Guest (S-1-5-21-476371452-1358899968-4222303151-501 - Limited - Enabled) => C:\Users\Guest
UpdatusUser (S-1-5-21-476371452-1358899968-4222303151-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (Version: 20.1.49.0 - Autodesk) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Cisco Packet Tracer 6.1 Instructor (HKLM-x32\...\Cisco Packet Tracer 6.1 Instructor_is1) (Version: - Cisco Systems, Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version: - )
Diagram Designer (HKLM-x32\...\{BE725DFC-550D-4C4B-BA2D-B1AE3CC0E33F}) (Version: 1.28 - MeeSoft)
Dostihy 3000 deluxe 1.1 (HKLM-x32\...\Dostihy 3000 deluxe) (Version: - )
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.105.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB R2013b (HKLM\...\Matlab R2013b) (Version: 8.2 - The MathWorks, Inc.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 cs)) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 cs) (HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\Mozilla Thunderbird 38.7.2 (x86 cs)) (Version: 38.7.2 - Mozilla)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MultiSkypeLauncher (remove only) (HKLM-x32\...\MultiSkypeLauncher) (Version: 1.7.1 - MultiSkypeLauncher)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Driver 307.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 307.07 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
PCMSCAN (HKLM-x32\...\{979B748C-6095-4A5A-BC7B-C15E720529D6}) (Version: 2.4.12 - Palmer Performance Engineering)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Psi (remove only) (HKLM-x32\...\Psi) (Version: - )
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6716 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.484 - RStudio)
Seznam Software (HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Test rybárských znalostí (HKLM-x32\...\{B6B69987-FDC6-4FD2-BCC1-A8554370059C}) (Version: 1.0.7 - CRS)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VirtViewer 2.0256 (64-bit) (HKLM\...\{F66D2C75-5D58-429F-98A0-316DFAECBB30}) (Version: 2.0.256 - Virt Manager Project)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VNC Server 5.3.1 (HKLM\...\{C58DCF42-FF02-4D34-8216-2B030CCAEF1B}) (Version: 5.3.1.17370 - RealVNC Ltd)
VNC Viewer 5.3.1 (HKLM\...\{61F1DF9D-3B08-420F-9A4D-E7D5542597CB}) (Version: 5.3.1.17370 - RealVNC Ltd)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{4491B86D-8E9D-4E4C-B774-E62949A005D8}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1030279B-FC3C-42ED-B82C-59BF298549D7} - System32\Tasks\{D03B38A9-D107-422A-872B-404BE380B818} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... rror=12002
Task: {18A5828B-519C-4DE8-9387-F29A86F1B51C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {3580D039-A0FA-4F80-B6D0-2C81CDC64CF6} - System32\Tasks\Opera scheduled Autoupdate 1438890535 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {552BDF49-DEDC-4B58-A95C-1988046473DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {6C21FA3D-12C2-4744-82EE-FAB29D7D4810} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {79F234D0-D219-4F80-8B05-A50977DD3FDE} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {7BAEE1A3-AA70-4591-B323-1AA7CE5290EA} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {C5487807-4E68-4A8F-B80F-68F3C33C7A59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {E7428909-B0C3-40D0-A257-DCE74DD17ABB} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {F91E28B9-D48E-4B64-BC0C-5722F1A49863} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {FB0DB7B3-F0BC-4688-84DA-309EC1C380DF} - System32\Tasks\MATLAB R2013b Startup Accelerator => D:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe [2013-08-05] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2013b Startup Accelerator.job => D:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-06-17 10:51 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-17 20:13 - 2015-05-26 13:38 - 00457384 _____ () C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-03-16 14:17 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-03-17 20:13 - 2015-05-26 13:38 - 00862888 _____ () C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-03-17 20:13 - 2015-05-26 13:38 - 00561864 _____ () C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\postak3.dll
2016-03-17 20:13 - 2015-05-26 13:39 - 01778376 _____ () C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-05-02 22:30 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-476371452-1358899968-4222303151-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "ACMON"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\StartupFolder: => "Psi.lnk"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\StartupFolder: => "MultiSkypeLauncher.lnk"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{6057EB2D-DC27-4592-AEBC-4A0CC58CE7D2}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D7A76250-4162-46EC-AC4E-34D95DB545C7}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1DE38F56-2227-4480-A351-276B6C2DF734}] => (Allow) LPort=5000
FirewallRules: [{469F5E10-5668-44C8-952F-461B9CCED95B}] => (Allow) LPort=53445
FirewallRules: [UDP Query User{CF3E8158-CC5B-4E5A-A44D-9596EF63DAF3}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{493D1660-A823-41C9-B70B-95874F1E7B0E}C:\users\asus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\asus\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{72A109F1-0170-462D-B6FC-F95987907B92}D:\program files\psi\psi.exe] => (Allow) D:\program files\psi\psi.exe
FirewallRules: [TCP Query User{DCAC0922-BE3B-4B66-B112-ADE9380DF4DC}D:\program files\psi\psi.exe] => (Allow) D:\program files\psi\psi.exe
FirewallRules: [UDP Query User{70446187-3FFF-49EC-AEE4-EA52748BB44C}C:\users\asus\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\asus\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [TCP Query User{500EEB14-C6B6-4D5D-A538-566384F95690}C:\users\asus\appdata\local\temp\teamviewer\teamviewer.exe] => (Block) C:\users\asus\appdata\local\temp\teamviewer\teamviewer.exe
FirewallRules: [{36684305-F8E0-4536-AF17-BB6FCFFA2C63}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C3DA9709-A400-4CAF-BB7D-F49B46B4865E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{0354C948-D494-4AEB-AD3A-FC7060AF76D1}D:\program files\psi\psi.exe] => (Allow) D:\program files\psi\psi.exe
FirewallRules: [TCP Query User{BB2A4DB4-4E1C-4588-BCD3-B8F456A0779A}D:\program files\psi\psi.exe] => (Allow) D:\program files\psi\psi.exe
FirewallRules: [{D8B7E2CB-1663-4318-B241-F2FEC614EB5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F8AE2A3-A1F2-42AA-B2FB-F4F837699D35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB562969-54E3-4CF2-AB0D-70BD4978339D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{56948688-7196-4A8C-8E33-4AE9501F9970}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D9615644-B9F4-49BB-9733-1369DD3035CC}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{62E2B884-1FDD-43D7-8B53-3EB96257E3AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{281FF766-F57F-483E-A227-63F1F1FEFE80}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{78F8E8DA-219B-4E22-ABF2-C97CF02440A3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7A67DBBD-3C40-4086-8EBF-486A984A6433}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{D8856D06-0292-4BDF-8D96-6039F6C0838D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{BCB70177-D71A-4C88-83C5-5F6F71671DA1}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{63793E37-0590-4C28-BD7F-411D231CE5B1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{EF9CFACD-E89A-45B0-BA93-05033F591EB8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{989B05E9-9076-4F92-B4F3-8553D96F8AE5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{695FF7D5-C780-44B9-93B1-B94B51C06EB4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2706050A-ABA4-40FD-B65F-EC9F1B2DB25E}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [{14A64085-EA19-4A52-BF82-D5654CB36ABD}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [{701136D8-6D43-4363-A9CD-657515B4D7C2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4F7B6A0F-B93C-44AE-BFBF-CDA748F5FB61}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CE8030F-152F-42D9-902A-4CAFEFABAD0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C29ACDD2-C56D-4F41-B057-B3B5238F076A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB9ADD55-267A-4711-A4EB-301E029851DE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{62DF4D3B-48D7-4DA3-A1AA-B20BE8445A45}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C5A0F451-9914-48AD-9373-814FBAD43665}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{14951C42-DACB-4FF8-AEB4-122D82F6CF95}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [TCP Query User{B37348EC-F317-4332-8C9B-42DD8A5AE01B}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AC742381-6000-4398-B6C2-505858FD6E82}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F25DEF3D-BD02-4CC9-87E7-CBADAF7FD898}D:\program files\stronghold crusader\stronghold crusader.exe] => (Allow) D:\program files\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{5BAF49D4-9B39-4CC9-8EA1-89BDCC324702}D:\program files\stronghold crusader\stronghold crusader.exe] => (Allow) D:\program files\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{76D36269-C1E8-48B6-9ACD-35EDE308D5A0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{7F505324-0942-4274-B241-BC44220BDFF3}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{5E0F88D4-DA36-4B1F-8093-0402547A2714}] => (Allow) D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{97C144E8-E989-44A4-AA28-CE7993163614}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BD2E08D6-785F-49BF-9C5F-DAAD89CE4E3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{794873D0-C6EB-41DA-948A-35219EF61FFE}D:\program files (x86)\winscp\winscp.exe] => (Allow) D:\program files (x86)\winscp\winscp.exe
FirewallRules: [UDP Query User{1C9C0878-A866-4E67-A520-AD90B422DAFC}D:\program files (x86)\winscp\winscp.exe] => (Allow) D:\program files (x86)\winscp\winscp.exe
FirewallRules: [{8426A081-0642-4E2D-B197-4673FECDA03F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B3624F3-3A80-4D50-9103-51EFED7CEDF9}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7A0A75AA-11DD-4078-96B7-BD2C7C33C71B}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E0FD6AA8-9465-4814-926C-7037404D9E5C}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D2E3481-66F2-4214-A332-8E05C1D72CBE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{2558AB58-A95E-414A-806C-806966D3250A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{9D012447-7120-4E08-B58F-B9BFFA2DF232}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{D7BE3F97-F21E-48F8-B60E-8B80913FCAA0}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{BF8765A4-8924-404D-B37A-46897B9FCFE3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{3F4EB10D-D634-461B-89F9-5260593C6709}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{37D05FA6-62CB-46ED-BF9C-A53CE9EABA33}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{384BB4ED-09FE-42EC-9B06-EC7E270FA961}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{8B82B3C2-25F0-4933-B3E3-78CD8EC3705F}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{BFBEA60E-2539-4F7C-B299-3C367F3A69B8}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{B219A0A4-BD46-477D-861F-2DF4250ED33D}D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe] => (Allow) D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{8D773F09-689C-4522-AD26-E2323DEF268D}D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe] => (Allow) D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe
FirewallRules: [{C1CC7329-20D9-4A4E-B012-A24FA1893C3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{449074C3-11DE-4A80-901A-0E94EF7D46E1}] => (Allow) D:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{866651E7-921D-48E3-93C7-AF4AC7701C83}] => (Allow) D:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{5DEE49AD-2D3A-495B-B9D7-3B4FAD13F45E}] => (Allow) D:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [TCP Query User{8E96EF77-B7CF-43C8-8A00-73C4B6DD4D2E}D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe] => (Allow) D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe
FirewallRules: [UDP Query User{739EE35A-FA68-4045-B05F-E6C87900FC8C}D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe] => (Allow) D:\program files (x86)\cisco packet tracer 6.1iv\bin\packettracer6.exe
FirewallRules: [{B9E24F4F-FE57-4AAF-81C4-5CB298C21D46}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe
FirewallRules: [{726F1CFE-853D-43C6-BD27-98AA2CA76A70}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe
FirewallRules: [{99F843CD-B4F4-46E5-8B4E-EA0B3929EF02}] => (Allow) C:\ProgramData\jIxmRfR\protect\protect.exe

==================== Restore Points =========================

30-04-2016 23:42:28 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2016 03:35:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ScriptedSandbox64.exe, verze: 14.0.23107.0, časové razítko: 0x559b7a25
Název chybujícího modulu: ScriptedSandbox64.exe, verze: 14.0.23107.0, časové razítko: 0x559b7a25
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000000f931
ID chybujícího procesu: 0x1ed0
Čas spuštění chybující aplikace: 0xScriptedSandbox64.exe0
Cesta k chybující aplikaci: ScriptedSandbox64.exe1
Cesta k chybujícímu modulu: ScriptedSandbox64.exe2
ID zprávy: ScriptedSandbox64.exe3
Úplný název chybujícího balíčku: ScriptedSandbox64.exe4
ID aplikace související s chybujícím balíčkem: ScriptedSandbox64.exe5

Error: (05/02/2016 10:14:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program EXCEL.EXE verze 12.0.6729.5000 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c08

Čas spuštění: 01d1a4acac936be2

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE

ID hlášení: 6dfe82ab-10a2-11e6-bf05-84a6c8741fb1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (05/02/2016 04:28:02 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (05/02/2016 02:18:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program thunderbird.exe verze 38.7.2.5936 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b48

Čas spuštění: 01d1a4394572f472

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

ID hlášení: fdfa452b-105f-11e6-bf05-84a6c8741fb1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (05/02/2016 02:18:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program KMPlayer.exe verze 4.0.1.5 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ed8

Čas spuštění: 01d1a43be3c06eae

Čas ukončení: 4294967295

Cesta k aplikaci: C:\KMPlayer\KMPlayer.exe

ID hlášení: febb1e02-105f-11e6-bf05-84a6c8741fb1

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (05/02/2016 02:18:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 45.0.1.5918, časové razítko: 0x56e8b7df
Název chybujícího modulu: mozglue.dll, verze: 45.0.1.5918, časové razítko: 0x56e8a981
Kód výjimky: 0x80000003
Posun chyby: 0x0000f0ea
ID chybujícího procesu: 0xe64
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (05/02/2016 02:12:56 PM) (Source: VNC Server) (EventID: 256) (User: )
Description: FeatureLicensing: No valid license installed.

Error: (05/02/2016 02:04:20 PM) (Source: VNC Server) (EventID: 256) (User: )
Description: FeatureLicensing: No valid license installed.

Error: (05/02/2016 02:04:19 PM) (Source: VNC Server) (EventID: 256) (User: )
Description: FeatureLicensing: No valid license installed.

Error: (05/02/2016 02:04:19 PM) (Source: VNC Server) (EventID: 256) (User: )
Description: FeatureLicensing: No valid license installed.


System errors:
=============
Error: (05/03/2016 07:54:05 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/03/2016 07:54:02 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/03/2016 07:53:57 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/02/2016 10:57:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (05/02/2016 10:57:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1326

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (05/02/2016 10:54:46 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: Službě Plánovač úloh se při spuštění nepodařilo načíst úlohy. Další údaje: Hodnota chyby: 2147942402

Error: (05/02/2016 10:49:38 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/02/2016 10:49:35 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/02/2016 10:49:31 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (05/02/2016 10:49:27 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


CodeIntegrity:
===================================
Date: 2016-04-30 22:45:54.393
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-29 21:10:30.069
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-28 10:39:44.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-27 20:45:57.293
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-24 16:39:00.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-24 15:08:56.984
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-24 12:10:10.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-04-24 12:10:10.292
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-04-24 11:38:42.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

Date: 2016-04-24 11:38:42.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 41%
Total physical RAM: 3981.48 MB
Available physical RAM: 2339.51 MB
Total Virtual: 8077.48 MB
Available Virtual: 6243.9 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.86 GB) (Free:17.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:160.49 GB) (Free:90.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00286C8C)

Partition: GPT.

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin HKU\S-1-5-21-476371452-1358899968-4222303151-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
C:\ProgramData\Ament.ini
C:\ProgramData\SetStretch.cmd
C:\ProgramData\SetStretch.exe
Task: {18A5828B-519C-4DE8-9387-F29A86F1B51C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: (OS) (Fixed) (Total:185.86 GB) (Free:17.5 GB)
máš mít nejméně 15-20% volného místa na disku , pro bezproblémový chod windows. Něco odinstaluj , smaž!

C:\Users\Public\Documents\jIxmRfR
C:\Users\ASUS\AppData\Local\jIxmRfR
C:\Program Files (x86)\jIxmRfR
FirewallRules: [{B9E24F4F-FE57-4AAF-81C4-5CB298C21D46}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe
FirewallRules: [{726F1CFE-853D-43C6-BD27-98AA2CA76A70}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe
FirewallRules: [{99F843CD-B4F4-46E5-8B4E-EA0B3929EF02}] => (Allow) C:\ProgramData\jIxmRfR\protect\protect.exe

Ten program s názvem jIxmRfR znáš?

[Scientific]

Fix result of Farbar Recovery Scan Tool (x64) Version:03-05-2016
Ran by ASUS (2016-05-04 23:07:53) Run:1
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS (Available Profiles: UpdatusUser & ASUS & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-476371452-1358899968-4222303151-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin HKU\S-1-5-21-476371452-1358899968-4222303151-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
C:\ProgramData\Ament.ini
C:\ProgramData\SetStretch.cmd
C:\ProgramData\SetStretch.exe
Task: {18A5828B-519C-4DE8-9387-F29A86F1B51C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-476371452-1358899968-4222303151-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-476371452-1358899968-4222303151-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-476371452-1358899968-4222303151-1002\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\ProgramData\Ament.ini => moved successfully
C:\ProgramData\SetStretch.cmd => moved successfully
C:\ProgramData\SetStretch.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18A5828B-519C-4DE8-9387-F29A86F1B51C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18A5828B-519C-4DE8-9387-F29A86F1B51C}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
EmptyTemp: => 477.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 23:08:37 ====

Fajn, uvolním nějaké místo, bouji s tímto problémem dlouhodobě, problém je totiž v tom, že mám disk rozdělený na dvě partišny, přičemž C je přeplněné a D prázdné, žádným nástrojem se mi nepodařilo přelít diskový prostor.

Ano, tu aplikaci znám, je to browser chrome, který se mi sám připínal na lištu a nastavoval jako výchozí prohlížeč. Jak popisuji v prvním příspěvku.

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt


Tak si něco přemísti na disk D , můžeš i některé programy , ale musíš je napřed odinstalovat , a pak při instalaci vybrat místo instalace na disku D.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Scientific]

Ano, místo na disku jsem uvolnil.
Problém je zdá se vyřešen.
Děkuji moc, pošlu příspěvek.

# DelFix v1.013 - Logfile created 12/05/2016 at 22:53:41
# Updated 17/04/2016 by Xplode
# Username : ASUS - AS
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-08-08-110804.log
Deleted : C:\Users\ASUS\Desktop\Addition.txt
Deleted : C:\Users\ASUS\Desktop\AdwCleaner.exe
Deleted : C:\Users\ASUS\Desktop\Fixlog.txt
Deleted : C:\Users\ASUS\Desktop\FRST.txt
Deleted : C:\Users\ASUS\Desktop\FRST64.exe
Deleted : C:\Users\ASUS\Desktop\JRT.exe
Deleted : C:\Users\ASUS\Desktop\JRT.txt
Deleted : C:\Users\ASUS\Desktop\RogueKillerX64(1).exe
Deleted : C:\Users\ASUS\Desktop\zoek(1).exe
Deleted : C:\Users\ASUS\Desktop\zoek-results.txt
Deleted : C:\Users\ASUS\Downloads\TFC(1).exe
Deleted : C:\Users\ASUS\Downloads\TFC(2).exe
Deleted : C:\Users\ASUS\Downloads\TFC(3).exe
Deleted : C:\Users\ASUS\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #63 [Naplánovaný kontrolní bod | 05/09/2016 20:23:54]

New restore point created !

########## - EOF - ##########