Prosím o kontrolu logu

vašekp · Příspěvekod **vašekp** » 15 čer 2015 19:00

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Vaçek on po 15. 06. 2015 at 18:36:17,40.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\VAEK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 6. 2015 18:37:15 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Amazon deleted successfully
C:\PROGRA~2\ProcessRunner deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\PROGRA~2\Zoner deleted successfully
C:\PROGRA~3\Astroburn Lite deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\PROGRA~3\McAfee deleted successfully
C:\Users\Packages\AppData\\Local deleted successfully
C:\Users\Public\AppData\\Local deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Jan\AppData\Local\VirtualStore deleted successfully
C:\Users\VAEK~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\VAEK~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\VAEK~1\AppData\Local\EmieUserList deleted successfully
C:\Users\VAEK~1\AppData\Local\GHISLER deleted successfully
C:\Users\VAEK~1\AppData\Local\LSC deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\5d135e43 deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Amazon not found
C:\PROGRA~2\ProcessRunner not found
C:\PROGRA~2\VS Revo Group not found
C:\PROGRA~2\Zoner not found
C:\PROGRA~2\Anydo Extension deleted
C:\PROGRA~2\PrIcaeMinus deleted
C:\PROGRA~3\{3ffc2147-bef3-1473-3ffc-c2147bef851e} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\Public\Documents\AlawarWrapper deleted

==== Chromium Look ======================

Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond
Seznam LiĹˇtiÄŤka - Email - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi
Seznam LiĹˇtiÄŤka - SlovnĂk - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh
Seznam LiĹˇtiÄŤka - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg
Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba - Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibfgbclmgnmffinenpipoibfdoblond
Seznam Li\u0161ti\u010Dka - Email - Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh
Seznam Li\u0161ti\u010Dka - Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lelcohngbjgpiibagnfmncojacafbbpg
Skype for Chromium - Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam LiĹˇtiÄŤka - Email - VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LiĹˇtiÄŤka - SlovnĂk - VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
AdBlock - VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chromium Startpages ======================

C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://lenovo13.msn.com/",

C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
illlcpiak\\1.7.5_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047833082319751","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"vper@seznam.cz","username":"vper@seznam.cz"}},"homepage":"http://www.seznam.cz/","homepage_is_newtabpage":false,"pinned_tabs":[],"prefs":{"preference_reset_time":"13078781038771796"},"protection":{"macs":{"browser":{"show_home_button":"73FF793AE567D5CC5D614BDCC43C51605CD73EB5335416917ADA0A0FFC50D303"},"default_search_provider":{"keyword":"CFDCA60B154AF6C0B7F179E572BCD79D00B4C042E6C7FDC4FB3024CD4C930C28","name":"35384E90AD15E34F56B9C42F073C7768F856F9F2BAAAF95EDD6E8853CDA3E2BD","search_url":"6776D2541AD0BCEB78FD9E0DF3DEBA828BB9FBE069AEC4A0206E80C359FD0766"},"default_search_provider_data":{"template_url_data":"0241B5C33B291605CAD53243CB719BCDBB7052659061049294E5FCD55EB5D3B3"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"C81C86D68892E8CAC0DFF428F004C8468C53784D7BFDFB96DA5BAFBC7B915B84","bepbmhgboaologfdajaanbcjmnhjmhfn":"E8FD5983E7ED2F0AC92924488B6CC5EF81CF82BBF0FFF8DC6281B00BC7216896","bgjpfhpjcgdppjbgnpnjllokbmcdllig":"CCAE309B879BA087EF6D8EC7E30F028E08C468E5A266468AE9119425CBFDC1B6","blmojkbhnkkphngknkmgccmlenfaelkd":"2D8E0BD2B39D7777C95085CD5B15994763277AC0E199B9335DBD68689652217B","clgkphifhohebfokmfiekobchoebldlf":"015E8B4BDD3AECCD104F53F17C3A8896FFAD15D5EBB619DF7905C76A67F3BFC1","eemcgdkfndhakfknompkggombfjjjeno":"34582327D5E5C064D7E63A44CB2AB72F3F7267B5C8C9B6D0FC590A9C2D455CC0","ennkphjdgehloodpbhlhldgbnhmacadg":"18E7A664E32742B77AE826ECE2F5040020EC9C90BD74C7CA5B3F2B3F00A0ADDD","gfdkimpbcpahaombhbimeihdjnejgicl":"A7E5AF092978DCFA305B0D3F79750C381249570DB1FE87F819BE33F7DECB26E0","gighmmpiobklfepjocnamgkkbiglidom":"376A13805A21969B10B02C580C56C76808A8DD9272E37A15E449C91474B845AC","jlgdloilieclkegafohackmhffbmdpko":"C88F951712A8CBBA983CB4F9A168594EDC3151988D181D9BADA1743FF2505548","kmendfapggjehodndflmmgagdbamhnfd":"66CD53795028AE849F2C5201B86ACC26551535FFD7245D8DA6F29AC1AD42F68D","mfehgcgbbipciphmccgaenjidiccnmng":"7921F82BE7F8C5E6BA221037F23F7CA6674F4D365B3C898F63CEEB3C7B7544B4","mfffpogegjflfpflabcdkioaeobkgjik":"09C1CCD57ADE7C380E7DA1152BA569127B39B24BCCED24DEE1D23EE35A45883B","mgndgikekgjfcpckkfioiadnlibdjbkf":"BD1EF569BD4039197914CDCD9F857A8C4E57EEE6B900DA9BCC18CFB0D6309903","mhjfbmdgcfjbbpaeojofohoefgiehjai":"1A92B0CF819435DD1EBA581DB0A7DBAF141EC03C9C991370A8B7E50F675A901D","neajdppkdcdipfabeoofebfddakdcjhd":"326021F68F87D75780CC0A7FF0651CA20161FA5EE00BDB50F004190B82465FDD","nkeimhogjdpnpccoofpliimaahmaaome":"2669566D110D10DDA74FA53EFA36F582EEE00052AB8144451065144B1695E3F2","nmmhkkegccagdldgiimedpiccmgmieda":"C1BB04420C069213E12F510207454AD41F7B1A947ABFA94C1A13DD30C17D7F44","olfeabkoenfaoljndfecamgilllcpiak":"11A2590E0A8958EC3F52BD991BBA08855361E17308D90801BCFBB060F3D0D58D","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"880B05DD5B2536C7379847F1592B3D21F5A4AFCF8599759A08D546921B694EA3"}},"google":{"services":{"last_username":"A6B592661B4B7C695794EB79A4940E1CC2A3013D3E3635022A6357D80DF41D0D","username":"CFB9BA1FF0A12FA02215E63020911DB4CC2D4649E2745BD9D517BB086139A0AD"}},"homepage":"AD96D330F1EB7EB688E5B8415DBD1668921BAFE5B3E4F5BC432F44B471D9281C","homepage_is_newtabpage":"8DD5685EE0D45ABF49DED0D392F497AFFEACE9A09C67D3F9ECE5080BFFF125C8","pinned_tabs":"38176DFB7BB9BB0AD6483E30E5C6D22971B805D67C15A20CEE9350B8B7B545D3","prefs":{"preference_reset_time":"3CA6B0AC253F17C51C9AE1CB3FE548ED66FA5C8CD0CCCA95DF2F0F939CF705AA"},"profile":{"reset_prompt_memento":"057C626BBC18B73D5225021B7C2F675E2B04F5E5590F87E89F5CDF7ADDAA496E"},"safebrowsing":{"incidents_sent":"3FD1ABC3383C26DFCAA6E42EF73CD819EF24A3DA78535F0FCE8D3571FD13F4D4"},"search_provider_overrides":"394F63F1B307982815FD415F0EC8E2453EED9E70F720338D0DEC6D8C3988858B","session":{"restore_on_startup":"FCDC82BB9CF9EF42046888D0833A6CB27A5A261A149D253E40F1909665C59FCC","startup_urls":"BB2318ED927B4FCF65B9861DCF0080BD4EFB10F831561673C7E30E9859092160"},"software_reporter":{"prompt_reason":"C1DCED72C4242B6A6751E4A0CD61CB1463E37FE2A6BCBC5875041EB909AA980E","prompt_seed":"9B99767B21CD66D7A6D3370776DD1B0EBB91945161A91DB71907F7281F3D985A","prompt_version":"1227CD3D6EA60580F407D5C6CADEEC21246228E7CD2B94911C84439CA48D919C"},"sync":{"remaining_rollback_tries":"2A31059E303AE727DD1D1367638D7FC866527E28B8289833E5AE28171140419B"}},"super_mac":"2CA2F2AE7DFDE4E49EDAB659A3A248954AEA6E49201406F50F61ECF17BE2E299"},"session":{"restore_on_startup":4,"startup_urls":["https://www.seznam.cz/","http://www.livesport.cz/tenis/","https://www.tipsport.cz/kurzy","http://dobyvatel.nova.cz/","http://fantasy.isport.blesk.cz/?utm_source=isport&utm_medium=header&utm_campaign=Kampan","http://www.hokej.cz/index.php?lng=CZ&webid=385&view=stats_zapis&idz=75117"]},"sync":{"remaining_rollback_tries":0}}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{1BE630CE-9BCD-4B07-AE7E-73647AACA5DF} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454"
{3A2FCEDF-247B-4276-BAA1-6712933D673A} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454"
{3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{41AE30E4-B0A2-434F-B214-7F955C96EB13} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear"
{72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454"
{77A6BF2B-9129-4154-8E0D-35B02579126C} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454"
{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{8DC65759-69BB-495C-A9F0-CEA88890052F} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454"
{F49DF58E-31CF-491E-93DE-8A250472063D} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\ChromePreferences was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\_Preferences.BAK was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VAEK~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\VAEK~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\VAEK~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\VAEK~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\VAEK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7 folders=7 192553 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Jan\AppData\Local\Temp emptied successfully
C:\Users\Michal\AppData\Local\Temp emptied successfully
C:\Users\VAEK~1\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\VAEK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 15. 06. 2015 at 18:56:48,68 ======================

Reklama

vašekp · Příspěvekod **vašekp** » 15 čer 2015 19:00

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:10, on 15. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vašek\Desktop\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem52.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9886 bytes

Příspěvekod **jaro3** » 15 čer 2015 19:29

Co problémy?

vašekp · Příspěvekod **vašekp** » 16 čer 2015 20:09

Notebook běží nyní velmi dobře.
Mám jiný problém a ten zůstává. Nejde se připojit k síti bezdrátově, pouze kabelem k routeru. Přitom druhý noťas bezdrátově běží. Router je TL - WR 842 ND a nastavoval jsem ho s pomocí telefonické podpory TP Link. Využívám poskytovatele UPC. Když se chci připojit bez kabelu pomocí wi fi, tak se objeví nápis omezeno. Noťas mám Lenovo G 580. Pravděpodobně bude něco s W 8.1. Když se pokusím o opravu skutečně nepřijdu o uložená data? Nemám s W 8.1 moc zkušeností. Pokud by nepomohla opravná instalace, musel bych asi udělat novou kompletní. Nebo je ještě nějaká možnost řešení problému?
Jinak děkuji za dosavadní pomoc s vyčištěním.

Příspěvekod **jaro3** » 17 čer 2015 08:30

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

Aktualizuj javu:
[url= http://www.oracle.com/technetwork/java/ ... 33155.html
]Java SE Runtime Environment 8[/url]

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

To vypadá spíš na špatné nastavení wifi v PC..

Ještě se podíváme na viry:

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

vašekp · Příspěvekod **vašekp** » 17 čer 2015 23:32

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Vašek (administrator) on IDEA-PC on 17-06-2015 23:24:03
Running from C:\Users\Vašek\Desktop
Loaded Profiles: Jan & Vašek & Naďa & Michal & Guest (Available Profiles: Jan & Vašek & Naďa & Michal & Guest)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-10-26] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-10-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2014-03-23] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2015-06-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-961389813-253083461-155772885-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-961389813-253083461-155772885-1006\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Naďa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-961389813-253083461-155772885-1006\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Naďa\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-961389813-253083461-155772885-1006\...\Run: [Google Update] => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-05-27] (Google Inc.)
HKU\S-1-5-21-961389813-253083461-155772885-1006\...\Run: [Google+ Auto Backup] => C:\Users\Naďa\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
HKU\S-1-5-21-961389813-253083461-155772885-1007\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-961389813-253083461-155772885-1007\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-961389813-253083461-155772885-1007\...\Run: [Facebook Update] => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-12] (Facebook Inc.)
HKU\S-1-5-21-961389813-253083461-155772885-1007\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-961389813-253083461-155772885-501\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-961389813-253083461-155772885-501\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Guest\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [175880 2015-05-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [154256 2015-05-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-961389813-253083461-155772885-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-961389813-253083461-155772885-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-961389813-253083461-155772885-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1006\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1007\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKU\S-1-5-21-961389813-253083461-155772885-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-961389813-253083461-155772885-1007\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-1007\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKU\S-1-5-21-961389813-253083461-155772885-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKU\S-1-5-21-961389813-253083461-155772885-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-961389813-253083461-155772885-501\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: HKU\S-1-5-21-961389813-253083461-155772885-1007 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {1BE630CE-9BCD-4B07-AE7E-73647AACA5DF} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3A2FCEDF-247B-4276-BAA1-6712933D673A} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {41AE30E4-B0A2-434F-B214-7F955C96EB13} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {77A6BF2B-9129-4154-8E0D-35B02579126C} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {F49DF58E-31CF-491E-93DE-8A250472063D} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-17] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-17] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [2013-11-25] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-10-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes)
FF Plugin HKU\S-1-5-21-961389813-253083461-155772885-1007: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Michal\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-15]
CHR Extension: (Google Docs) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-15]
CHR Extension: (Google Drive) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-15]
CHR Extension: (YouTube) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-15]
CHR Extension: (Google Search) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-15]
CHR Extension: (Google Sheets) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-15]
CHR Extension: (Yulia Brodskaya) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2015-06-15]
CHR Extension: (Gmail) - C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.5.4.crx [2013-04-23]
CHR HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.3.1.crx [2013-04-23]
CHR HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.2.2.crx [2013-04-23]
CHR HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\Partner-1.1.0.crx [2013-04-23]
CHR HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.5.4.crx [2013-06-27]
CHR HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.3.1.crx [2013-06-27]
CHR HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.2.2.crx [2013-06-27]
CHR HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\Partner-1.1.0.crx [2013-06-27]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-06-02] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-27] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-06-02] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bpenum; C:\Windows\system32\DRIVERS\bpenum.sys [84480 2012-07-03] (Intel Corporation) [File not signed]
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-02] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-06-02] (Intel Corporation)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R3 Ntfs; C:\Windows\SysWow64\Drivers\Ntfs.sys [1934056 2013-01-10] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065344 2015-06-02] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

vašekp · Příspěvekod **vašekp** » 17 čer 2015 23:33

2015-06-17 23:24 - 2015-06-17 23:24 - 00026564 _____ C:\Users\Vašek\Desktop\FRST.txt
2015-06-17 23:23 - 2015-06-17 23:24 - 00000000 ____D C:\FRST
2015-06-17 23:23 - 2015-06-17 23:23 - 02109952 _____ (Farbar) C:\Users\Vašek\Desktop\FRST64.exe
2015-06-17 23:21 - 2015-06-17 23:21 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-06-17 23:21 - 2015-06-17 23:21 - 00000000 ____D C:\ProgramData\Oracle
2015-06-17 23:21 - 2015-06-17 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-17 23:20 - 2015-06-17 23:20 - 43189344 _____ (Oracle Corporation) C:\Users\Vašek\Downloads\jre-8u45-windows-x64 (1).exe
2015-06-17 23:20 - 2015-06-17 23:20 - 00000000 ____D C:\Program Files\Java
2015-06-17 23:17 - 2015-06-17 23:18 - 43189344 _____ (Oracle Corporation) C:\Users\Vašek\Downloads\jre-8u45-windows-x64.exe
2015-06-17 23:15 - 2015-06-17 23:15 - 00000000 ____D C:\Users\Vašek\Desktop\backups
2015-06-15 23:11 - 2015-06-17 23:11 - 00001341 _____ C:\WINDOWS\setupact.log
2015-06-15 23:11 - 2015-06-15 23:11 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-15 19:00 - 2015-06-15 19:00 - 00009887 _____ C:\Users\Vašek\Desktop\hijackthis.log
2015-06-15 18:52 - 2015-06-15 18:36 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-15 18:36 - 2015-06-15 18:56 - 00018736 _____ C:\zoek-results.log
2015-06-15 18:35 - 2015-06-15 18:51 - 00000000 ____D C:\zoek_backup
2015-06-15 18:34 - 2015-06-15 18:34 - 01308672 _____ C:\Users\Vašek\Desktop\zoek.exe
2015-06-15 18:19 - 2015-06-15 18:19 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-06-15 16:47 - 2015-06-15 21:36 - 00000000 ____D C:\Users\Naďa\AppData\Local\Adobe
2015-06-15 05:55 - 2015-06-15 06:16 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-15 05:55 - 2015-06-15 05:55 - 21426424 _____ C:\Users\Vašek\Desktop\RogueKillerX64.exe
2015-06-14 23:44 - 2015-06-14 23:44 - 00001155 _____ C:\Users\Vašek\Desktop\mbamslozkazaznamu.txt
2015-06-14 22:59 - 2015-06-14 22:59 - 00027648 _____ C:\Users\Naďa\Downloads\vúčtování červen 2015.xls
2015-06-14 21:22 - 2015-06-14 21:22 - 00000000 ____D C:\WINDOWS\SysWOW64\X86
2015-06-14 21:22 - 2015-06-14 21:22 - 00000000 ____D C:\WINDOWS\SysWOW64\AMD64
2015-06-14 21:20 - 2015-06-14 21:21 - 00000000 ____D C:\ProgramData\2436190127177482169
2015-06-14 20:43 - 2015-06-14 20:43 - 00002860 _____ C:\Users\Vašek\Desktop\JRT.txt
2015-06-14 20:41 - 2015-06-14 20:41 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-IDEA-PC-Windows-8.1-(64-bit).dat
2015-06-14 20:41 - 2015-06-14 20:41 - 00000000 ____D C:\RegBackup
2015-06-14 20:37 - 2015-06-14 20:37 - 02944147 _____ (Thisisu) C:\Users\Vašek\Desktop\JRT (1).exe
2015-06-14 20:36 - 2015-06-14 20:36 - 02944147 _____ (Thisisu) C:\Users\Vašek\Downloads\JRT.exe
2015-06-14 19:42 - 2015-06-14 19:42 - 00002116 _____ C:\tralala.txt
2015-06-14 14:51 - 2015-06-14 23:05 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-14 14:50 - 2015-06-14 14:50 - 00001137 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-14 14:50 - 2015-06-14 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-14 14:49 - 2015-06-14 14:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-14 14:49 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-14 14:49 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-14 14:49 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-14 14:48 - 2015-06-14 14:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Vašek\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-14 14:46 - 2015-06-14 14:46 - 00000000 ____D C:\Users\Vašek\AppData\Local\Adobe
2015-06-14 14:28 - 2015-06-14 14:29 - 02231296 _____ C:\Users\Vašek\Desktop\adwcleaner_4.206.exe
2015-06-14 14:19 - 2015-06-14 14:19 - 00050688 _____ (Atribune.org) C:\Users\Vašek\Desktop\ATF-Cleaner (1).exe
2015-06-14 00:27 - 2015-06-14 00:27 - 00448512 _____ (OldTimer Tools) C:\Users\Vašek\Desktop\TFC (1).exe
2015-06-14 00:21 - 2015-06-14 00:22 - 00050688 _____ (Atribune.org) C:\Users\Vašek\Desktop\ATF-Cleaner.exe
2015-06-14 00:06 - 2015-06-17 23:12 - 00634327 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-13 11:58 - 2015-06-13 11:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\Vašek\Downloads\hijackthis.exe
2015-06-13 11:58 - 2015-06-13 11:58 - 00010590 _____ C:\Users\Vašek\Desktop\hijackthis0
2015-06-13 11:27 - 2015-06-13 11:27 - 00057710 _____ C:\Users\Vašek\Documents\cc_20150613_112659.reg
2015-06-13 11:27 - 2015-06-13 11:27 - 00001806 _____ C:\Users\Vašek\Documents\cc_20150613_112720.reg
2015-06-13 11:23 - 2015-06-13 11:28 - 00000000 ____D C:\Program Files\CCleaner
2015-06-13 11:23 - 2015-06-13 11:23 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-13 11:23 - 2015-06-13 11:23 - 00000847 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-13 11:23 - 2015-06-13 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-13 11:20 - 2015-06-13 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
2015-06-13 11:20 - 2015-06-13 11:20 - 00000000 ____D C:\Program Files (x86)\ToniArts
2015-06-13 11:19 - 2015-06-13 11:19 - 10152493 _____ C:\Users\Vašek\Desktop\EClea2_0.exe
2015-06-11 19:38 - 2015-06-11 19:38 - 00000000 ____D C:\Users\Vašek\AppData\Local\M-Photo_Ltd
2015-06-11 06:04 - 2015-06-03 18:18 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-11 06:04 - 2015-06-03 18:18 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 23:08 - 2015-06-10 23:09 - 30268242 _____ C:\Users\Naďa\Downloads\Dáda-Patrasová----Školička-s-Dádou-(1CD).rar
2015-06-10 07:14 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 07:14 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 07:14 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 07:14 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 07:14 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 07:14 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 07:14 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 07:14 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 07:14 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 07:14 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 07:14 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 07:14 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 07:14 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 07:14 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 07:14 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 07:14 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 07:14 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 07:14 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 07:14 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 07:14 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 07:14 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 07:14 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 07:14 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 07:14 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 07:14 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 07:13 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 07:13 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 07:13 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 07:13 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 07:13 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 07:13 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 07:13 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 07:13 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 07:13 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 07:13 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 07:13 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 07:13 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 07:13 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 07:13 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 07:13 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 07:13 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 07:13 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 07:13 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 07:13 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 07:13 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 07:13 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 07:13 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 07:13 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 07:13 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 07:13 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 22:26 - 2015-06-09 22:26 - 00177629 _____ C:\Users\Vašek\Downloads\watch.htm
2015-06-09 17:16 - 2015-06-09 17:16 - 00002327 _____ C:\Users\Vašek\Documents\Report.html
2015-06-09 07:32 - 2015-06-09 07:32 - 00000000 ____D C:\Users\Packages
2015-06-07 23:33 - 2015-06-07 23:33 - 05025792 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2015-06-07 18:12 - 2015-06-07 18:12 - 00001193 _____ C:\Users\Naďa\Downloads\DNEDP4-6252231766-20150607-181114-pracovni.xml
2015-06-04 19:28 - 2015-06-04 19:28 - 03682304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 02223104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00133288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-04 19:28 - 2015-06-04 19:28 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-04 19:28 - 2015-06-04 19:28 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-04 19:28 - 2015-06-04 19:28 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-04 19:28 - 2015-06-04 19:28 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-04 19:27 - 2015-06-04 19:27 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-04 19:27 - 2015-06-04 19:27 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-04 19:27 - 2015-06-04 19:27 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-04 19:27 - 2015-06-04 19:27 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-04 19:27 - 2015-06-04 19:27 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-04 19:27 - 2015-06-04 19:27 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-04 19:26 - 2015-06-04 19:26 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-04 19:26 - 2015-06-04 19:26 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-04 19:26 - 2015-06-04 19:26 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-04 19:26 - 2015-06-04 19:26 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-04 19:26 - 2015-06-04 19:26 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-04 19:26 - 2015-06-04 19:26 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-06-04 19:25 - 2015-06-04 19:25 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-04 19:25 - 2015-06-04 19:25 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-06-04 19:25 - 2015-06-04 19:25 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-06-04 19:25 - 2015-06-04 19:25 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-06-04 19:25 - 2015-06-04 19:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-06-04 19:25 - 2015-06-04 19:25 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-06-04 19:25 - 2015-06-04 19:25 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-06-04 19:25 - 2015-06-04 19:25 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-06-04 19:25 - 2015-06-04 19:25 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-06-04 19:25 - 2015-06-04 19:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-06-04 19:21 - 2015-06-04 19:21 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-06-04 19:21 - 2015-06-04 19:21 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-04 19:21 - 2015-06-04 19:21 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-06-04 19:21 - 2015-06-04 19:21 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-06-04 19:09 - 2015-06-04 19:09 - 77721600 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-06-04 19:09 - 2015-06-04 19:09 - 01019904 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2015-06-04 19:09 - 2015-06-04 19:09 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iobit
2015-06-04 19:09 - 2015-06-04 19:09 - 00036864 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2015-06-04 16:52 - 2015-06-04 16:52 - 00000000 ____D C:\Users\Michal\AppData\Local\Lenovo
2015-06-04 16:46 - 2015-06-04 16:46 - 00000000 ____D C:\Users\Michal\AppData\Roaming\ProductData
2015-06-04 16:45 - 2015-06-04 16:46 - 00000000 ____D C:\Users\Michal\AppData\Roaming\IObit
2015-06-03 18:19 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-06-03 18:19 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-06-03 17:44 - 2015-06-03 17:44 - 00000000 ____D C:\Users\Vašek\AppData\Local\GWX
2015-06-03 06:27 - 2015-06-04 07:18 - 00000000 ____D C:\Users\Naďa\AppData\Roaming\ProductData
2015-06-03 06:24 - 2015-06-04 07:19 - 00000000 ____D C:\Users\Naďa\AppData\Roaming\IObit
2015-06-02 23:57 - 2015-06-02 23:57 - 02251992 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2015-06-02 23:57 - 2015-06-02 23:57 - 00185600 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2015-06-02 23:57 - 2015-06-02 23:57 - 00170712 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2015-06-02 23:57 - 2015-06-02 23:57 - 00129312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2015-06-02 23:57 - 2015-06-02 23:57 - 00069978 _____ C:\WINDOWS\system32\Drivers\BCM20702A1_001.002.014.1443.1485.hex
2015-06-02 23:56 - 2015-06-02 23:56 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-06-02 23:56 - 2015-06-02 23:56 - 00332504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys
2015-06-02 23:55 - 2015-06-02 23:55 - 01078272 _____ C:\WINDOWS\system32\331prx64.ax
2015-06-02 23:55 - 2015-06-02 23:55 - 01065344 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vm331avs.sys
2015-06-02 23:55 - 2015-06-02 23:55 - 00667648 _____ C:\WINDOWS\SysWOW64\vmprp331.ax
2015-06-02 23:55 - 2015-06-02 23:55 - 00358912 _____ (Vimicro Corporation) C:\WINDOWS\system32\VmCoinst.dll
2015-06-02 23:55 - 2015-06-02 23:55 - 00001988 _____ C:\WINDOWS\vm331Rmv.ini
2015-06-02 23:55 - 2015-06-02 23:55 - 00001988 _____ C:\WINDOWS\SysWOW64\vm331Rmv.ini
2015-06-02 23:55 - 2015-06-02 23:55 - 00000356 _____ C:\WINDOWS\system\vm331avs.rsf
2015-06-02 23:55 - 2015-06-02 23:55 - 00000000 ____D C:\Program Files (x86)\USB Camera
2015-06-02 23:48 - 2015-06-02 23:48 - 00130248 _____ (Qualcomm Atheros Co., Ltd.) C:\WINDOWS\system32\Drivers\L1C63x64.sys
2015-06-02 23:42 - 2015-06-02 23:42 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-06-02 23:42 - 2015-06-02 23:42 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-06-02 23:42 - 2015-06-02 23:42 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\Apple Computer
2015-06-02 23:41 - 2015-06-11 19:28 - 00000000 ____D C:\Program Files (x86)\IObit
2015-06-02 23:41 - 2015-06-08 16:41 - 00000000 ____D C:\ProgramData\IObit
2015-06-02 23:41 - 2015-06-04 19:00 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-06-02 23:41 - 2015-06-03 18:18 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\IObit
2015-06-02 23:39 - 2015-06-02 23:40 - 51738608 _____ C:\Users\Vašek\Desktop\asc-setup.exe
2015-06-02 23:35 - 2015-06-02 23:36 - 00008118 _____ C:\Users\Vašek\Documents\cc_20150602_233555.reg
2015-06-02 22:41 - 2015-06-02 22:41 - 00026070 _____ C:\Users\Naďa\Documents\kačenky.htm
2015-06-02 22:41 - 2015-06-02 22:41 - 00026009 _____ C:\Users\Naďa\Documents\rabnik.htm
2015-06-02 22:38 - 2015-06-02 22:38 - 00026264 _____ C:\Users\Naďa\Documents\čáp.htm
2015-06-02 22:34 - 2015-06-02 22:34 - 00026137 _____ C:\Users\Naďa\Documents\vývoj žáby.htm
2015-06-02 22:32 - 2015-06-02 22:32 - 00026686 _____ C:\Users\Naďa\Documents\žába-čísla.htm
2015-06-02 22:31 - 2015-06-02 22:31 - 00026055 _____ C:\Users\Naďa\Documents\krtek a žába.htm
2015-06-02 22:06 - 2015-06-02 22:06 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-02 22:06 - 2015-06-02 22:06 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-02 18:32 - 2015-05-28 09:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-02 18:32 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-02 18:32 - 2015-05-28 09:04 - 00031560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-06-02 18:32 - 2015-05-28 09:04 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-06-02 17:33 - 2015-06-02 17:33 - 00000000 ____D C:\Users\Vašek\Documents\Poznámkové bloky aplikace OneNote
2015-06-02 17:12 - 2015-06-02 17:12 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-02 17:12 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-02 17:12 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-06-01 19:04 - 2015-06-01 19:04 - 00000000 ____D C:\Users\Naďa\AppData\Local\GWX
2015-05-31 23:41 - 2015-05-31 23:41 - 39787056 _____ (Lenovo Group Limited ) C:\Users\Vašek\Desktop\lwlan200w81.exe
2015-05-28 18:35 - 2015-05-28 18:35 - 00006711 _____ C:\Users\Vašek\Documents\DODATEK KE SMLOUVĚ O UŽÍVÁNÍ BYT1.odt
2015-05-28 18:32 - 2015-05-28 18:32 - 00006712 _____ C:\Users\Vašek\Documents\DODATEK KE SMLOUVĚ O UŽÍVÁNÍ BYTU.odt
2015-05-28 18:29 - 2015-05-28 18:29 - 00016801 _____ C:\Users\Vašek\Desktop\Dodatek_byt_Hrušňová.odt
2015-05-28 17:50 - 2015-05-28 17:50 - 39787056 _____ (Lenovo Group Limited ) C:\Users\Vašek\Desktop\lwlan200w81 (2).exe
2015-05-28 17:42 - 2015-05-28 17:42 - 39787056 _____ (Lenovo Group Limited ) C:\Users\Vašek\Downloads\lwlan200w81 (1).exe
2015-05-28 17:06 - 2015-05-28 17:07 - 39787056 _____ (Lenovo Group Limited ) C:\Users\Vašek\Downloads\lwlan200w81.exe
2015-05-28 16:46 - 2015-05-28 16:47 - 46794408 _____ (Lenovo Group Limited ) C:\Users\Vašek\Downloads\wimax200w81.exe
2015-05-27 22:15 - 2015-06-17 07:26 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA.job
2015-05-27 22:15 - 2015-06-16 22:26 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core.job
2015-05-27 22:15 - 2015-05-27 22:21 - 00003918 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA
2015-05-27 22:15 - 2015-05-27 22:21 - 00003538 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core
2015-05-27 22:15 - 2015-05-27 22:15 - 00000000 ____D C:\Users\Naďa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2015-05-25 22:31 - 2015-05-25 22:31 - 00001082 _____ C:\Users\Naďa\Desktop\výlet.htm
2015-05-25 16:59 - 2015-05-25 16:59 - 00200375 _____ C:\Users\Vašek\Downloads\wifi_profile_manager (1).exe
2015-05-25 16:53 - 2015-05-25 16:53 - 00200375 _____ C:\Users\Vašek\Downloads\wifi_profile_manager.exe
2015-05-25 16:49 - 2015-05-25 16:50 - 00204956 _____ C:\Users\Vašek\Downloads\wifi-profile-manager-wifi-profile-deleter.exe
2015-05-25 16:31 - 2015-05-25 16:31 - 00051543 _____ C:\Users\Vašek\Downloads\WFPM8.zip
2015-05-25 16:28 - 2015-05-25 16:28 - 02202092 _____ (LizardSystems ) C:\Users\Vašek\Downloads\wifiscanner_setup (1).exe
2015-05-19 16:02 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 16:02 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-17 23:10 - 2012-10-26 19:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-06-17 23:03 - 2014-11-16 16:02 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5416366C-BC73-4AE1-B368-00D91000D1C6}
2015-06-17 23:00 - 2015-01-31 12:19 - 00080038 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-06-17 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-17 06:31 - 2013-04-20 16:31 - 00000000 ____D C:\Users\Naďa\AppData\Roaming\Seznam.cz
2015-06-17 06:26 - 2014-11-07 08:20 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EDC8B1AE-F140-42EA-8B30-E36439B2DE2A}
2015-06-16 22:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-16 19:54 - 2013-04-20 20:11 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-961389813-253083461-155772885-1006
2015-06-15 18:55 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-15 06:08 - 2012-12-27 22:04 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-961389813-253083461-155772885-1003
2015-06-14 23:45 - 2015-01-03 09:57 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-14 22:58 - 2015-05-12 22:34 - 00027648 _____ C:\Users\Naďa\Downloads\vúčtování květen.xls
2015-06-14 21:22 - 2014-11-07 08:14 - 00001737 _____ C:\Users\Naďa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-14 21:22 - 2013-04-23 17:48 - 00002510 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-14 20:30 - 2013-12-08 14:20 - 00000000 ____D C:\AdwCleaner
2015-06-14 14:50 - 2013-12-07 21:44 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\Malwarebytes
2015-06-14 14:50 - 2013-12-07 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-14 00:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 11:20 - 2012-10-26 18:44 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-13 11:07 - 2014-12-07 09:59 - 00000000 ____D C:\Akrem
2015-06-13 10:25 - 2014-11-07 01:21 - 00000000 ____D C:\Users\Vašek
2015-06-12 22:36 - 2014-11-07 01:21 - 00000000 ____D C:\Users\Naďa
2015-06-12 10:37 - 2014-12-23 23:55 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-12 10:37 - 2014-09-24 21:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-12 10:37 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-12 06:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 19:49 - 2014-11-16 11:19 - 00000000 __SHD C:\Users\Naďa\AppData\Local\EmieBrowserModeList
2015-06-11 19:49 - 2014-11-07 08:20 - 00000000 __SHD C:\Users\Naďa\AppData\Local\EmieUserList
2015-06-11 19:49 - 2014-11-07 08:20 - 00000000 __SHD C:\Users\Naďa\AppData\Local\EmieSiteList
2015-06-11 19:23 - 2013-09-24 23:15 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-06-11 19:23 - 2013-09-24 23:15 - 00000000 ____D C:\Program Files (x86)\Hry.cz
2015-06-11 19:22 - 2012-10-26 18:59 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-06-11 19:20 - 2013-04-23 17:00 - 00000000 ____D C:\ProgramData\Skype
2015-06-11 19:17 - 2012-10-26 18:44 - 00000000 ____D C:\Program Files\Intel
2015-06-11 19:14 - 2013-03-27 00:05 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-06-11 06:02 - 2013-08-22 16:44 - 05088600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-11 05:59 - 2013-12-09 22:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 05:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 05:47 - 2013-04-06 16:26 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 22:53 - 2013-04-20 16:30 - 00000000 ____D C:\Users\Naďa\AppData\Roaming\Adobe
2015-06-10 05:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-09 22:43 - 2014-09-24 18:23 - 00338274 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-09 22:43 - 2014-09-24 17:39 - 07304606 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-09 22:43 - 2014-09-24 17:39 - 02266080 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-09 22:40 - 2014-02-17 17:00 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\vlc
2015-06-08 16:41 - 2013-03-25 20:37 - 00000000 ____D C:\Users\Vašek\AppData\Roaming\uTorrent
2015-06-07 18:54 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-04 23:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-06-04 23:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-06-04 19:00 - 2014-11-07 01:21 - 00000000 ____D C:\Users\Michal
2015-06-04 17:08 - 2013-04-23 16:33 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-961389813-253083461-155772885-1007
2015-06-04 16:51 - 2014-11-17 08:57 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{554416A6-780E-4B57-A8C4-7D8E1DB7FD69}
2015-06-04 16:51 - 2013-04-23 15:56 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Seznam.cz
2015-06-02 23:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\System
2015-06-02 23:51 - 2014-11-07 01:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-02 18:37 - 2014-11-07 01:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-02 18:37 - 2012-10-26 18:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-02 17:13 - 2015-01-23 19:52 - 00001400 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-28 18:39 - 2013-04-20 14:15 - 00000000 ____D C:\Users\Vašek\AppData\Local\Microsoft Help
2015-05-28 09:04 - 2015-01-23 19:45 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2015-01-23 19:45 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-28 09:04 - 2013-12-26 20:42 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-05-28 09:04 - 2013-12-26 20:42 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-05-28 09:04 - 2013-12-26 20:42 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-05-28 09:04 - 2013-12-26 20:42 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 01059472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 06:15 - 2012-10-26 18:50 - 00579400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-28 06:15 - 2012-10-26 18:50 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-27 22:15 - 2013-04-20 20:05 - 00000000 ____D C:\Users\Naďa\AppData\Local\Google
2015-05-27 12:48 - 2012-10-26 18:50 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-25 16:30 - 2012-10-26 19:12 - 00000000 ____D C:\ProgramData\Temp
2015-05-24 12:52 - 2015-04-05 19:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-24 12:52 - 2015-04-05 19:55 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-23 03:47 - 2015-01-23 19:52 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-01-23 19:52 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-01-23 19:52 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-01-23 19:52 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-22 16:00 - 2015-05-16 08:21 - 00000000 ____D C:\Users\Naďa\AppData\Local\Lenovo
2015-05-21 17:32 - 2015-05-15 21:47 - 00000000 ____D C:\Users\Vašek\AppData\Local\Lenovo
2015-05-19 16:05 - 2014-11-07 01:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories =======

2015-05-15 20:26 - 2015-05-15 20:26 - 0000017 _____ () C:\Users\Vašek\AppData\Local\resmon.resmoncfg
2012-10-26 18:55 - 2012-10-26 18:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-10-10 16:49 - 2013-10-10 16:56 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-15 19:15

==================== End of log ============================

vašekp · Příspěvekod **vašekp** » 17 čer 2015 23:34

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Vašek at 2015-06-17 23:25:55
Running from C:\Users\Vašek\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-961389813-253083461-155772885-500 - Administrator - Disabled)
Guest (S-1-5-21-961389813-253083461-155772885-501 - Limited - Enabled) => C:\Users\Guest
Jan (S-1-5-21-961389813-253083461-155772885-1002 - Limited - Enabled) => C:\Users\Jan
Michal (S-1-5-21-961389813-253083461-155772885-1007 - Administrator - Enabled) => C:\Users\Michal
Naďa (S-1-5-21-961389813-253083461-155772885-1006 - Administrator - Enabled) => C:\Users\Naďa
Vašek (S-1-5-21-961389813-253083461-155772885-1003 - Administrator - Enabled) => C:\Users\Vašek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
AIM-Spice (Student Version) (HKLM-x32\...\{9B05BD09-47D0-4857-BCFB-3E00F7EEB3FE}) (Version: 5.0 - AIM-Software)
Aktualizace NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Ask Toolbar Updater (HKU\S-1-5-21-961389813-253083461-155772885-1007\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-961389813-253083461-155772885-501\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.3.3 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Samsung SCX-3400 Series XPS (Windows

(HKLM-x32\...\Samsung SCX-3400 Series XPS (Windows

) (Version: 3.03.06.00:05 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-961389813-253083461-155772885-1003\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-961389813-253083461-155772885-1007\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-961389813-253083461-155772885-501\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

04-06-2015 18:55:29 Revo Uninstaller's restore point - Advanced SystemCare 8
08-06-2015 16:24:03 Revo Uninstaller's restore point - Advanced SystemCare 8
11-06-2015 19:05:20 Revo Uninstaller's restore point - DAEMON Tools Lite
13-06-2015 11:20:13 Installed EasyCleaner
15-06-2015 18:36:50 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-15 18:37 - 2015-06-15 18:37 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03EC5A57-4895-4789-8788-88A51FBEF788} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {09C87287-2EE9-407B-83E5-FDE08DB27BA8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {0B1C9D68-D48C-48CC-AAF5-7DE0C005DD8B} - System32\Tasks\{C844C23E-C9C1-42F7-BB88-82C697042D4D} => Chrome.exe http://www.skype.com/go/downloading?sou ... rror=12002
Task: {0B752BA5-9059-4568-9AE1-1B0C6C5DE4FD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {0BE70B72-A3DD-40F0-AA9A-B83E5861A8E2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {107FF043-5EE1-46D0-8693-E53019EEA929} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {13BCB89F-4CBC-4840-9A69-97183671C2D6} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {41981E0E-8173-4817-BD31-AF4E5927D204} - System32\Tasks\{46D49EF7-6E31-4B1E-A767-2A9BE2354BE3} => Chrome.exe http://www.skype.com/go/downloading?sou ... rror=12002
Task: {45947728-050F-4AC5-B6AF-F08B489F5341} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {5027E711-1C59-4AD1-B1A4-FDDBA2D3379E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-06] (Lenovo)
Task: {5F64BBBD-FAA7-449F-A548-5D37310281F2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {6C212A73-534E-48D9-A97F-30FC6156EDBF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {6CE878CB-5B8A-4D0F-AC34-693AA9146C89} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {806FB729-70FA-4BE5-B2BD-4F7BA63812AB} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {904A0C63-82CB-4E12-914C-838FDACF2ABE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: {96E56161-9242-4ABA-ACA2-79570E43C382} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {9D733D79-4D13-4E10-9126-96763237005E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A3945AD2-1111-4BD1-88F9-F6434FF5F245} - \Driver Booster SkipUAC (Vašek) No Task File <==== ATTENTION
Task: {AC3168A5-55B2-408F-BD61-9619EDCE952B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {B16AE427-E297-4EEF-8343-A9A2AF1A2B8B} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {BEA960D3-BB82-480B-9714-351010EE8F71} - \SlimDrivers Startup No Task File <==== ATTENTION
Task: {C422337F-5288-44AD-9432-A57EF323233E} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {C7AF2145-815F-42BD-8550-15B2EF6D57F6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {D1089B90-6BDB-4F44-AA7A-45CF6364C6F9} - System32\Tasks\AdobeAAMUpdater-1.0-idea-PC-Naďa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-03-23] (Adobe Systems Incorporated)
Task: {DC004324-EC7A-4F58-94C2-73AB21A77EB5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {E152AE14-6CF4-4121-A98A-40BBFA0D9ABE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {E982D151-0CCE-4187-89E0-2AA21C2A4B72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core.job => C:\Users\Naa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA.job => C:\Users\Naa\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-27 00:48 - 2012-08-27 00:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2013-12-26 20:42 - 2015-05-28 09:04 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-10-26 18:50 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-06-13 11:28 - 2015-06-13 11:28 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-06-24 17:07 - 2014-06-24 17:07 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-19 15:38 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:088B37DC
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432
AlternateDataStreams: C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-961389813-253083461-155772885-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-961389813-253083461-155772885-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-961389813-253083461-155772885-1007\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
HKU\S-1-5-21-961389813-253083461-155772885-501\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F0B02385-2EBA-43CA-A61E-26D2B6D5B246}] => (Allow) C:\Users\Vašek\Downloads\solutoinstaller-_wLn51MtEx3g.exe
FirewallRules: [{A0757A85-3018-4BA5-864B-7EF3197D13CC}] => (Allow) C:\Users\Vašek\Downloads\solutoinstaller-_wLn51MtEx3g.exe
FirewallRules: [{9D4EEBBB-EA0B-431D-9C6A-5DDD48D3F3D8}] => (Allow) C:\Users\Michal\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [UDP Query User{4F025743-18B6-4866-9AFB-A235C0E4F664}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{A6D2DFF6-D8EB-415E-9AB5-E66E51A05833}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{A088E531-F4F7-4A29-90CD-53E13BB743E3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F7E9EC95-8326-4CBA-A061-B7D599F49195}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E4EA25C6-F9E1-4861-9487-B0A85460A77B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{39212AE8-3665-497E-9AFF-2E596E4BC546}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C1995280-1D51-4687-8011-030914F6971F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D79C1691-FB0B-43AA-AE0D-A31168403DF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4EB414C6-E948-4940-8093-5A535491308A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D0E264D-A2E2-4953-A63F-1FA1F9361931}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7FDEF961-FC0C-4BCD-B2CA-A9C6424381A7}E:\wr842nd\easysetupassistant\easysetupassistant.exe] => (Allow) E:\wr842nd\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{73B6A2B8-5DE4-422C-9764-183E76510A26}E:\wr842nd\easysetupassistant\easysetupassistant.exe] => (Allow) E:\wr842nd\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{7F4344EF-2519-4B4C-BC90-6C68E28264B7}E:\easysetupassistant\wr842n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr842n\easysetupassistant.exe
FirewallRules: [UDP Query User{BEE286F5-D6B3-4D38-9E57-B099A2514F88}E:\easysetupassistant\wr842n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr842n\easysetupassistant.exe
FirewallRules: [TCP Query User{C206B030-E743-4463-BE20-3EAC2E26EC0E}E:\wr842nd\easysetupassistant\easysetupassistant.exe] => (Allow) E:\wr842nd\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{81271EBB-89A8-4076-879E-32B6AB3D23BB}E:\wr842nd\easysetupassistant\easysetupassistant.exe] => (Allow) E:\wr842nd\easysetupassistant\easysetupassistant.exe
FirewallRules: [{7055E2BE-DE05-46A5-A045-EE95CE164B8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2015 11:26:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/16/2015 10:27:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (06/15/2015 06:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CxAudMsg64.exe, verze: 1.6.0.0, časové razítko: 0x4fd1c0c1
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17736, časové razítko: 0x550f4336
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f0f20
ID chybujícího procesu: 0x634
Čas spuštění chybující aplikace: 0xCxAudMsg64.exe0
Cesta k chybující aplikaci: CxAudMsg64.exe1
Cesta k chybujícímu modulu: CxAudMsg64.exe2
ID zprávy: CxAudMsg64.exe3
Úplný název chybujícího balíčku: CxAudMsg64.exe4
ID aplikace související s chybujícím balíčkem: CxAudMsg64.exe5

Error: (06/15/2015 05:30:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/15/2015 05:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CxAudMsg64.exe, verze: 1.6.0.0, časové razítko: 0x4fd1c0c1
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17736, časové razítko: 0x550f4336
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f0f20
ID chybujícího procesu: 0x74c
Čas spuštění chybující aplikace: 0xCxAudMsg64.exe0
Cesta k chybující aplikaci: CxAudMsg64.exe1
Cesta k chybujícímu modulu: CxAudMsg64.exe2
ID zprávy: CxAudMsg64.exe3
Úplný název chybujícího balíčku: CxAudMsg64.exe4
ID aplikace související s chybujícím balíčkem: CxAudMsg64.exe5

Error: (06/14/2015 08:32:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CxAudMsg64.exe, verze: 1.6.0.0, časové razítko: 0x4fd1c0c1
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17736, časové razítko: 0x550f4336
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f0f20
ID chybujícího procesu: 0x6d8
Čas spuštění chybující aplikace: 0xCxAudMsg64.exe0
Cesta k chybující aplikaci: CxAudMsg64.exe1
Cesta k chybujícímu modulu: CxAudMsg64.exe2
ID zprávy: CxAudMsg64.exe3
Úplný název chybujícího balíčku: CxAudMsg64.exe4
ID aplikace související s chybujícím balíčkem: CxAudMsg64.exe5

Error: (06/14/2015 06:41:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NotificationsViewHost.exe verze 1.6.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1468

Čas spuštění: 01d0a6afa6b40e25

Čas ukončení: 704

Cesta k aplikaci: C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe

ID hlášení: 2ace38c1-12b4-11e5-8022-b888e392ff4f

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (06/14/2015 02:34:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci E046963F.LenovoSupport_k1h2ywk1493x8!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/14/2015 02:34:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci E046963F.LenovoSupport_k1h2ywk1493x8!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/14/2015 02:25:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CxAudMsg64.exe, verze: 1.6.0.0, časové razítko: 0x4fd1c0c1
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17736, časové razítko: 0x550f4336
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f0f20
ID chybujícího procesu: 0x684
Čas spuštění chybující aplikace: 0xCxAudMsg64.exe0
Cesta k chybující aplikaci: CxAudMsg64.exe1
Cesta k chybujícímu modulu: CxAudMsg64.exe2
ID zprávy: CxAudMsg64.exe3
Úplný název chybujícího balíčku: CxAudMsg64.exe4
ID aplikace související s chybujícím balíčkem: CxAudMsg64.exe5

System errors:
=============
Error: (06/16/2015 09:40:17 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/16/2015 09:39:47 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/16/2015 07:55:36 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/16/2015 07:55:05 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/16/2015 05:53:00 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/15/2015 07:15:37 PM) (Source: DCOM) (EventID: 10010) (User: idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/15/2015 06:58:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (06/15/2015 06:57:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/15/2015 06:51:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/15/2015 06:51:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office:
=========================
Error: (06/17/2015 11:26:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/16/2015 10:27:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883

Error: (06/15/2015 06:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f2063401d0a78c2a81f2d2C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SYSTEM32\ntdll.dll798879f3-137f-11e5-8025-b888e392ff4f

Error: (06/15/2015 05:30:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/15/2015 05:48:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f2074c01d0a71e1054b952C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SYSTEM32\ntdll.dll5cc98210-1311-11e5-8024-b888e392ff4f

Error: (06/14/2015 08:32:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f206d801d0a6d067507c11C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SYSTEM32\ntdll.dllbe8205a4-12c3-11e5-8023-b888e392ff4f

Error: (06/14/2015 06:41:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NotificationsViewHost.exe1.6.1.0146801d0a6afa6b40e25704C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe2ace38c1-12b4-11e5-8022-b888e392ff4f

Error: (06/14/2015 02:34:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927142

Error: (06/14/2015 02:34:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927142

Error: (06/14/2015 02:25:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CxAudMsg64.exe1.6.0.04fd1c0c1ntdll.dll6.3.9600.17736550f4336c000037400000000000f0f2068401d0a69d29482871C:\WINDOWS\system32\CxAudMsg64.exeC:\WINDOWS\SYSTEM32\ntdll.dll823ebbe9-1290-11e5-8022-b888e392ff4f

CodeIntegrity Errors:
===================================
Date: 2015-06-15 19:19:07.610
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-15 06:12:11.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-14 20:52:58.088
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-14 14:39:19.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-13 11:45:10.230
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-12 06:25:47.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-08 21:14:21.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-08 06:08:37.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-07 17:30:38.342
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-07 09:37:17.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 32%
Total physical RAM: 3959.77 MB
Available physical RAM: 2685.96 MB
Total Pagefile: 7927.77 MB
Available Pagefile: 6271.25 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:800.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1F865E10)

Partition: GPT Partition Type.

==================== End of log ============================

Příspěvekod **jaro3** » 18 čer 2015 08:34

Odinstaluj:
IObit
Ask Toolbar Updater
Advanced SystemCare 8

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {1BE630CE-9BCD-4B07-AE7E-73647AACA5DF} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3A2FCEDF-247B-4276-BAA1-6712933D673A} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {41AE30E4-B0A2-434F-B214-7F955C96EB13} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {77A6BF2B-9129-4154-8E0D-35B02579126C} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {F49DF58E-31CF-491E-93DE-8A250472063D} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL = 
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
C:\ProgramData\DP45977C.lfl
Task: {0B752BA5-9059-4568-9AE1-1B0C6C5DE4FD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {13BCB89F-4CBC-4840-9A69-97183671C2D6} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {45947728-050F-4AC5-B6AF-F08B489F5341} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {904A0C63-82CB-4E12-914C-838FDACF2ABE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: {A3945AD2-1111-4BD1-88F9-F6434FF5F245} - \Driver Booster SkipUAC (Vašek) No Task File <==== ATTENTION
Task: {B16AE427-E297-4EEF-8343-A9A2AF1A2B8B} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {BEA960D3-BB82-480B-9714-351010EE8F71} - \SlimDrivers Startup No Task File <==== ATTENTION
Task: {E982D151-0CCE-4187-89E0-2AA21C2A4B72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core.job => C:\Users\Na  a\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA.job => C:\Users\Na  a\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:088B37DC
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100sexlinks.com -> 100sexlinks.com

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\WINDOWS\SysWOW64\X86
C:\WINDOWS\SysWOW64\AMD64
C:\ProgramData\2436190127177482169

podívej se , co je v těch označených složkách.

Stáhni si Malwarebytes Anti-Rootkit

Soubor po stažení Spusť a extrahuj na Plochu
Spusť a proveď aktualizaci dle pokynů
Zkontroluj jestli jsou zaškrtnuté všechny 3 možnosti
Klikni na Scan a pokud budou nálezy, všechny označ a klikni na Cleanup, poté nech počítač restartovat
Potom prosím dej log, najdeš ho na Ploše ve složce mbar

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu
, klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

vašekp · Příspěvekod **vašekp** » 18 čer 2015 21:23

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Vašek at 2015-06-18 21:19:42 Run:1
Running from C:\Users\Vašek\Desktop
Loaded Profiles: Vašek (Available Profiles: Jan & Vašek & Naďa & Michal & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1002 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {1BE630CE-9BCD-4B07-AE7E-73647AACA5DF} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3A2FCEDF-247B-4276-BAA1-6712933D673A} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {41AE30E4-B0A2-434F-B214-7F955C96EB13} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {77A6BF2B-9129-4154-8E0D-35B02579126C} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {F49DF58E-31CF-491E-93DE-8A250472063D} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1007 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> DefaultScope {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-501 -> {79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} URL =
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
C:\ProgramData\DP45977C.lfl
Task: {0B752BA5-9059-4568-9AE1-1B0C6C5DE4FD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {13BCB89F-4CBC-4840-9A69-97183671C2D6} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {45947728-050F-4AC5-B6AF-F08B489F5341} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12] (Facebook Inc.)
Task: {904A0C63-82CB-4E12-914C-838FDACF2ABE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: {A3945AD2-1111-4BD1-88F9-F6434FF5F245} - \Driver Booster SkipUAC (Vašek) No Task File <==== ATTENTION
Task: {B16AE427-E297-4EEF-8343-A9A2AF1A2B8B} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {BEA960D3-BB82-480B-9714-351010EE8F71} - \SlimDrivers Startup No Task File <==== ATTENTION
Task: {E982D151-0CCE-4187-89E0-2AA21C2A4B72} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core => C:\Users\Naďa\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core.job => C:\Users\Na a\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA.job => C:\Users\Na a\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:088B37DC
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\100sexlinks.com -> 100sexlinks.com
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-961389813-253083461-155772885-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
HKCR\CLSID\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1BE630CE-9BCD-4B07-AE7E-73647AACA5DF}" => key removed successfully
HKCR\CLSID\{1BE630CE-9BCD-4B07-AE7E-73647AACA5DF} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A2FCEDF-247B-4276-BAA1-6712933D673A}" => key removed successfully
HKCR\CLSID\{3A2FCEDF-247B-4276-BAA1-6712933D673A} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16}" => key removed successfully
HKCR\CLSID\{3D4769E1-52D0-42FA-BEE7-B2D32BF3ED16} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{41AE30E4-B0A2-434F-B214-7F955C96EB13}" => key removed successfully
HKCR\CLSID\{41AE30E4-B0A2-434F-B214-7F955C96EB13} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35}" => key removed successfully
HKCR\CLSID\{72FE2EE2-2E90-4CF3-AAFB-E7F4F7999F35} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77A6BF2B-9129-4154-8E0D-35B02579126C}" => key removed successfully
HKCR\CLSID\{77A6BF2B-9129-4154-8E0D-35B02579126C} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F}" => key removed successfully
HKCR\CLSID\{BD1E3D27-4FB7-4AAE-895F-CC0C414CC50F} => key not found.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F49DF58E-31CF-491E-93DE-8A250472063D}" => key removed successfully
HKCR\CLSID\{F49DF58E-31CF-491E-93DE-8A250472063D} => key not found.
HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-961389813-253083461-155772885-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
HKCR\CLSID\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-961389813-253083461-155772885-501\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
HKCR\CLSID\{79B9D9E1-D2E2-4B34-AA70-B18DF6E1310A} => key not found.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
gupdate => Service not found.
gupdatem => Service not found.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B752BA5-9059-4568-9AE1-1B0C6C5DE4FD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B752BA5-9059-4568-9AE1-1B0C6C5DE4FD}" => key removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{13BCB89F-4CBC-4840-9A69-97183671C2D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13BCB89F-4CBC-4840-9A69-97183671C2D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45947728-050F-4AC5-B6AF-F08B489F5341}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45947728-050F-4AC5-B6AF-F08B489F5341}" => key removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{904A0C63-82CB-4E12-914C-838FDACF2ABE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{904A0C63-82CB-4E12-914C-838FDACF2ABE}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3945AD2-1111-4BD1-88F9-F6434FF5F245}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3945AD2-1111-4BD1-88F9-F6434FF5F245}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Vašek)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B16AE427-E297-4EEF-8343-A9A2AF1A2B8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B16AE427-E297-4EEF-8343-A9A2AF1A2B8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BEA960D3-BB82-480B-9714-351010EE8F71}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEA960D3-BB82-480B-9714-351010EE8F71}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SlimDrivers Startup" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E982D151-0CCE-4187-89E0-2AA21C2A4B72}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E982D151-0CCE-4187-89E0-2AA21C2A4B72}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006Core.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1006UA.job => moved successfully.
C:\ProgramData\Temp => ":088B37DC" ADS removed successfully.
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net" => key removed successfully
"HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-18 21:21:27)<=

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 21:21:27 ====

vašekp · Příspěvekod **vašekp** » 18 čer 2015 21:45

C:\WINDOWS\SysWOW64\X86 prázdné
C:\WINDOWS\SysWOW64\AMD64 prázdné
C:\ProgramData\2436190127177482169 nenašel jsem

Příspěvekod **Orcus** » 19 čer 2015 07:36

OK, ještě dodej zbytek logů.

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online