Prosím o kontrolu logu - pomalý ntb (prováděno poprvé) Vyřešeno

[simio.simsoft]

Dobrý den. Můj notebook už zdaleka nešlape tak, jako když byl nový. Nikdy jsem to moc neřešil, protože jsem na pomalé počítače zvyklý Ale jelikož budu za méně než 2 měsíce upgradovat na Windows 10, chtěl bych mít počítač prostě ve formě. Na mém notebooku jsem tento sken nikdy neprováděl a jsem si vědom toho, že mám v notebooku asi dost bordel, takže se prosím zdržte připomínek Jinak předem díky za ochotu pomáhat, sám bych to asi nedal

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:52:40, on 15.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)


Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Wise\Wise Care 365\WiseTray.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\icacls.exe
C:\Program Files\LG Software\LG Smart Share\Update\SmartShareTray.exe
C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
C:\Program Files\LG Software\LG Smart Share\DMC\Aggregation.exe
C:\Program Files\LG Software\LG Smart Share\DMS\AutoThumb.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pivo\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S7B4E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A98B539-1DB3-4218-A800-24C9BDBD7D6F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{A030ABA6-0274-4734-9610-DA9BC2DB7055}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{2A98B539-1DB3-4218-A800-24C9BDBD7D6F}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{2A98B539-1DB3-4218-A800-24C9BDBD7D6F}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 13744 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[simio.simsoft]

AdwCleaner log

# AdwCleaner v4.206 - Log vytvořen 15/06/2015 v 18:59:38
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-14.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : Pivo - PIVO-PC
# Spuštěno z : C:\Users\Pivo\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Google Chrome v43.0.2357.124

[C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=13.2.0.5&sap=dsp&q={searchTerms}
[C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxps://isearch.avg.com/search?cid={C547DC87-2E30-4531-9E9D-8DDDEA5F3720}&mid=51596ba0226a47d08730d1574dd3593c-6d4b1b837918edba7d3f282f401fe03ee867c1bc&lang=cs&ds=gm011&pr=sa&d=2012-08-22 14:52:23&v=12.2.0.5&sap=dsp&q={searchTerms}
[C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=%5E&apn_uid=A1E65F2E-91D4-4E36-88E5-BD2469A05E86&apn_sauid=221CADE8-2710-4183-B5A8-C7C79FDAF901
[C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [2202 bytů] - [15/06/2015 18:55:01]
AdwCleaner[S0].txt - [2119 bytů] - [15/06/2015 18:59:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2177 bytů] ##########

MBAM log

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.6.2015
Čas skenování: 20:05:36
Protokol: MBAM log.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.15.05
Databáze rootkitů: v2015.06.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Pivo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 329380
Uplynulý čas: 25 min, 6 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.OpenCandy, C:\Users\Pivo\Downloads\FreeFileSync_6.8_Windows_Setup.exe, , [4eb30ab10684ed49a161a1c92bdb01ff],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Orcus]

V Adw jsi neměl mazat, ale nejprve dát log.

- Spusť znovu MbAM a dej Skenovat nyní
- Po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

====================================================

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[simio.simsoft]

Junkware Removal Tool log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.9 (06.16.2015:2)
OS: Windows 7 Professional x86
Ran by Pivo on Łt 16.06.2015 at 21:28:50,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\System32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\Windows\System32\tasks\Driver Booster SkipUAC (Pivo)
Successfully deleted: [Task] C:\Windows\System32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\Windows\System32\tasks\Wise Care 365
Successfully deleted: [Task] C:\Windows\System32\tasks\Wise Care 365 PC Checkup Task
Successfully deleted: [Task] C:\Windows\System32\tasks\Wise Turbo Checker
Successfully deleted: [Task] C:\Windows\tasks\Wise Care 365 PC Checkup Task.job
Successfully deleted: [Task] C:\Windows\tasks\Wise Care 365.job
Successfully deleted: [Task] C:\Windows\tasks\Wise Turbo Checker.job



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] \update~1
Successfully deleted: [Folder] C:\ProgramData\baidu
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Pivo\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\users\public\documents\Baidu



~~~ Chrome


[C:\Users\Pivo\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Pivo\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Pivo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Pivo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 16.06.2015 at 21:34:11,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller log
RogueKiller V10.8.4.0 [Jun 15 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : Pivo [Práva správce]
Started from : C:\Users\Pivo\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 06/16/2015 22:36:47

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ATA TOSHIBA MK2561GS SCSI Disk Device +++++
--- User ---
[MBR] 6f3e269329a1508a6549f60c7242703d
[BSP] 7d81a8c4f37dd98826b6e99c29c839a4 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238472 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! ([32] Po?adavek není podporován. )
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

[jaro3]

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[simio.simsoft]

Předem se moc omlouvám za moji více než týdenní neaktivitu, ale byl jsem mimo domov, bez počítače. Počítač se v té době nepoužíval, takže by to snad vadit nemělo.

ZOEK log

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Pivo on p  26.06.2015 at 10:47:05,55.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pivo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

26.6.2015 10:49:52 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\PROGRA~2\CorelDRAW Home & Student Suite X5 deleted successfully
C:\PROGRA~2\SystemRequirementsLab deleted successfully
C:\PROGRA~2\WarThunder deleted successfully
C:\Users\Pivo\AppData\Roaming\CintaNotes deleted successfully
C:\Users\Pivo\AppData\Roaming\screenrecorder deleted successfully
C:\Users\Pivo\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\Pivo\AppData\Roaming\Video DVD Maker FREE deleted successfully
C:\Users\Pivo\AppData\Roaming\wurst deleted successfully
C:\Users\Pivo\AppData\Local\CrashDumps deleted successfully
C:\Users\Pivo\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\CorelDRAW Home & Student Suite X5 not found
C:\Program Files\Wondershare deleted
C:\Users\Pivo\AppData\Roaming\Battery Meter_Data.ini deleted
C:\Users\Pivo\AppData\Roaming\Battery Meter_Settings.ini deleted
C:\Users\Pivo\AppData\Roaming\ProductData deleted
C:\PROGRA~2\Wondershare Video Editor deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Pivo\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-2149464645-3227392997-1024222133-1000 deleted
C:\Users\Pivo\Downloads\FreeTrimMP3_CNET.exe deleted
C:\Windows\system32\config\systemprofile\Searches deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\Program Files\Common Files\Wondershare" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [26.04.2015 10:22]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19.03.2015 20:01]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Rapport - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
Rammstein - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnlefipdmdafjpinmcbhlhpkabegppc
AddThis - Share & Bookmark (new) - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde
Tampermonkey - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
AdBlock - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Dotekománie.cz - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcankginpidjapmhjmjfgpicjpfhfdop
The Great Suspender - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg
3D Solar System Web - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd
SpeakIt - Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak

==== Chromium Startpages ======================

C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Preferences
dscapeEnabled\":true}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]easypiano.cz,*":{"setting":1},"[*.]www.barrandov.tv,*":{"setting":1},"[*.]www.conrad.cz,*":{"setting":1},"https://[*.]plus.google.com:443,*":{"setting":1},"https://[*.]www.facebook.com:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"http://www.firmy.cz:80,http://www.firmy.cz:80":{"setting":1},"http://www.lan-shop.cz:80,http://www.lan-shop.cz:80":{"setting":1},"http://www.openstreetmap.org:80,http://www.openstreetmap.org:80":{"setting":1},"https://maps.google.cz:443,https://maps.google.cz:443":{"setting":1},"https://www.google.cz:443,https://www.google.cz:443":{"last_used":1434458711.585679,"setting":1},"https://www.here.com:443,https://www.here.com:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{"http://www.midomi.com:80,*":{"setting":1}},"media_stream_mic":{"http://www.midomi.com:80,*":{"setting":1},"https://translate.google.cz:443,*":{"setting":1},"https://www.google.cz:443,*":{"setting":1}},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{"https://mail.google.com:443,*":{"setting":1}},"plugins":{"[*.]h20628.www2.hp.com,*":{"setting":1},"[*.]java.com,*":{"setting":1},"[*.]www.gblovice.cz,*":{"setting":1},"[*.]www.jedensvet.cz,*":{"setting":1},"[*.]www.strukturalni-fondy.cz,*":{"setting":1},"[*.]www.systemrequirementslab.com,*":{"setting":1},"https://[*.]eu1.bbcollab.com:443,*":{"setting":1},"https://[*.]lab.email.cz:443,*":{"setting":1},"https://[*.]plus.google.com:443,*":{"setting":1}},"popups":{"[*.]www.discovery.com,*":{"setting":1},"[*.]www.jakubovy.estranky.cz,*":{"setting":1},"[*.]www.semtamton.estranky.cz,*":{"setting":1},"https://[*.]aplikace.skolaonline.cz:443,*":{"setting":1},"https://[*.]drive.google.com:443,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]easypiano.cz,*":{"fullscreen":1},"[*.]h20628.www2.hp.com,*":{"plugins":1},"[*.]java.com,*":{"plugins":1},"[*.]www.barrandov.tv,*":{"fullscreen":1},"[*.]www.conrad.cz,*":{"fullscreen":1},"[*.]www.discovery.com,*":{"popups":1},"[*.]www.gblovice.cz,*":{"plugins":1},"[*.]www.jakubovy.estranky.cz,*":{"popups":1},"[*.]www.jedensvet.cz,*":{"plugins":1},"[*.]www.semtamton.estranky.cz,*":{"popups":1},"[*.]www.strukturalni-fondy.cz,*":{"plugins":1},"[*.]www.systemrequirementslab.com,*":{"plugins":1},"http://www.firmy.cz:80,http://www.firmy.cz:80":{"geolocation":1},"http://www.lan-shop.cz:80,http://www.lan-shop.cz:80":{"geolocation":1,"last_used":{"geolocation":1421347607.083562}},"http://www.midomi.com:80,*":{"last_used":{"media-stream-camera":1427031434.025411,"media-stream-mic":1427031434.025174},"media-stream-camera":1,"media-stream-mic":1},"http://www.openstreetmap.org:80,http://www.openstreetmap.org:80":{"geolocation":1},"https://[*.]aplikace.skolaonline.cz:443,*":{"popups":1},"https://[*.]drive.google.com:443,*":{"popups":1},"https://[*.]eu1.bbcollab.com:443,*":{"plugins":1},"https://[*.]lab.email.cz:443,*":{"plugins":1},"https://[*.]plus.google.com:443,*":{"fullscreen":1,"plugins":1},"https://[*.]www.facebook.com:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://mail.google.com:443,*":{"notifications":1},"https://maps.google.cz:443,https://maps.google.cz:443":{"geolocation":1},"https://translate.google.cz:443,*":{"last_used":{"media-stream-mic":1417462538.146251},"media-stream-mic":1},"https://www.google.cz:443,*":{"last_used":{"media-stream-mic":1417878047.849988},"media-stream-mic":1},"https://www.google.cz:443,https://www.google.cz:443":{"geolocation":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh5.googleusercontent.com/-dxek8OeeTZk/AAAAAAAAAAI/AAAAAAAABL4/zuq9Z0Qgjic/s256-c/photo.jpg","gaia_info_update_time":"13079781655759767","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"PrvnĂ­ uĹľivatel","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"safebrowsing":{"enabled":true,"extended_reporting_enabled":true},"savefile":{"default_directory":"C:\\Users\\Pivo\\Desktop","type":1},"search":{"suggest_enabled":true},"selectfile":{"last_directory":"C:\\Users\\Pivo\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13061133142621988"},"signin":{"signedin_time":"13061133255301202"},"spellcheck":{"use_spelling_service":true},"sync":{"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAbjudzEad60+5lXO+KLDIsQAAAAACAAAAAAAQZgAAAAEAACAAAAAGUex//JbtkWf+I69UpPEkGVUoXr7J9f9UW1iotItmjAAAAAAOgAAAAAIAACAAAADxJI8CiuBqXaWAPmzXNdtd87DBzytUQbZwOwspc4F4BEAAAAA2tCAfrfDPbwADZj3r5QEHZOHfK2tOp6ApyCTsxjgLopt7CkROHIkCZL+3K2I3LoEIXXecORQ4hNo4nlPYrJFaQAAAAKF5E0ipWvyhXnE32zuZfqV85/X5bUVuJa3sT2WLmZTDOTWUL0FctUtPam0Ixl5EDAZ3mD4nmb7AI5fJMPTExOk=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13061133255333837","has_setup_completed":true,"history_delete_directives":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAbjudzEad60+5lXO+KLDIsQAAAAACAAAAAAAQZgAAAAEAACAAAADUBzrXXr1o8Fets2ErBKJyBfr9C6fmigJOFGVP27Lx/wAAAAAOgAAAAAIAACAAAABK2H+3n/C9W2WVkoqu7cTzZY70CHxzWOEJ0bYqOE9+9FAAAAD4l3YCdbicZon76Pu4o+tvFBeIsoGUnYDdICpbnwOvGnKsT2TNQxDsITSqLHECmElO51SewXvu8YJDhfVubjxmrYmLROtx8swj6AlNg65RWkAAAAA5lEYohXTFkrRMIcrI/tXglPcLdX3wNBZHHCCtFQ5wqR5d1GGI26B6l2G5cdgaStygzszwZEXaapP0rDJywVJW","last_synced_time":"13079781944969173","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncABSmWCSVIeuOJlpVncqTzg==","sessions":true,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"en":0,"no":1,"ru":1,"sk":0,"sl":1,"zh-CN":2},"translate_blocked_languages":["cs","de"],"translate_denied_count":{"en":9,"no":0,"ru":0,"sk":1,"sl":0,"zh-CN":0},"translate_language_blacklist":[],"translate_last_denied_time":1416660456599.201,"translate_site_blacklist":["aplikace.skolaonline.cz"],"translate_too_often_denied":true,"translate_whitelists":{},"webkit":{"webprefs":{"uses_universal_detector":true}},"zerosuggest":{"cachedresults":""}}
_end"}],"current_locale":"cs","default_locale":"en","description":"Tired of reading? Select text you want to read and listen to it. SpeakIt converts text into speech so you no longer need to read.","icons":{"128":"images/icon.png","16":"small_icon.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDABrGGT8K54o9aUtrqROVRW4IIw1TYylqwqD8X4FWFdWNFNLvbjhemOZkO4DyaaBOnv4zv/1rg8Ix5k/RLdfuAyye0JJi2mLHckUvC3dUscfwCx9ap+iARLAZvu/RhoRm5okk7PvSHTBmGvyBNvDlObapH2+GBk/rsXkejU0H5twIDAQAB","manifest_version":2,"minimum_chrome_version":"14","name":"SpeakIt!","options_page":"options.html","permissions":["\u003Call_urls>","contextMenus","ttsEngine","tts","tabs","webRequest","webNavigation","unlimitedStorage","webRequestBlocking","https://*/*"],"tts_engine":{"voices":[{"event_types":["start","marker","end"],"gender":"female","lang":"en-US","voice_name":"iSpeech"},{"event_types":["start","marker","end"],"gender":"female","lang":"en-US","voice_name":"SpeakIt!"}]},"update_url":"https://clients2.google.com/service/update2/crx","version":"0.2.96"},"path":"pgeolalilifpodheeocdmbhehgnkkbak\\0.2.96_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"simio.simsoft@gmail.com","username":"simio.simsoft@gmail.com"}},"homepage":"http://www.google.com/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"CD6AE7F3CCB56658E3DE9D09C5CE606FF3AF35A2860C39F5840C69081442422B"},"default_search_provider":{"keyword":"94133E723E5A0B7D02FFDA2AD461573B346267B2E04DE1B40645A12001DA36BA","name":"857683EBEAA4E910DA59A36B58ED3BD46B42C778CE72F3BBA6B105289C7C8CD0","search_url":"5C3BC756A3FB2EF66E7160C5C988882B3C9B602189056AC8DBEE398288A0EA67"},"default_search_provider_data":{"template_url_data":"B701DEA20AACD437DDDBE65AFE45C9411B1FEA13FA0CC782E5AB8E2D93E86AAC"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"4D00028E260F5D5929BD72D65972D79E177A999B4AD6A1B7A9ADFC7B491792C6","bbjllphbppobebmjpjcijfbakobcheof":"36E47F2BC2D80B3B50D01C7524E19222DB1E5540C87D334766639345F601C93A","bepbmhgboaologfdajaanbcjmnhjmhfn":"7F77D52EAE855DE3929D669460AAB925D6B8BA6516A81AE99806649EFECCA18A","cfnlefipdmdafjpinmcbhlhpkabegppc":"F0801F99AD9F810867CD6DEC50EE987A6EB85D6E4A21ABA2B54B228447D404EF","cgbogdmdefihhljhfeiklfiedefalcde":"E86AFEF28AFBFE4CAD83F3FFDA6E1BA2DA9A40C80434A447BC48211715B276AC","dhdgffkkebhmkfjojejmpbldmpobfkfo":"A31687FB042DFC5CAB40D2E94DD531F24F825ABADB6C8BABF887740D52BFCBAC","eemcgdkfndhakfknompkggombfjjjeno":"F4980BB5404124E6415EE2C2E900E114E00A9433D45AABA9D4104296C7CC18B9","emfinbmielocnlhgmfkkmkngdoccbadn":"D9EF68A2BF9B42D2FCC6F93EBC442AF786AA2CFA5572C28BAEAC90C7EB628FDA","ennkphjdgehloodpbhlhldgbnhmacadg":"2B0043B54F49B1D46BD89CB9DE084C94D360072F90976D8E7E24F69FF8733787","gfdkimpbcpahaombhbimeihdjnejgicl":"311F97E21EF170450E0A43B00BAEF94FB2425C93F5E89DA033CC167332A99FC9","gighmmpiobklfepjocnamgkkbiglidom":"9535EA7B5627A9C18269B2D308668857059C94F0298EB2D81ABC8DF0A7AE1011","gmbmikajjgmnabiglmofipeabaddhgne":"D19233DBC6071E6D8F2960F5F24F68649ADC9FA69889769A1AE6C68FEC1F4478","gomekmidlodglbbmalcneegieacbdmki":"5998228D9B0CB51B0A6DFBB42772B4CDCD91F25E357346F3F5949EB9B2A491A5","hcjdanpjacpeeppdjkppebobilhaglfo":"814A6E72976FAAC55E6AA8402B67ACB721433D87EDF25341F2FE560B1388E5E5","jpcenahnngjklfilghhiochkndllljbj":"2858274522982F544246919AED2B2E7B3BE3AE81746FD45F05B3CC1EC788AD90","kcankginpidjapmhjmjfgpicjpfhfdop":"BF79ABB93FB64D619F9BF8EFB33172B0FB7147AB1FF4D5F149EE17FF033A7005","klbibkeccnjlkjkiokjodocebajanakg":"72E6E32492F686C8A1E0ED0407BFF810374BEF5C77DA84A188D2430D64AA2F95","kmendfapggjehodndflmmgagdbamhnfd":"688C6E5FA25C72955F641C4E0136738E5DE959C12D6A32EF1BE9A5FD71F281AD","licccgnfdlgmmmgaddmbcepikfadcmpe":"4093C91AC7A62E01DC538F1EC46C1FCF6D7E1786D8D6B86AA17FE80E8542E396","lpdichmkdadfihhbgllepglgbkonlehe":"1483A88822D4420B79C42EB3FCA2A9C2364CEAC26AA59CF3A42AAEF973FE88E8","mdaaepplopehigjgkolniddiadbbkphd":"38F20DAA2F3C361305B7EFFF2C0DED49DBED6A1899A63FB6D018D9FC5CD02986","mfehgcgbbipciphmccgaenjidiccnmng":"E4F0A8B531CEEC8010883C98E517C0D338D79EEB014DF8425E8A02CCFAE3B0C2","mfffpogegjflfpflabcdkioaeobkgjik":"C10F1932ED32EA33B551E0D4358126EC3BBF7C47A91188653A60F5AC67CC8B4F","mgndgikekgjfcpckkfioiadnlibdjbkf":"D257CD465E0B67568A89540E407D1B49EACDDCB76D00E5C27D74734A416A7F0D","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A4B315EC24B535921A165D2C2B0E40D52DEEABA4559670D6EA338696B2DBB914","neajdppkdcdipfabeoofebfddakdcjhd":"F8245A26C2857E5B0BD88B42A819E2170299A85AB3BCB6630FEDA730B63CFB3F","nioihlfoddilijjjeknopfcbglallkce":"B394165AFA5C5B92B688E412CD10F2F5D2946681A27757C65A778B46073F4D4B","nkeimhogjdpnpccoofpliimaahmaaome":"949E43FCF838683ACA20806437DACCF3656DB3E4DF8A1D0BEE6A9FA7F08B242F","nmmhkkegccagdldgiimedpiccmgmieda":"E4C20CBCA56E06A5A3831CE527F6DF3DBFA6D33D5AC128D6E0F69FF7C48744DA","odjhifogjcknibkahlpidmdajjpkkcfn":"15E27CD7C713A4C57DD13DABB142C80BC643DDB4FFEB5C62E90CA827D09A80EC","oehpjpccmlcalbenfhnacjeocbjdonic":"FBC3DFA65938B3F39AFECF173669CC0E308E7BD91662E9E326176EC211CD250B","okgjbfikepgflmlelgfgecmgjnmnmnnb":"C8928C859548E94B13F10CDD6153AC6F3D0B161AD9A26ADAD1530F36FF09BF6E","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"5FB3625A9175E5A89B3654E0FBC8CAB5B0275CCAE4D9AD9DB59BD1EAA4DC476B","pgeolalilifpodheeocdmbhehgnkkbak":"CC8E4EBD0E342B4984AEE48646E5CA5F109265E1FCE30E7F51687C157F204FE4"}},"google":{"services":{"last_username":"51490AB82CEED1DC5CABCF06B4B45E446E3C65E90263983D3B6285153895DE7D","username":"8133CB4CC6AC54B9E2605D5BD929EA7201E40EF6D6ECCE4FFC7EA1294C490F5F"}},"homepage":"74F09FB0D3DD6F4B3BEC0C70E707295A241D58BB0150FB6CE3A8A6B56E0D7283","homepage_is_newtabpage":"D96241A089D2FE962B4649C7574E9C02DB7939F7B18EFE927FAFCC7027E2A0E7","pinned_tabs":"AB8265C523264BB797A0A5909412F711DAFE2398DF0B331A5A8AB417C9A240E1","prefs":{"preference_reset_time":"E4E088A03D2DACE6AA7E79DFF3E852BB49545E8D95CEB7352C5A2707C32D7B66"},"profile":{"reset_prompt_memento":"1B0EB289B6FDA35C7B1B8CB83B2D5D6C2DD5BB9F0B20A2EE6CBF34CFE31D7FC2"},"safebrowsing":{"incidents_sent":"36D9838B5E2D3750266AB4F37DF639715604901217A6E8AA307FEDEE92E738FD"},"search_provider_overrides":"9DD532AC015730496C65D56500F00066ECC7D5642BBF81ECBA2695408B9F294B","session":{"restore_on_startup":"E5A99B74C3E4A3436523C36394363DCD56165ACAE578B6D94C96AB17AEB968A7","startup_urls":"482CD869104EB31575A81A2A9E3444D9B60CEF36753DB6F2AEBC57D559357990"},"software_reporter":{"prompt_reason":"321AD5F65F72D3A0A2C369ED34AF42BF822DE4DEBAD45AA38F4B4073FEE6BF36","prompt_seed":"EFBCE56B2334472D91B5B2AEEBD89E54564B0751E219DCEE54DFF4F9757882F9","prompt_version":"87B06F8B80AE3097EC7AE1DF69C2328FE58DD5ECCCD4D0A0BC49BB460F1CE747"},"sync":{"remaining_rollback_tries":"ECC5895A74859D7A5D638CA6E6552773353628E0C3B53891161E821E7C1EA1EA"}},"super_mac":"BAFE5EB26588505191562CF410C4EB1EB1F21737F5BC2E37D1147C615F250D87"},"session":{"restore_on_startup":4,"startup_urls":["https://www.seznam.cz/?logged=1#obsah"]},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Users\Pivo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1467 folders=142 230634955 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pivo\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Pivo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  26.06.2015 at 15:41:18,61 ======================

[simio.simsoft]

FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-06-2015
Ran by Pivo (administrator) on PIVO-PC on 26-06-2015 15:47:32
Running from C:\Users\Pivo\Desktop
Loaded Profiles: Pivo (Available Profiles: Pivo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IBM Corp.) C:\ProgramData\Trusteer\Rapport\store\tmp\dn_000004c0_0000a5cf\RapportSetup-Full.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(AVAST Software s. r. o.) C:\Program Files\AVAST Software\Avast\setup\49e8561d-2b5a-49cc-941e-3cdc0194727a.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-11-04] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2015-01-14] (IDT, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5769024 2015-03-04] (IObit)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\Run: [EPSON SX100 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE [188928 2008-02-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {0e479424-fd36-11e3-99fd-68b599fc41be} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {45dd8d11-2b81-11e4-a025-68b599fc41be} - F:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {a085e112-cbf5-11e1-bd13-806e6f6e6963} - E:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c0319a-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c031a8-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Cities.scr [2789376 2007-09-23] (Screenomania.com)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-06-21] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-07-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-26] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2149464645-3227392997-1024222133-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06] (DigitalPersona, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-21] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2A98B539-1DB3-4218-A800-24C9BDBD7D6F}: [NameServer] 8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{A030ABA6-0274-4734-9610-DA9BC2DB7055}: [NameServer] 8.26.56.26,156.154.70.22

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-26] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-06-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-21]

Chrome:
=======
CHR Profile: C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-26]
CHR Extension: (Google Docs) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-26]
CHR Extension: (Google Drive) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-26]
CHR Extension: (Rapport) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-06-15]
CHR Extension: (YouTube) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-26]
CHR Extension: (Google Search) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-26]
CHR Extension: (Google Sheets) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-26]
CHR Extension: (Avast Online Security) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-22]
CHR Extension: (Google Wallet) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22]
CHR Extension: (Gmail) - C:\Users\Pivo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-08-03] (LSI Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-26] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-04-26] (Avast Software)
R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2014-04-30] (Fork Ltd.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300880 2010-07-16] (DigitalPersona, Inc.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [152992 2012-03-14] (Hewlett-Packard Company)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S4 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [117552 2012-03-09] (Portrait Displays, Inc.)
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-06-02] (IBM Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2015-01-14] (IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S2 vcsFPService; C:\Windows\system32\vcsFPService.exe [1664304 2010-02-18] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-10-28] (WiseCleaner.com) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-04-26] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-26] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-04-26] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-04-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-26] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2014-07-14] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-04-26] ()
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2014-11-10] (IObit)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-09-09] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-09-09] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [186880 2011-09-09] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-14] (REALiX(tm))
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [530752 2015-01-15] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24896 2015-01-15] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn01.sys [10376704 2015-04-21] (Intel Corporation)
R4 RapportCerberus_1412108; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412108.sys [528600 2015-06-15] (IBM Corp.)
R1 RapportCerberus_1412112; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1412112.sys [531416 2015-06-26] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [280088 2015-06-02] (IBM Corp.)
R0 RapportHades; C:\Windows\System32\Drivers\RapportHades.sys [68280 2015-06-02] (IBM Corp.)
R3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys [162584 2015-06-26] (IBM Corp.)
R0 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [218264 2015-06-02] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [337176 2015-06-02] (IBM Corp.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2014-11-10] (IObit.com)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdptsk.sys [46592 2015-04-21] (REDC) [File not signed]
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-06-03] ()
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2014-11-10] (IObit.com)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-06-10] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-04-26] (Avast Software)
R3 vwhid; C:\Windows\System32\DRIVERS\vwhid.sys [23200 2013-01-28] (Windows (R) Win 7 DDK provider)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [10792 2014-10-11] () [File not signed]
R1 WiseTdiFw; C:\Windows\WiseTdiFw.sys [42024 2014-10-11] (WiseCleaner.com) [File not signed]
U3 DfSdkS; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 15:47 - 2015-06-26 15:50 - 00023768 _____ C:\Users\Pivo\Desktop\FRST.txt
2015-06-26 15:47 - 2015-06-26 15:47 - 00000000 ____D C:\FRST
2015-06-26 15:45 - 2015-06-26 15:45 - 01636352 _____ (Farbar) C:\Users\Pivo\Desktop\FRST.exe
2015-06-26 15:42 - 2015-06-26 15:42 - 00000000 ____D C:\Users\Pivo\AppData\Roaming\ProductData
2015-06-26 14:38 - 2015-06-26 10:46 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-26 11:07 - 2015-06-26 12:07 - 18411184 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-06-26 10:49 - 2015-06-26 15:41 - 00022251 _____ C:\zoek-results.log
2015-06-26 10:46 - 2015-06-26 12:32 - 00000000 ____D C:\zoek_backup
2015-06-26 10:45 - 2015-06-26 10:45 - 01308672 _____ C:\Users\Pivo\Desktop\zoek.exe
2015-06-16 21:37 - 2015-06-16 22:44 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-16 21:37 - 2015-06-16 21:37 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-16 21:36 - 2015-06-16 21:37 - 17659640 _____ C:\Users\Pivo\Desktop\RogueKiller.exe
2015-06-16 21:34 - 2015-06-16 21:34 - 00002144 _____ C:\Users\Pivo\Desktop\JRT.txt
2015-06-16 21:29 - 2015-06-16 21:29 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PIVO-PC-Windows-7-Professional-(32-bit).dat
2015-06-16 21:28 - 2015-06-16 21:28 - 00000000 ____D C:\RegBackup
2015-06-16 21:27 - 2015-06-16 21:27 - 02945901 _____ (Thisisu) C:\Users\Pivo\Desktop\JRT.exe
2015-06-16 17:57 - 2015-06-16 18:01 - 77623316 _____ C:\Users\Pivo\Desktop\Project-2-CD-ROM.rar
2015-06-16 17:48 - 2015-06-16 17:54 - 89917440 _____ C:\Users\Pivo\Desktop\AJ---Project-2-CD.iso
2015-06-15 22:10 - 2015-06-15 22:19 - 00000000 ____D C:\e24e20fcece2c1270900ad
2015-06-15 20:04 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-15 20:04 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-15 20:04 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-15 20:04 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-15 20:04 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-15 20:04 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-15 20:04 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-15 20:04 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-15 20:04 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-15 20:04 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-15 20:04 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-15 20:04 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-15 20:04 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-15 20:04 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-15 20:04 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-15 20:04 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-15 20:04 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-15 20:04 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-15 20:04 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-15 20:04 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-15 20:04 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-15 20:04 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-15 20:04 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-15 20:04 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-15 20:04 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-15 20:04 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-15 20:04 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-15 20:04 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-15 20:04 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-15 20:04 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-15 20:04 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-15 20:04 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-15 20:04 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-15 20:04 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-15 20:04 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-15 20:04 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-15 20:04 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-15 20:04 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-15 20:04 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-15 20:04 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-15 20:04 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-15 20:04 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-15 20:04 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-15 20:04 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-15 20:04 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-15 20:04 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 20:04 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-15 20:04 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-15 20:04 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-15 20:03 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-15 20:03 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-15 20:03 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-15 20:03 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-15 20:03 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-15 20:03 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-15 20:03 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-15 20:03 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-15 20:03 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-15 20:03 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-15 20:03 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-15 20:03 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-15 20:03 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-15 20:03 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-15 20:03 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-15 20:03 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-15 20:03 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-15 20:03 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-15 20:03 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-15 20:03 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-15 19:34 - 2015-06-16 18:11 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-15 19:34 - 2015-06-15 19:34 - 00001024 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-15 19:34 - 2015-06-15 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-15 19:34 - 2015-06-15 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-15 19:34 - 2015-06-15 19:34 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-06-15 19:34 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-15 19:34 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-15 19:34 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-15 19:32 - 2015-06-15 19:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Pivo\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-15 18:57 - 2015-06-15 18:57 - 00000000 ____D C:\Users\Pivo\AppData\Local\Apple
2015-06-15 18:54 - 2015-06-15 18:59 - 00000000 ____D C:\AdwCleaner
2015-06-15 18:53 - 2015-06-15 18:53 - 02231296 _____ C:\Users\Pivo\Desktop\adwcleaner_4.206.exe
2015-06-15 18:52 - 2015-06-26 15:48 - 01593599 _____ C:\Windows\WindowsUpdate.log
2015-06-15 18:52 - 2015-06-15 18:52 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2015-06-15 18:52 - 2015-06-15 18:52 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2015-06-15 18:47 - 2015-06-26 15:39 - 00000448 _____ C:\Windows\setupact.log
2015-06-15 18:47 - 2015-06-15 18:47 - 00000000 _____ C:\Windows\setuperr.log
2015-06-15 18:46 - 2015-06-26 15:39 - 00004134 _____ C:\Windows\PFRO.log
2015-06-15 18:46 - 2015-06-16 14:31 - 00505928 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-15 18:34 - 2015-06-15 18:39 - 00000000 ____D C:\Users\Pivo\Desktop\Uklízecí náčiní
2015-06-15 16:35 - 2015-06-15 16:35 - 00142952 _____ C:\Users\Pivo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-15 14:52 - 2015-06-15 14:52 - 00013746 _____ C:\Users\Pivo\Desktop\hijackthis.log
2015-06-15 14:50 - 2015-06-15 14:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pivo\Desktop\HijackThis.exe
2015-06-06 09:20 - 2015-06-06 09:20 - 03569688 _____ C:\Users\Pivo\Desktop\Vysvědčení Jan Šimek.zip
2015-06-04 20:38 - 2015-06-04 20:38 - 00000000 ____D C:\Users\Pivo\AppData\Local\GWX
2015-06-02 18:41 - 2015-06-02 18:41 - 00218264 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKELL.sys
2015-06-02 18:41 - 2015-06-02 18:41 - 00068280 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 15:49 - 2014-07-02 11:20 - 00000029 _____ C:\Windows\system32\TempWmicBatchFile.bat
2015-06-26 15:46 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-26 15:46 - 2009-07-14 06:34 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-26 15:43 - 2014-10-06 16:26 - 00000000 ___RD C:\Users\Pivo\iCloudDrive
2015-06-26 15:42 - 2015-03-26 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2015-06-26 15:42 - 2015-01-09 18:45 - 00000000 ____D C:\Users\Pivo\AppData\Roaming\Wise Care 365
2015-06-26 15:40 - 2014-06-29 16:32 - 00000000 ____D C:\ProgramData\HPQLOG
2015-06-26 15:39 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-26 15:07 - 2014-06-21 14:47 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-26 14:58 - 2014-11-22 14:31 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-26 12:07 - 2014-06-21 14:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-26 12:07 - 2014-06-21 14:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-16 18:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-06-16 14:39 - 2012-07-12 10:09 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 14:29 - 2014-12-10 10:29 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-16 14:29 - 2014-06-22 12:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-15 22:27 - 2014-06-20 19:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 22:20 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2015-06-15 22:19 - 2014-06-19 21:05 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 22:10 - 2014-06-19 21:05 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 20:44 - 2014-06-30 19:38 - 00000000 ____D C:\Users\Pivo\AppData\Roaming\Skype
2015-06-08 19:51 - 2014-06-30 19:38 - 00000000 ____D C:\ProgramData\Skype
2015-06-08 19:40 - 2015-05-14 19:20 - 00000000 ____D C:\Users\Pivo\AppData\Local\desktop-messenger
2015-06-08 15:01 - 2014-06-20 19:10 - 00000000 __RHD C:\MSOCache
2015-06-06 19:26 - 2014-11-08 19:19 - 00000000 ____D C:\Users\Pivo\Desktop\Zástupci
2015-06-01 20:56 - 2009-07-14 06:53 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-30 22:28 - 2014-06-27 14:23 - 00000000 ____D C:\Users\Pivo\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2014-06-30 22:50 - 2014-06-30 22:50 - 0014943 _____ () C:\Users\Pivo\AppData\Roaming\UserTile.png
2012-07-12 13:09 - 2012-07-12 13:09 - 0000000 _____ () C:\Users\Pivo\AppData\Local\AtStart.txt
2012-07-12 13:09 - 2012-07-12 13:09 - 0000000 _____ () C:\Users\Pivo\AppData\Local\DSwitch.txt
2012-07-12 13:09 - 2012-07-12 13:09 - 0000000 _____ () C:\Users\Pivo\AppData\Local\QSwitch.txt
2015-05-08 11:37 - 2015-05-08 11:37 - 0002607 _____ () C:\Users\Pivo\AppData\Local\recently-used.xbel
2014-06-27 14:17 - 2012-09-19 10:06 - 0000221 _____ () C:\ProgramData\cutescreenrecorder.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-07 19:27

==================== End of log ============================

[simio.simsoft]

Addition log

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-06-2015
Ran by Pivo at 2015-06-26 15:51:22
Running from C:\Users\Pivo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2149464645-3227392997-1024222133-500 - Administrator - Disabled)
Guest (S-1-5-21-2149464645-3227392997-1024222133-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2149464645-3227392997-1024222133-1002 - Limited - Enabled)
Pivo (S-1-5-21-2149464645-3227392997-1024222133-1000 - Administrator - Enabled) => C:\Users\Pivo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 beta (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 5 v.5.0.7 (HKLM\...\{91B33C97-5BBE-576E-893B-711D4D8298ED}_is1) (Version: 5.0.7 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cities of Earth 3D Screensaver v. 2.1 (HKLM\...\Cities of Earth 3D Screensaver_is1) (Version: - Screenomania.com)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - DE (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - ES (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FR (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM HSE (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - NL (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - RU (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X5 - Extra Content (HKLM\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation)
CorelDRAW Home & Student Suite X5 - Extra Content (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X5 (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW(R) Home & Student Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Cute Screen Recorder Free Version 2.0.0.0 (HKLM\...\Cute Screen Recorder Free Version_is1) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DigiBand version 1.8 (HKLM\...\{BA3A4E83-7935-4939-A6FF-435423A416A9}_is1) (Version: 1.8 - AthTek Software)
Driver Booster 2.1 (HKLM\...\Driver Booster_is1) (Version: 2.1 - IObit)
DVDStyler v2.9.2 (HKLM\...\DVDStyler_is1) (Version: - )
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
EPSON Stylus SX100_TX100 Manuál (HKLM\...\EPSON Stylus SX100_TX100 Uživatelská příručka) (Version: - )
EPSON SX100 Series Printer Uninstall (HKLM\...\EPSON SX100 Series) (Version: - SEIKO EPSON Corporation)
Far Cry (HKLM\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Název společnosti:)
Far Cry (Version: 1.00.0000 - Název společnosti:) Hidden
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
FreeFileSync 6.8 (HKLM\...\FreeFileSync) (Version: 6.8 - Zenju)
Funny Photo Maker 2.4.2 (HKLM\...\Funny Photo Maker_is1) (Version: - Funny-Photo-Maker.com)
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Pro (HKLM\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Gothic III (HKLM\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Heroes of Might and Magic III Complete (HKLM\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (Version: 1.00.0000 - CD Projekt) Hidden
HP 3D DriveGuard (HKLM\...\{3E92DCCC-A2F0-4C27-A5B9-B3B1A2143149}) (Version: 4.0.4.1 - Hewlett-Packard)
HP Battery Check (HKLM\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{812C7541-3C7C-4E24-99A5-3785EB2A5C40}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
HP Power Assistant (HKLM\...\{BBDDFD86-E8E5-42FA-85E4-373FAE1DC731}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.13.766 - Hewlett-Packard Company)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50009.6 - Sonix)
Huawei Drivers (HKLM\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.23.05.00 - )
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6257.0 - IDT)
iGetting Audio (HKLM\...\iGetting Audio) (Version: - Tenorshare, Inc.)
Incomedia WebSite X5 v11 - Home (HKLM\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Inkscape 0.48.5 (HKLM\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.8 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Malware Fighter 3 (HKLM\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 10.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version: - Daniel Rebelo)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.96 - LSI Corporation)
MagicScan (HKLM\...\SAUTRANSLATENET_is1) (Version: 3.9.1.3 - MagicScan)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MP3 Toolkit 1.0.5 (HKLM\...\MP3 Toolkit_is1) (Version: - MP3Toolkit.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM\...\Family Tree Builder) (Version: 7.0.0.7138 - MyHeritage.com)
Ochrana koncového bodu Trusteer (HKLM\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)
Podpora aplikací Apple (32bitová) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Posel Smrti 3 (HKLM\...\Posel Smrti 3_is1) (Version: 1.0 - TopQer, s.r.o.)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Rapport (Version: 3.5.1412.176 - Trusteer) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.13.00.05 - RICOH)
SDK (Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SketchUp 2015 (HKLM\...\{72FCCE6E-98AB-4953-AF89-772DF0704E11}) (Version: 15.1.105 - Trimble Navigation Limited)
Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SmartShare (HKLM\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.2.1405.1601 - LG Electronics Inc.)
SolveigMM Video Splitter Home Edition (HKLM\...\SolveigMM Video Splitter Home Edition 4.0.1502.19) (Version: 4.0.1502.19 - Solveig Multimedia)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TagTuner 2.0 (HKLM\...\TagTuner_is1) (Version: - TagTuner.com)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
T-Mobile Internet Manager (HKLM\...\T-Mobile Communication Centre) (Version: 2013-10-31@2013-12-02 - Gemfor s.r.o.)
Validity Fingerprint Driver (HKLM\...\{78365FC6-09CA-4AC3-BC01-70FB46596047}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
Video Edit Master (HKLM\...\{35A99221-DAF4-4769-880F-ECC57548FBCC}) (Version: 2.0.0 - Hazem Osman)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WiFiSendServer -- iPhone/iPad for your computers (HKLM\...\WiFiSendServer) (Version: - Benzle Inc.)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Phone app for desktop (HKLM\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
Wise Care 365 3.41 (HKLM\...\Wise Care 365_is1) (Version: 3.41 - WiseCleaner.com, Inc.)
Wise System Monitor 1.28 (HKLM\...\Wise System Monitor_is1) (Version: 1.28 - WiseCleaner.com, Inc.)
Wondershare Filmora(Build 6.0.3) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
WordNet 2.1 (HKLM\...\{58582B88-0260-4C80-9A89-8CA0923AFD26}) (Version: 2.1 - Princeton University Cognitive Science Laboratory)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
X-Mirage version 1.01.5 (HKLM\...\{EE034220-E0F5-4AA3-82B5-DD1CC216A6F5}_is1) (Version: 1.01.5 - X-Mirage, Inc.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2149464645-3227392997-1024222133-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx32.dll ()

==================== Restore Points =========================

24-04-2015 15:09:33 Windows Update
26-04-2015 10:18:27 avast! antivirus system restore point
26-04-2015 10:21:45 Revo Uninstaller's restore point - War Thunder Launcher 1.0.1.394
26-04-2015 11:24:10 Removed Skype Click to Call
26-04-2015 11:26:09 Revo Uninstaller's restore point - NVIDIA PhysX
26-04-2015 11:26:41 Removed NVIDIA PhysX
29-04-2015 06:53:01 Windows Update
02-05-2015 10:41:43 Windows Update
04-05-2015 16:38:55 Revo Uninstaller's restore point - Testy znalostí pravidel silnicního provozu pro chodce a cyklisty
05-05-2015 13:33:41 Windows Update
09-05-2015 10:43:14 Windows Update
13-05-2015 21:27:46 Windows Update
14-05-2015 13:07:26 Windows Update
14-05-2015 15:39:07 Windows Update
14-05-2015 21:50:35 Windows Update
19-05-2015 19:36:32 Windows Update
20-05-2015 21:57:43 Windows Update
21-05-2015 14:28:14 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
21-05-2015 14:55:26 Windows Update
21-05-2015 15:00:49 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-05-2015 15:04:09 Windows Update
06-06-2015 09:22:43 Windows Update
15-06-2015 18:48:12 Installed Rapport
15-06-2015 19:47:28 Windows Update
15-06-2015 22:08:51 Windows Update
26-06-2015 10:48:25 Windows Update
26-06-2015 15:40:41 Installed Rapport

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2015-06-26 10:50 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B808F29-821D-4367-94C7-B36F2FB745FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {12D707DF-C5A1-4FF6-841D-2C29ED4FA6A2} - System32\Tasks\{BA2DE0AA-5425-494E-95CE-E239D750C3D7} => pcalua.exe -a C:\Windows\System32\PhysX.cpl
Task: {31380CFF-C14A-45B9-9FC2-00636D1352E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {6366DB29-B51F-4C53-B6C9-DD584D1E2587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {7A4C74B7-38C8-4965-946A-2F20CB8A1241} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-26] (Adobe Systems Incorporated)
Task: {8D0D4F56-A88F-4E07-AC73-4E6C8AF27019} - \avastBCLRestartS-1-5-21-2149464645-3227392997-1024222133-1000 No Task File <==== ATTENTION
Task: {9D5BE155-CDCB-4FE4-83B7-C009E917D17B} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {AE4EB10A-A706-48F4-968A-3057558E6E37} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B45C51C1-92C4-4F7C-ADFD-9ABE65EF6496} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2149464645-3227392997-1024222133-1000
Task: {CA00B2DF-2191-4005-899F-3B08AAFCB4F2} - System32\Tasks\SmartShare => C:\Program Files\LG Software\LG Smart Share\SmartShareStart.exe [2014-03-13] (LG Electronics Inc.)
Task: {E6B6A567-DA3E-454E-8969-537B848ECB84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {EF41E2BD-735D-40E3-88BB-044DD80088DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-26] (Avast Software s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-26 10:22 - 2015-04-26 10:22 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-26 10:22 - 2015-04-26 10:22 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-26 10:39 - 2015-06-26 10:39 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062600\algo.dll
2010-04-20 08:10 - 2010-04-20 08:10 - 00079360 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2015-03-13 21:11 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files\IObit\IObit Malware Fighter\sqlite3.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-09-04 12:43 - 2009-09-04 12:43 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2015-03-19 20:01 - 2015-03-19 20:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-13 21:11 - 2015-01-09 19:46 - 00182048 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2015-03-13 21:11 - 2015-01-09 19:46 - 00145184 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
2012-03-14 14:29 - 2012-03-14 14:29 - 00892288 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:C5760A8B
AlternateDataStreams: C:\ProgramData\TEMP:CB9270C0

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.26.56.26 - 156.154.70.22

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3661D4A3-F82E-47BF-8501-84F18C56E72B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C3B2BFD8-57E1-4D65-AC63-A28667C86438}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F58DBEF4-5450-44FC-9A16-4955B2F88F7A}] => (Allow) LPort=2869
FirewallRules: [{751CCA52-006E-4279-868D-0DE35EFFA085}] => (Allow) LPort=1900
FirewallRules: [{9E3B62D5-9C2F-40DA-A3E2-08AE9739C442}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AE7A08E9-195C-4C98-86A0-DB95431EE91C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CB052DF-5948-4F13-AFC1-67AA71DCE062}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{478ECB21-9E88-47A0-8839-8D419DE15CBA}C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe] => (Allow) C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe
FirewallRules: [UDP Query User{D97FE5D2-E0D4-4F35-9A6A-BB6E6D74FFA9}C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe] => (Allow) C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe
FirewallRules: [TCP Query User{5D106ABA-55F7-4553-AAB0-3EE3C1516EA8}C:\program files\wargaming\world of tanks\wotlauncher.exe] => (Allow) C:\program files\wargaming\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B445B5E0-65EC-4CCF-8B90-6FE2A5DCCABE}C:\program files\wargaming\world of tanks\wotlauncher.exe] => (Allow) C:\program files\wargaming\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9F8FA650-7E94-478C-8CF1-4D97236EC964}C:\program files\wargaming\world of tanks\worldoftanks.exe] => (Allow) C:\program files\wargaming\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{6282E2DE-6312-4C31-B64B-57B7C9B77B4A}C:\program files\wargaming\world of tanks\worldoftanks.exe] => (Allow) C:\program files\wargaming\world of tanks\worldoftanks.exe
FirewallRules: [{2D7A9D2B-5E09-4018-8F7D-34007E00C07A}] => (Allow) LPort=80
FirewallRules: [{B498511D-3A3B-4B14-8CCE-7A8FEFACCBCD}] => (Allow) LPort=443
FirewallRules: [{85C23336-390B-4B34-8180-F2E557359121}] => (Allow) LPort=20010
FirewallRules: [{A8E6C01A-5736-4957-9211-A230A8202020}] => (Allow) LPort=3478
FirewallRules: [{D5ADB0CF-BFFE-4F16-A518-5D0090FB0FAD}] => (Allow) LPort=7850
FirewallRules: [{13EDBFEE-7FF4-45CC-884F-52276542D884}] => (Allow) LPort=7852
FirewallRules: [{A9CFE0EF-82C3-42A6-BE09-727913679C05}] => (Allow) LPort=7853
FirewallRules: [{18DBA7A2-5898-4191-B381-1696F0EFF379}] => (Allow) LPort=27022
FirewallRules: [{77814C4A-914C-4117-8AF6-0E6C0B72B5E0}] => (Allow) LPort=6881
FirewallRules: [{F253FE93-EB65-4145-9B7A-C1154B3AA68E}] => (Allow) LPort=33333
FirewallRules: [{FEB0B690-2F22-4EAE-9474-07BCF4D9C5D0}] => (Allow) LPort=20443
FirewallRules: [{A204C33B-A4E5-4B30-BA5C-95C3D41255C6}] => (Allow) LPort=8090
FirewallRules: [{774A4538-6341-4E6F-B6C9-F70B901BE1D0}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{7D6050A2-F883-431A-A070-2A012BF5F188}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{FA09F290-5B2B-4056-AF8D-8E86E317AE56}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{3576CD56-5945-44AA-8B7D-9AF74E27235F}] => (Allow) C:\Program Files\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{0AFF4F4D-54FD-4203-9617-EB7B3D5380C5}] => (Allow) C:\Program Files\Benzle\WiFiSendServer\WiFiSendServer.exe
FirewallRules: [{520AED3C-7E9B-49A6-8505-2E3DF1D6E1B1}] => (Allow) C:\Program Files\X-Mirage\x-mirage.exe
FirewallRules: [{4938EEE6-A13A-47DF-AED8-A8D84066E1F0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{FA8B5636-7215-49EB-8028-FC3D4F0327CE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{5457EE93-9122-4E87-9B64-06DB1FBBBAEE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4339DFD0-9DB3-4A11-B2D4-1715931E54BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{64491F17-D429-42BC-A945-2D4FBE474D5F}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{7FB61039-5AAE-4497-B144-7EACF428E6C8}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe
FirewallRules: [{29EFB33C-B834-4CD6-A018-13B83EFEED0A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0A853FF3-D1EA-4BE2-B40C-C19D20F8AB3A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{273491B8-C6A7-44BA-B782-9CF9FFE7B361}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F4190FE3-9A12-42C6-82A0-3583AFDF6300}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2015 03:40:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0ef94e78-8ea6-4aaa-ade0-74952d0a12c5}

Error: (06/26/2015 00:56:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (06/15/2015 06:48:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4ea06b75-ddd8-4e1f-92d9-2920d2d7238a}

Error: (06/15/2015 02:32:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (5332) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Pivo\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2633796

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2633796

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9734

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9734

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/26/2015 03:47:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (06/26/2015 00:30:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/26/2015 00:30:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/26/2015 00:30:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/26/2015 00:30:25 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/26/2015 00:30:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/26/2015 10:52:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB915597 (Definition 1.201.171.0).

Error: (06/16/2015 09:30:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/16/2015 09:30:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Com4QLBEx byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/16/2015 09:29:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Microsoft Office:
=========================
Error: (06/26/2015 03:40:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0ef94e78-8ea6-4aaa-ade0-74952d0a12c5}

Error: (06/26/2015 00:56:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108

Error: (06/15/2015 06:48:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4ea06b75-ddd8-4e1f-92d9-2920d2d7238a}

Error: (06/15/2015 02:32:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost5332WebCacheLocal: C:\Users\Pivo\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2633796

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2633796

Error: (06/08/2015 05:51:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9734

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9734

Error: (06/08/2015 05:07:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 58%
Total physical RAM: 2927.38 MB
Available physical RAM: 1216.82 MB
Total Pagefile: 5853.07 MB
Available Pagefile: 3826.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:55.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 232.9 GB) (Disk ID: DBAA6602)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

[jerabina]

Odinstaluj prosím IObit Malware Fighter, Wise Care 365 a Wise System Monitor

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5769024 2015-03-04] (IObit)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {0e479424-fd36-11e3-99fd-68b599fc41be} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {45dd8d11-2b81-11e4-a025-68b599fc41be} - F:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {a085e112-cbf5-11e1-bd13-806e6f6e6963} - E:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c0319a-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c031a8-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)

R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-10-28] (WiseCleaner.com) [File not signed]

R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2014-11-10] (IObit)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2014-11-10] (IObit.com)
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2014-11-10] (IObit.com)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [10792 2014-10-11] () [File not signed]
R1 WiseTdiFw; C:\Windows\WiseTdiFw.sys [42024 2014-10-11] (WiseCleaner.com) [File not signed]
U3 DfSdkS; No ImagePath

C:\Program Files\IObit
C:\Program Files\Wise
C:\Windows\WiseHDInfo32.dll
C:\Windows\WiseTdiFw.sys
C:\Users\Pivo\AppData\Roaming\Wise Care 365

Task: {0B808F29-821D-4367-94C7-B36F2FB745FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {31380CFF-C14A-45B9-9FC2-00636D1352E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {6366DB29-B51F-4C53-B6C9-DD584D1E2587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {7A4C74B7-38C8-4965-946A-2F20CB8A1241} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-26] (Adobe Systems Incorporated)
Task: {8D0D4F56-A88F-4E07-AC73-4E6C8AF27019} - \avastBCLRestartS-1-5-21-2149464645-3227392997-1024222133-1000 No Task File <==== ATTENTION
Task: {B45C51C1-92C4-4F7C-ADFD-9ABE65EF6496} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2149464645-3227392997-1024222133-1000
Task: {E6B6A567-DA3E-454E-8969-537B848ECB84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:C5760A8B
AlternateDataStreams: C:\ProgramData\TEMP:CB9270C0

Hosts:
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[simio.simsoft]

Fixlog

Fix result of Farbar Recovery Scan Tool (x86) Version: 24-06-2015
Ran by Pivo at 2015-06-27 12:20:30 Run:1
Running from C:\Users\Pivo\Desktop
Loaded Profiles: Pivo (Available Profiles: Pivo)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5769024 2015-03-04] (IObit)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {0e479424-fd36-11e3-99fd-68b599fc41be} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {45dd8d11-2b81-11e4-a025-68b599fc41be} - F:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {a085e112-cbf5-11e1-bd13-806e6f6e6963} - E:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c0319a-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe
HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\...\MountPoints2: {d8c031a8-f7e0-11e3-b6b4-e02a82ce37a3} - D:\Autorun.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)

R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-10-28] (WiseCleaner.com) [File not signed]

R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2014-11-10] (IObit)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2014-11-10] (IObit.com)
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2014-11-10] (IObit.com)
S3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [10792 2014-10-11] () [File not signed]
R1 WiseTdiFw; C:\Windows\WiseTdiFw.sys [42024 2014-10-11] (WiseCleaner.com) [File not signed]
U3 DfSdkS; No ImagePath

C:\Program Files\IObit
C:\Program Files\Wise
C:\Windows\WiseHDInfo32.dll
C:\Windows\WiseTdiFw.sys
C:\Users\Pivo\AppData\Roaming\Wise Care 365

Task: {0B808F29-821D-4367-94C7-B36F2FB745FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {31380CFF-C14A-45B9-9FC2-00636D1352E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {6366DB29-B51F-4C53-B6C9-DD584D1E2587} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {7A4C74B7-38C8-4965-946A-2F20CB8A1241} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-26] (Adobe Systems Incorporated)
Task: {8D0D4F56-A88F-4E07-AC73-4E6C8AF27019} - \avastBCLRestartS-1-5-21-2149464645-3227392997-1024222133-1000 No Task File <==== ATTENTION
Task: {B45C51C1-92C4-4F7C-ADFD-9ABE65EF6496} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2149464645-3227392997-1024222133-1000
Task: {E6B6A567-DA3E-454E-8969-537B848ECB84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:C5760A8B
AlternateDataStreams: C:\ProgramData\TEMP:CB9270C0

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\IObit Malware Fighter => value not found.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp" => key removed successfully.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => key removed successfully.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0e479424-fd36-11e3-99fd-68b599fc41be}" => key removed successfully.
HKCR\CLSID\{0e479424-fd36-11e3-99fd-68b599fc41be} => key not found.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45dd8d11-2b81-11e4-a025-68b599fc41be}" => key removed successfully.
HKCR\CLSID\{45dd8d11-2b81-11e4-a025-68b599fc41be} => key not found.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a085e112-cbf5-11e1-bd13-806e6f6e6963}" => key removed successfully.
HKCR\CLSID\{a085e112-cbf5-11e1-bd13-806e6f6e6963} => key not found.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c0319a-f7e0-11e3-b6b4-e02a82ce37a3}" => key removed successfully.
HKCR\CLSID\{d8c0319a-f7e0-11e3-b6b4-e02a82ce37a3} => key not found.
"HKU\S-1-5-21-2149464645-3227392997-1024222133-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c031a8-f7e0-11e3-b6b4-e02a82ce37a3}" => key removed successfully.
HKCR\CLSID\{d8c031a8-f7e0-11e3-b6b4-e02a82ce37a3} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully.
C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll => moved successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully.
C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll not found.
IMFservice => Service not found.
LiveUpdateSvc => Service removed successfully.
WiseBootAssistant => Service not found.
FileMonitor => Service not found.
RegFilter => Service not found.
UrlFilter => Service not found.
WiseHDInfo => Service removed successfully.
WiseTdiFw => Service not found.
DfSdkS => Service removed successfully.
C:\Program Files\IObit => moved successfully.
"C:\Program Files\Wise" => File/Folder not found.
"C:\Windows\WiseHDInfo32.dll" => File/Folder not found.
"C:\Windows\WiseTdiFw.sys" => File/Folder not found.
"C:\Users\Pivo\AppData\Roaming\Wise Care 365" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B808F29-821D-4367-94C7-B36F2FB745FF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B808F29-821D-4367-94C7-B36F2FB745FF}" => key removed successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31380CFF-C14A-45B9-9FC2-00636D1352E8}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31380CFF-C14A-45B9-9FC2-00636D1352E8}" => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6366DB29-B51F-4C53-B6C9-DD584D1E2587}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6366DB29-B51F-4C53-B6C9-DD584D1E2587}" => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A4C74B7-38C8-4965-946A-2F20CB8A1241}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A4C74B7-38C8-4965-946A-2F20CB8A1241}" => key removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D0D4F56-A88F-4E07-AC73-4E6C8AF27019}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D0D4F56-A88F-4E07-AC73-4E6C8AF27019}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2149464645-3227392997-1024222133-1000" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B45C51C1-92C4-4F7C-ADFD-9ABE65EF6496}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B45C51C1-92C4-4F7C-ADFD-9ABE65EF6496}" => key removed successfully.
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-2149464645-3227392997-1024222133-1000 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-2149464645-3227392997-1024222133-1000" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6B6A567-DA3E-454E-8969-537B848ECB84}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6B6A567-DA3E-454E-8969-537B848ECB84}" => key removed successfully.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully..
C:\ProgramData\TEMP => ":C5760A8B" ADS removed successfully..
C:\ProgramData\TEMP => ":CB9270C0" ADS removed successfully..
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 120.9 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 12:21:25 ====

[jerabina]

Co problémy? + nový log z HJT