Automatické rovnání ikon na ploše a ve složkách Vyřešeno

[Rox]

Tak daleko ještě nejsem :)

[Reklama]

[Rox]

Zoek:

Zoek.exe v5.0.0.1 Updated 28-09-2015
Tool run by Jan Nakl dal on st 30. 09. 2015 at 20:36:48,62.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JANNAK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30. 9. 2015 20:41:05 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\JANNAK~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Notepad++ deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\JANNAK~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\JANNAK~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\JANNAK~1\AppData\Local\EmieUserList deleted successfully
C:\Users\JANNAK~1\AppData\Local\LSI deleted successfully
C:\Users\JANNAK~1\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\JANNAK~1\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\JANNAK~1\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk SketchBook Pro for Enterprise 2014 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\JANNAK~1\AppData\LocalLow\Unity deleted
C:\WINDOWS\wininit.ini deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
"C:\Windows\Installer\1fec2.msi" deleted
"C:\Users\JANNAK~1\AppData\Local\{DF43AA11-D18D-486E-96D2-B6E31053441C}" deleted
"C:\ProgramData\droidcam-settings" deleted

==== Chromium Look ======================

BTTV - JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
Heroes & Generals - JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge
OGame Auctioneer Assistant - JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjpkobjhgiladaphmdgnnfahkgceemg
Webproxy.net - Unblock any website - JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpmikmnnnoacchojfpdgfdgpkfgajhim

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6DE05219-3ECE-461C-95D7-7A499C6ACC26}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6DE05219-3ECE-461C-95D7-7A499C6ACC26} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-140239567-1682426600-1567885322-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6DE05219-3ECE-461C-95D7-7A499C6ACC26} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6DE05219-3ECE-461C-95D7-7A499C6ACC26} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6DE05219-3ECE-461C-95D7-7A499C6ACC26} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\0WJFR396 will be deleted at reboot
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\N115XPEM will be deleted at reboot
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\PH4P84AW will be deleted at reboot
C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\S81UR0GQ will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\JANNAK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=134 folders=116 759592471 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\JANNAK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\0WJFR396" not found
"C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\N115XPEM" not found
"C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\PH4P84AW" not found
"C:\Users\JANNAK~1\AppData\Local\Microsoft\Windows\INetCache\IE\S81UR0GQ" not found

==== EOF on st 30. 09. 2015 at 21:09:10,40 ======================

[Rox]

ComboFix mi píše že ...

[jerabina]

Woops .. chybička se vloudila, omlouváme se.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Rox]

Tady je FRST.txt


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by Jan Nakládal (administrator) on HONZAN (01-10-2015 18:26:51)
Running from C:\Users\Jan Nakládal\Desktop
Loaded Profiles: Jan Nakládal (Available Profiles: Jan Nakládal)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184 2015-08-07] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => c:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-08-31] (Razer Inc.)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl�dal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl�dal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl�dal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-08-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155792 2015-08-07] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2015-06-07]
ShortcutTarget: SketchBook Snapshot.lnk -> C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe (Autodesk Inc)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.10.10.1 192.168.1.1
Tcpip\..\Interfaces\{4717fa2d-df6d-4863-a6d3-0efb522e0438}: [DhcpNameServer] 10.10.10.1 192.168.1.1
Tcpip\..\Interfaces\{5a7460b0-6b46-497a-bb4b-8838de1bbea6}: [DhcpNameServer] 10.10.10.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =
SearchScopes: HKU\S-1-5-21-140239567-1682426600-1567885322-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-140239567-1682426600-1567885322-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-07-16] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan Nakládal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-12]
CHR Extension: (Dokumenty Google) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-12]
CHR Extension: (Disk Google) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-12]
CHR Extension: (YouTube) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-12]
CHR Extension: (Tabulky Google) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-12]
CHR Extension: (Gmail) - C:\Users\Jan Nakládal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2485208 2015-08-26] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-10] (Electronic Arts)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-08-15] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-08-31] (Razer Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [97912 2015-05-08] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-08-07] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-28] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [32568 2015-08-28] (Dev47Apps)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-06-14] (Disc Soft Ltd)
S3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-08-26] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-08-26] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-08-26] (ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-08-26] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-08-26] (ESET)
S4 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-08-26] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-08-26] (ESET)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R1 MpKsl909f5ceb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1F962512-292D-4833-AA8D-BB93A1AD4707}\MpKsl909f5ceb.sys [44928 2015-10-01] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-07] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 18:26 - 2015-10-01 18:28 - 00027322 _____ C:\Users\Jan Nakládal\Desktop\FRST.txt
2015-10-01 18:26 - 2015-10-01 18:27 - 00000000 ____D C:\FRST
2015-10-01 18:26 - 2015-10-01 18:26 - 02192384 _____ (Farbar) C:\Users\Jan Nakládal\Desktop\FRST64.exe
2015-10-01 18:25 - 2015-10-01 18:26 - 02192384 _____ (Farbar) C:\Users\Jan Nakládal\Downloads\FRST64.exe
2015-10-01 18:19 - 2015-10-01 18:19 - 00016148 _____ C:\WINDOWS\system32\HONZAN_Jan Nakládal_HistoryPrediction.bin
2015-10-01 18:16 - 2015-10-01 18:16 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\NetworkTiles
2015-10-01 15:28 - 2015-10-01 15:28 - 00000000 ___HD C:\OneDriveTemp
2015-09-30 21:25 - 2015-09-30 21:25 - 00000000 ____D C:\deploy
2015-09-30 21:18 - 2015-09-30 21:18 - 05636489 _____ (Swearware) C:\Users\Jan Nakládal\Desktop\ComboFix.exe
2015-09-30 21:16 - 2015-09-30 21:18 - 05636489 _____ (Swearware) C:\Users\Jan Nakládal\Downloads\ComboFix.exe
2015-09-30 21:06 - 2015-09-30 21:06 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-09-30 21:04 - 2015-09-30 20:36 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-30 20:41 - 2015-09-30 21:09 - 00008596 _____ C:\zoek-results.log
2015-09-30 20:36 - 2015-09-30 20:56 - 00000000 ____D C:\zoek_backup
2015-09-30 20:36 - 2015-09-30 20:36 - 01309184 _____ C:\Users\Jan Nakládal\Desktop\zoek.exe
2015-09-30 20:35 - 2015-09-30 20:36 - 01309184 _____ C:\Users\Jan Nakládal\Downloads\zoek.exe
2015-09-30 16:53 - 2015-09-30 16:53 - 00009442 _____ C:\Users\Jan Nakládal\Desktop\RogueKiller.txt
2015-09-30 15:55 - 2015-09-30 19:23 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-09-30 15:55 - 2015-09-30 17:11 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-30 15:55 - 2015-09-30 15:55 - 22749768 _____ C:\Users\Jan Nakládal\Downloads\RogueKillerX64.exe
2015-09-30 15:55 - 2015-09-30 15:55 - 22749768 _____ C:\Users\Jan Nakládal\Desktop\RogueKillerX64.exe
2015-09-30 15:43 - 2015-09-30 15:43 - 00001101 _____ C:\Users\Jan Nakládal\Desktop\JRT.txt
2015-09-30 15:26 - 2015-09-30 15:27 - 01801288 _____ (Malwarebytes) C:\Users\Jan Nakládal\Downloads\JRT.exe
2015-09-30 15:09 - 2015-09-30 15:09 - 00001150 _____ C:\malwarebytes.txt
2015-09-29 21:10 - 2015-09-30 15:15 - 00000000 ____D C:\AdwCleaner
2015-09-29 21:07 - 2015-09-29 21:07 - 01670656 _____ C:\Users\Jan Nakládal\Desktop\AdwCleaner (1).exe
2015-09-29 21:06 - 2015-09-29 21:06 - 01670656 _____ C:\Users\Jan Nakládal\Downloads\AdwCleaner (1).exe
2015-09-29 20:43 - 2015-09-29 20:43 - 00448512 _____ (OldTimer Tools) C:\Users\Jan Nakládal\Downloads\TFC (1).exe
2015-09-29 20:42 - 2015-09-29 20:42 - 00050688 _____ (Atribune.org) C:\Users\Jan Nakládal\Downloads\ATF-Cleaner.exe
2015-09-29 14:39 - 2015-10-01 15:58 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-29 14:39 - 2015-09-30 15:09 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-29 14:39 - 2015-09-29 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-29 14:38 - 2015-09-29 14:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-29 14:38 - 2015-09-29 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-29 14:38 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-29 14:38 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-29 14:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-29 14:34 - 2015-09-29 14:38 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Jan Nakládal\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-29 14:34 - 2015-09-29 14:38 - 01670656 _____ C:\Users\Jan Nakládal\Downloads\AdwCleaner.exe
2015-09-29 14:34 - 2015-09-29 14:38 - 00448512 _____ (OldTimer Tools) C:\Users\Jan Nakládal\Downloads\TFC.exe
2015-09-29 14:25 - 2015-09-29 14:25 - 00018470 _____ C:\Users\Jan Nakládal\Downloads\hijackthis.log
2015-09-29 14:23 - 2015-09-29 14:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jan Nakládal\Downloads\HijackThis.exe
2015-09-28 14:37 - 2015-09-28 14:37 - 01870765 _____ C:\Users\Jan Nakládal\Downloads\Rainbow Pulse.mp4
2015-09-28 14:37 - 2015-09-28 14:37 - 01870765 _____ C:\Users\Jan Nakládal\Desktop\Rainbow Pulse.mp4
2015-09-26 00:03 - 2015-09-26 00:03 - 06521184 _____ (Tim Kosse) C:\Users\Jan Nakládal\Downloads\FileZilla_3.14.0_win64-setup.exe
2015-09-24 21:40 - 2015-09-26 00:08 - 01966080 _____ C:\Users\Jan Nakládal\Documents\iiroxmegii.muse
2015-09-24 21:29 - 2015-09-24 21:30 - 00000000 ____D C:\Users\Jan Nakládal\Desktop\Nová složka (2)
2015-09-22 19:51 - 2015-09-15 18:12 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-22 19:51 - 2015-09-15 18:12 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-20 21:07 - 2015-09-20 21:07 - 01146880 _____ C:\Users\Jan Nakládal\Documents\qsdafegrthzjukli.muse
2015-09-14 15:12 - 2015-09-14 15:12 - 01114112 _____ C:\Users\Jan Nakládal\Documents\Web-1dsedfgnm.muse
2015-09-12 23:41 - 2015-09-12 23:41 - 00000000 ____D C:\Users\Jan Nakl\u00c3
2015-09-12 23:41 - 2015-09-12 23:41 - 00000000 ____D C:\Users\Jan Nakl
2015-09-12 23:40 - 2015-09-30 15:10 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
2015-09-12 23:38 - 2015-09-12 23:40 - 23264384 _____ (Hola Networks Ltd.) C:\Users\Jan Nakládal\Downloads\Hola-Setup-x64-1.9.567.exe
2015-09-12 13:47 - 2015-09-12 13:47 - 00007112 _____ C:\Users\Jan Nakládal\Desktop\panel-40017619-image-875f46c0543162a9-320.jpeg
2015-09-12 12:21 - 2015-09-12 12:21 - 01515259 _____ C:\Users\Jan Nakládal\Downloads\Paysafecard Generator v2.50.zip
2015-09-12 12:12 - 2015-09-12 12:12 - 00000000 ____D C:\Users\Jan Nakládal\Documents\Razer
2015-09-12 12:12 - 2015-09-12 12:12 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\Razer_Inc
2015-09-12 12:08 - 2015-09-30 15:09 - 00001336 _____ C:\Users\Public\Desktop\Razer Cortex.lnk
2015-09-12 12:08 - 2015-09-12 12:08 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\Razer
2015-09-12 12:08 - 2015-09-12 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-09-12 12:07 - 2015-09-12 12:07 - 00000000 ____D C:\ProgramData\Razer
2015-09-12 12:07 - 2015-09-12 12:07 - 00000000 ____D C:\Program Files (x86)\Razer
2015-09-12 12:07 - 2015-06-12 17:51 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2015-09-12 12:03 - 2015-09-12 12:07 - 53399872 _____ (Razer Inc. ) C:\Users\Jan Nakládal\Downloads\RazerCortexSetup_6.2.12.0.exe
2015-09-11 15:43 - 2015-09-11 15:43 - 00000000 ____D C:\Users\Jan Nakládal\Desktop\Crack
2015-09-11 15:42 - 2015-09-11 15:42 - 09983584 _____ (MEGA Limited) C:\Users\Jan Nakládal\Downloads\MEGAsyncSetup (1).exe
2015-09-11 15:41 - 2015-06-16 12:43 - 00001805 _____ C:\Users\Jan Nakládal\Desktop\disable_activation.bat
2015-09-11 15:41 - 2015-06-16 12:39 - 00002552 _____ C:\Users\Jan Nakládal\Desktop\install.txt
2015-09-11 15:41 - 2015-06-15 05:44 - 00178176 _____ C:\Users\Jan Nakládal\Desktop\Adobe CC 2015 Keygen.exe
2015-09-10 20:59 - 2015-09-10 20:59 - 00000000 ____D C:\Users\Jan Nakládal\Documents\Adobe
2015-09-10 20:58 - 2015-09-30 15:10 - 00001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-09-10 18:11 - 2015-09-10 18:11 - 00001492 _____ C:\Users\Jan Nakládal\Desktop\Adobe_Illustrator_Icon_(CS6).svg
2015-09-10 17:56 - 2015-09-10 17:56 - 00000000 ____D C:\Users\Jan Nakládal\Downloads\torrent
2015-09-10 17:55 - 2015-09-10 17:55 - 00000870 _____ C:\Users\Jan Nakládal\Downloads\AdobeCreativeCloud2015CC2015AllProductsKeygenWindowsMac - ThePirateBay.TO.torrent
2015-09-09 18:20 - 2015-09-14 16:04 - 05734400 _____ C:\Users\Jan Nakládal\Documents\motocross.muse
2015-09-09 17:00 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 17:00 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 17:00 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 17:00 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 17:00 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 17:00 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 17:00 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 17:00 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 17:00 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 17:00 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 17:00 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 17:00 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 17:00 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 17:00 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 17:00 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 17:00 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 17:00 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 17:00 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 17:00 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 17:00 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 17:00 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 17:00 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 17:00 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 17:00 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-09 17:00 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 17:00 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 17:00 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 17:00 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 17:00 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 17:00 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 17:00 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 17:00 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 16:34 - 2015-09-09 16:33 - 00070808 _____ C:\Users\Jan Nakládal\Desktop\animate.css
2015-09-09 16:33 - 2015-09-09 16:33 - 00070808 _____ C:\Users\Jan Nakládal\Downloads\animate (1).css
2015-09-09 15:51 - 2015-09-09 15:51 - 01034027 _____ C:\Users\Jan Nakládal\Desktop\forwallpapers.com
2015-09-08 15:55 - 2015-09-30 15:09 - 00001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-08 15:54 - 2015-09-08 15:55 - 28849904 _____ C:\Users\Jan Nakládal\Downloads\vlc-2.2.1-win32 (1).exe
2015-09-08 15:54 - 2015-09-08 15:54 - 28849904 _____ C:\Users\Jan Nakládal\Downloads\vlc-2.2.1-win32.exe
2015-09-07 20:56 - 2015-09-29 14:50 - 00135842 _____ C:\Users\Jan Nakládal\Desktop\index.html
2015-09-07 16:32 - 2015-09-07 16:32 - 09983584 _____ (MEGA Limited) C:\Users\Jan Nakládal\Downloads\MEGAsyncSetup.exe
2015-09-07 16:10 - 2015-09-07 16:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-07 16:10 - 2015-09-07 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-06 20:45 - 2015-09-08 17:50 - 01736704 _____ C:\Users\Jan Nakládal\Documents\nubira.muse
2015-09-06 13:08 - 2015-09-06 13:08 - 00614520 _____ C:\Users\Jan Nakládal\Downloads\PBE_Client_Shell.zip
2015-09-04 17:19 - 2015-09-04 18:15 - 00000000 ____D C:\Users\Jan Nakládal\Documents\Corel VideoStudio Pro
2015-09-04 17:17 - 2015-09-04 18:37 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\Ulead Systems
2015-09-04 17:17 - 2015-09-04 17:19 - 00000000 ____D C:\ProgramData\Protexis64
2015-09-04 17:17 - 2015-09-04 17:17 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\Corel
2015-09-04 15:49 - 2015-09-06 19:48 - 00000000 ____D C:\Users\Jan Nakládal\Desktop\Zaloha Telefonu
2015-09-03 22:15 - 2015-09-03 22:23 - 00000000 ____D C:\Users\Jan Nakládal\Documents\Nová složka
2015-09-01 12:29 - 2015-10-01 15:22 - 00003314 _____ C:\WINDOWS\System32\Tasks\Run LSI
2015-09-01 12:28 - 2015-10-01 15:21 - 00000000 ____D C:\Program Files (x86)\LSI
2015-09-01 12:28 - 2015-09-21 19:09 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
2015-09-01 12:28 - 2015-09-01 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LSI - LoL Summoner Information
2015-09-01 12:27 - 2015-09-01 12:27 - 27492886 _____ (Aequus Gaming Ltd. ) C:\Users\Jan Nakládal\Downloads\LoL Summoner Information (v4.9.1) Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 18:24 - 2015-04-12 11:00 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\Skype
2015-10-01 18:19 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-01 18:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-01 15:34 - 2015-04-12 12:31 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-01 15:28 - 2015-04-15 14:23 - 00000000 ___DO C:\Users\Jan Nakládal\OneDrive
2015-10-01 15:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-01 15:17 - 2015-05-30 08:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-01 15:11 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 15:11 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-10-01 15:06 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-01 14:54 - 2015-08-11 09:31 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\Adobe
2015-10-01 14:32 - 2015-05-31 13:53 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\OBS
2015-10-01 14:26 - 2015-04-08 11:45 - 00004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3F030956-4D20-4642-9E01-945F51D9CA58}
2015-09-30 21:26 - 2015-08-20 08:59 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\CrashDumps
2015-09-30 21:05 - 2015-08-07 19:59 - 00020734 _____ C:\WINDOWS\PFRO.log
2015-09-30 20:56 - 2015-08-07 20:13 - 00000000 ____D C:\Users\Jan Nakládal
2015-09-30 20:56 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-09-30 20:56 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-09-30 18:06 - 2015-04-12 11:22 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\LolClient
2015-09-30 15:10 - 2015-08-27 19:27 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Edge Animate CC 2015.lnk
2015-09-30 15:10 - 2015-08-21 17:47 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-09-30 15:10 - 2015-08-21 17:45 - 00001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2015-09-30 15:10 - 2015-08-21 17:43 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-09-30 15:10 - 2015-08-21 17:42 - 00001253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-09-30 15:10 - 2015-08-21 17:34 - 00001607 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-09-30 15:10 - 2015-08-21 17:34 - 00001437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-09-30 15:10 - 2015-08-12 09:50 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2015.lnk
2015-09-30 15:10 - 2015-08-12 09:39 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-09-30 15:10 - 2015-08-12 09:10 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse.lnk
2015-09-30 15:10 - 2015-08-07 20:26 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-30 15:10 - 2015-07-16 16:43 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-09-30 15:10 - 2015-06-13 18:34 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-09-30 15:10 - 2015-05-05 20:17 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-09-30 15:10 - 2014-08-20 12:38 - 00002016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote.lnk
2015-09-30 15:10 - 2014-08-20 12:28 - 00002627 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2015-09-30 15:10 - 2013-11-28 19:59 - 00001958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-30 15:09 - 2015-08-19 23:31 - 00001925 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-30 15:09 - 2015-08-19 23:14 - 00001092 _____ C:\Users\Public\Desktop\Corel VideoStudio Pro X7.lnk
2015-09-30 15:09 - 2015-08-19 23:14 - 00001092 _____ C:\Users\Public\Desktop\Corel FastFlick X7.lnk
2015-09-30 15:09 - 2015-08-19 23:14 - 00001087 _____ C:\Users\Public\Desktop\Corel ScreenCap X7.lnk
2015-09-30 15:09 - 2015-08-19 21:45 - 00001162 _____ C:\Users\Public\Desktop\Hrát Heroes & Generals.lnk
2015-09-30 15:09 - 2015-08-18 23:54 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\EL-Revize - demo.lnk
2015-09-30 15:09 - 2015-08-18 23:54 - 00001212 _____ C:\Users\Public\Desktop\EL-Revize - demo.lnk
2015-09-30 15:09 - 2015-08-12 09:39 - 00001297 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-09-30 15:09 - 2015-08-12 09:10 - 00000971 _____ C:\Users\Public\Desktop\Adobe Muse.lnk
2015-09-30 15:09 - 2015-08-07 21:29 - 00002427 _____ C:\Users\Jan Nakládal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-30 15:09 - 2015-08-07 20:43 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-30 15:09 - 2015-07-21 07:59 - 00000889 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-30 15:09 - 2015-05-05 20:17 - 00001223 _____ C:\Users\Public\Desktop\paint.net.lnk
2015-09-30 15:09 - 2015-04-28 15:16 - 00002014 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2015-09-30 15:09 - 2015-04-28 15:15 - 00002201 _____ C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
2015-09-30 15:09 - 2015-04-23 15:01 - 00001034 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-09-30 15:09 - 2015-04-16 21:38 - 00002014 _____ C:\Users\Public\Desktop\SketchUp 2015.lnk
2015-09-30 15:09 - 2015-04-12 11:00 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-30 15:09 - 2014-08-20 12:28 - 00000406 _____ C:\Users\Public\Desktop\TOSHIBA Services.lnk
2015-09-30 15:08 - 2015-08-17 11:40 - 00001385 _____ C:\Users\Jan Nakládal\Desktop\Frozen Throne.lnk
2015-09-30 15:08 - 2015-08-17 11:40 - 00001380 _____ C:\Users\Jan Nakládal\Desktop\Warcraft III.lnk
2015-09-30 15:08 - 2015-07-23 17:25 - 00001138 _____ C:\Users\Jan Nakládal\Desktop\MK LOL.lnk
2015-09-29 21:40 - 2015-04-20 18:04 - 00000000 ____D C:\Program Files (x86)\WinRAR
2015-09-28 20:21 - 2015-04-23 15:01 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\TS3Client
2015-09-28 14:52 - 2015-08-10 11:45 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\vlc
2015-09-26 12:14 - 2015-08-07 20:38 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-26 12:14 - 2015-07-10 18:02 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-26 12:14 - 2015-07-10 18:02 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-26 12:01 - 2015-08-17 11:41 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\GameRanger
2015-09-26 00:04 - 2015-06-19 17:38 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\FileZilla
2015-09-25 21:18 - 2015-07-10 14:20 - 00029664 _____ C:\WINDOWS\setupact.log
2015-09-23 14:49 - 2015-08-12 09:42 - 00000000 ___RD C:\Users\Jan Nakládal\Creative Cloud Files
2015-09-22 19:51 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-22 17:14 - 2015-04-23 15:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-09-18 14:56 - 2015-04-13 14:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-17 17:50 - 2015-07-10 14:20 - 04994576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-17 17:46 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-17 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-16 15:13 - 2015-03-26 15:21 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\Packages
2015-09-15 23:23 - 2015-05-05 20:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-15 15:29 - 2015-04-12 12:31 - 00004032 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 15:29 - 2015-04-12 12:31 - 00003800 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 15:29 - 2015-04-12 12:31 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-12 15:40 - 2015-04-18 13:55 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\uTorrent
2015-09-11 21:13 - 2015-04-12 12:31 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Local\Google
2015-09-11 15:18 - 2015-08-11 09:43 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-09-10 21:14 - 2015-08-20 19:46 - 00000000 ____D C:\Users\Jan Nakládal\Desktop\scroll-effects
2015-09-10 21:13 - 2015-08-21 17:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-09-10 21:08 - 2015-08-11 09:33 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-09-10 21:03 - 2015-08-12 09:15 - 00000000 ____D C:\Program Files\Adobe
2015-09-10 20:58 - 2015-03-26 15:21 - 00000000 ____D C:\Users\Jan Nakládal\AppData\Roaming\Adobe
2015-09-10 20:44 - 2015-08-11 09:36 - 00000000 ____D C:\ProgramData\Adobe
2015-09-10 18:47 - 2015-08-07 20:51 - 00000000 ____D C:\Windows.old
2015-09-09 17:42 - 2015-04-20 18:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-09 17:42 - 2015-04-20 18:11 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 17:40 - 2013-08-22 15:25 - 00000199 _____ C:\WINDOWS\win.ini
2015-09-07 16:10 - 2015-08-12 09:51 - 00003670 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com
2015-09-07 16:10 - 2015-04-12 10:59 - 00000000 ____D C:\ProgramData\Skype
2015-09-06 17:44 - 2015-07-16 17:04 - 00000600 _____ C:\Users\Jan Nakládal\AppData\Roaming\winscp.rnd
2015-09-02 17:10 - 2015-08-20 14:29 - 00010711 _____ C:\Users\Jan Nakládal\Desktop\Airsoft.xlsx

==================== Files in the root of some directories =======

2015-08-22 10:23 - 2015-08-22 10:23 - 0000132 _____ () C:\Users\Jan Nakládal\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-08-27 14:16 - 2015-08-30 11:32 - 0000034 _____ () C:\Users\Jan Nakládal\AppData\Roaming\AdobeWLCMCache.dat
2015-07-16 17:04 - 2015-09-06 17:44 - 0000600 _____ () C:\Users\Jan Nakládal\AppData\Roaming\winscp.rnd
2015-04-28 15:15 - 2015-04-28 15:15 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-30 19:15

==================== End of FRST.txt ============================

[Rox]

a tady je Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Jan Nakládal (2015-10-01 18:29:31)
Running from C:\Users\Jan Nakládal\Desktop
Windows 10 Home (X64) (2015-08-07 18:56:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-140239567-1682426600-1567885322-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-140239567-1682426600-1567885322-503 - Limited - Disabled)
Guest (S-1-5-21-140239567-1682426600-1567885322-501 - Limited - Disabled)
Jan Nakládal (S-1-5-21-140239567-1682426600-1567885322-1002 - Administrator - Enabled) => C:\Users\Jan Nakládal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 9.0.117.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.141.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Edge Animate CC 2015 (HKLM-x32\...\{92AC6B8F-F962-11E4-867D-81149C0292DF}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 7.4.30 - Adobe Systems Incorporated)
Adobe Muse CC 2015 (HKLM-x32\...\{25CC1EC0-19D9-11E5-952D-BD72CD08879E}) (Version: 2015.0.2.4 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.12.11 (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
ArtMoney SE v7.43.1 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk SketchBook Pro for Enterprise 2014 (HKLM-x32\...\Autodesk SketchBook Pro for Enterprise 2014) (Version: 6.10.0000 - Autodesk)
Autodesk SketchBook Pro for Enterprise 2014 (x32 Version: 6.10.0000 - Autodesk) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BLOCKADE 3D (HKLM-x32\...\Steam App 302830) (Version: - Shumkov Dmitriy)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CINEMA 4D 15.008 (HKLM\...\MAXON12664043) (Version: 15.008 - MAXON Computer GmbH)
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.0.0.249 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
EL-Revize - Demoverze 14.7.1 (HKLM-x32\...\ELMER-REVIZE-DEMO) (Version: 14.7.1 - ELMER software s.r.o.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
FileZilla Client 3.12.0.2 (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
HHD Software Free Hex Editor Neo 6.11 (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.11.0.5363 - HHD Software, Ltd.)
Hola™ 1.9.624 - Better Internet (HKLM\...\Hola) (Version: 1.9.624 - Hola Networks Ltd.)
HP Deskjet 2540 series Nápověda (HKLM-x32\...\{7103ABDA-EB81-4F1D-BBCC-B76526BF4B5B}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LSI - LoL Summoner Information (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\{62B332E9-239D-4692-BDE2-0CC1CF2833DA}_is1) (Version: v4.10.0 - Aequus Gaming Ltd.)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
MIDI Converter Studio 8.2 (HKLM-x32\...\MIDI Converter Studio_is1) (Version: - ManiacTools.com)
MK LOL (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\MK LOL) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.2.12.0 - Razer Inc.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Ruby 2.2.2-p95 (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\{F4249FFD-42CD-4404-9534-170D074544F4}_is1) (Version: 2.2.2-p95 - RubyInstaller Team)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP Deskjet 2540 series (HKLM\...\{DF4E8547-10D9-41B1-B0D9-0BFE9005836C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.28c - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version: - En Masse Entertainment)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{030AB374-29B6-41D5-A0CB-C210CAE1C481}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
Unity (HKLM-x32\...\Unity) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Warcraft III Reign of Chaos & The Frozen Throne (HKLM-x32\...\Warcraft III Reign of Chaos & The Frozen Throne) (Version: - )
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Window Title Changer version 1.0 (HKLM-x32\...\{F530C1D7-2F76-497A-934C-2C55F57BBB37}_is1) (Version: 1.0 - MurGee.com)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7.4 (HKLM-x32\...\winscp3_is1) (Version: 5.7.4 - Martin Prikryl)
World of Tanks (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
Základní software zařízení HP Deskjet 2540 series (HKLM\...\{D8EFF534-A1B8-44C3-8632-B82DC7C10596}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A0FF9CD3460C}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{182FB546-8596-4CEF-9CB5-E9505BF7F628}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{6DB27B2E-87AC-4354-927A-AD711A0ED77E}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{A244CEC5-DB63-4ED9-B0D7-A0527C064113}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{AE1514A4-5D7D-4D1B-BC7F-320E6962B0DD}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\FileDocument.dll (HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{B845012A-F05A-4EC8-816D-B033183B9CA5}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\hhdhexneo.dll (HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-140239567-1682426600-1567885322-1002_Classes\CLSID\{F350F7C1-9F0E-4A97-8EEC-E690C7095BEF}\InprocServer32 -> C:\Users\Jan Nakládal\AppData\Local\HHD Software\Hex Editor Neo\PatchAPI\dll\x64\hexpatch64.dll (HHD Software Ltd.)

==================== Restore Points =========================

19-09-2015 16:56:58 Naplánovaný kontrolní bod
22-09-2015 19:46:39 Windows Update
30-09-2015 15:39:11 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-09-30 20:41 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08FD9B09-9A60-43CD-8206-312A32FA9949} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {10DD1E26-6951-430E-BEB3-04999916BF40} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {1BAB6521-B8E1-4BBF-929B-3B4A9BE45FBC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2AFC53CC-859F-46D8-9D15-CE212DC953BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F6C433D-CAD8-46BC-8B53-8D3F00AA1D8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {301B23B3-A8A3-4E3E-9954-23C63A7510F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {3901AB65-7F3D-42A0-B009-576B0FF3BF3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {3C0D461C-1FC8-4780-B5F7-31DCE113FA73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {428B5883-E478-4AAD-9A1B-6DE372FC024C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {44D51395-67AF-45E2-A4DE-B76F844A9B28} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-08] (TOSHIBA Corporation)
Task: {4B9A0884-E98E-4FF1-B0EA-CE11DDB42DF6} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {54AF6936-F810-41B5-AE5E-453CC4BFBA63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {6EA98CCD-BE05-404C-834A-2823192F6B29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {7D3C461C-9981-4116-BEF7-889DC8D364D1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89DEAD95-6CC2-4940-B367-5FEB770FC3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8C6F590B-E536-4058-9D3D-6B9C461AFECC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9BD28B9E-88D1-4DB1-AB8E-63408FCAB401} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-09-21] (Aequus Gaming)
Task: {A2995A63-6584-4A2F-BB9E-7BC65B8A7484} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A6368F8E-34D9-43EA-92F2-C41D99D60C9C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B36C9605-7037-4025-B469-7446F4447DBD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D9DBD1C5-91A1-4218-90DB-2338B3114668} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {E7FF81ED-C881-4D40-9246-FCBAFABAD3FD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-07] (Synaptics Incorporated)
Task: {E9FFBC14-AB67-45FA-A0B8-1642EE42237A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F100D559-5A99-40E0-B82D-5D896D151D05} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F30F90A4-0412-4EF3-825F-A5B1BD50AEA1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-07 20:49 - 2015-08-07 20:49 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-13 20:45 - 2015-08-07 13:07 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-07 20:06 - 2015-08-07 06:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-27 12:53 - 2013-03-27 12:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2015-08-19 15:57 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-09-10 12:54 - 2013-09-10 12:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-08-28 21:19 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 21:19 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-05-13 18:30 - 2015-05-13 18:30 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-12 11:29 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 15:57 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 11:29 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-09-08 17:56 - 2015-09-08 17:56 - 01752576 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\8f320c4a308d2e39c6aa40c7cdf4ce49\Windows.UI.ni.dll
2015-09-08 17:56 - 2015-09-08 17:56 - 00497152 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\49d9e2eb148fe29623ae98ad26130766\Windows.Foundation.ni.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-09-24 14:24 - 2015-09-24 14:24 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-09-24 14:24 - 2015-09-24 14:24 - 10807296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.922.11070.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-09-18 14:38 - 2015-09-18 14:38 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-30 14:27 - 2015-09-30 14:28 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-09-30 14:27 - 2015-09-30 14:28 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.9.25.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-09-09 14:38 - 2015-09-09 14:38 - 00007680 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
2015-05-13 18:31 - 2015-05-13 18:31 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-13 21:05 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-13 20:45 - 2015-08-07 13:07 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-08-20 11:45 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-09 14:38 - 2015-09-09 14:38 - 09767424 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2015-07-10 18:08 - 2015-07-10 18:08 - 06459392 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\SharedLibrary.dll
2015-09-09 14:36 - 2015-09-09 14:36 - 00970240 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\SQLiteWrapper.dll
2015-08-07 21:58 - 2015-08-07 21:58 - 03517616 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-09-09 14:36 - 2015-09-09 14:36 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2015-07-09 19:32 - 2015-07-09 19:32 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-09-25 14:35 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-25 14:35 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Jan Nakládal\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Jan Nakládal\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\DRM:احتضان

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\hola.org -> hxxp://hola.org


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan Nakládal\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: 10.10.10.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "SketchBook Snapshot.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6EBD8821-DDD0-4B24-A618-46BA9FC4CDD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DC916CAD-D330-48D8-90C6-53A188415DEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8ED68B3B-2246-4A16-820B-935FD6E75BAB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9DE15DC0-8BEA-4477-9856-500DDBEB7F0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{934F74A2-61CC-47F2-8558-A5C893870742}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE89FCCC-B0FA-4B3C-A3A0-E17632095D37}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{71735843-6EAB-465C-92E8-57D671F23E3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{0F9EE68D-91A4-48D5-B5D1-A1868C187C3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{8BD7A5C6-6524-41B2-8D85-92AE0FD8AB8E}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{C749B18D-B0BA-4EB1-9A7F-2DA7AFAE6048}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{EE7C9E39-8FD0-4524-A3BF-147FD7C1007C}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{6A296E81-3E9E-4AD2-A246-55913643C3D5}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{A63694E2-AD18-4953-90EF-518AC98950EB}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{5D11A41F-1C41-4E6B-9F56-3E906D289F4A}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [UDP Query User{E8D8E593-56CA-4A7E-9B62-B45100353090}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{D8FFD71E-A1BF-4329-A40C-9FFC6DA413DD}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{2ECECE8A-8CAF-4298-A9C2-8C293E26B674}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{FDDC35CE-9D14-4F3C-A800-18594556CA99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{D4FE1310-5738-4459-8330-94593BCE50C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{A6D96ACA-03A0-44C7-8982-E8C24885188C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{A3326201-1990-4764-AA55-9E19FA1A5D21}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{5CF5265A-982E-43E4-8FE1-9271A7348644}] => (Allow) C:\Program Files (x86)\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{FA08242E-C947-49CD-B27F-FE978CEEBA76}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{934D9B8A-BB82-4EA5-B66A-A5F6DF3996AA}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{BE2B5B1B-FDF5-4B66-B382-5A0767F6E1BC}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{8C96BF7B-436E-4BFB-AD1A-70196BCCFA44}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_updater.exe
FirewallRules: [{CD2A8AF5-D12A-4D92-BBCB-A8E069F71B17}] => (Allow) C:\Program Files (x86)\Survarium\temp\survarium_launcher.exe
FirewallRules: [{1FFD5E42-AA19-42C9-9954-D8FBDA212C7B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C8E0D2AB-BBC0-4DB3-8F10-006D08D922D1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A55B9FB2-98AE-47C4-9E08-ED47A75742ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C0781D85-6843-486E-8B86-54B86B8C608F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAF79317-680D-4F7E-B313-D9C11EA8BCEB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A8BB18A9-EA75-480D-96A1-2975F61BE982}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{8BFD1910-0708-472A-B955-13727AA5CB5D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F5D6203D-D5C5-4A04-92B6-54F3D7211CF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4E87D8A-4FAE-4651-B4EE-080422CE454C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{724CAC61-E95B-4F3E-8063-E0C4B583D419}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{28A1CF2A-517F-42E8-BAA4-250E8371E5FF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B0796758-7C85-496E-9FC2-43DC9E550E8D}] => (Allow) LPort=5357
FirewallRules: [{852487E3-39CB-4093-9B50-196641A79FE0}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{0692469B-41B0-406E-87D1-44ED59BF0EE4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A9601A43-5CD2-48F2-A785-E65C10AC26C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{312A87C6-FF77-4AE7-B77A-8D70B2031630}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A4CAA147-C92A-4C43-8BEA-CB09EEDBB0A7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{8B50FD0B-8DA2-4E9E-B4C8-9E22BC37D333}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{16D0E89F-71EE-4C8E-9148-2DB1AA208BA9}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{7AB6A5AF-9663-4827-ACC6-582F19069C7C}] => (Allow) C:\Users\Jan Nakládal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{315DB17F-B7A4-4417-AD9F-EF44FB63D373}] => (Allow) C:\Users\Jan Nakládal\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8DFA25B2-D657-48B6-A2DF-9737F39636D8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{25CCA29C-2387-44E0-A14D-40DAAD9AAE63}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E6F4898D-F87B-4563-9B7A-DA1A83605153}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{424D3764-CC71-4D92-80F9-5F000020EA94}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6EF5DB22-6AF6-45D7-9128-5A6F6238770C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9514F7A1-A4A2-42B4-AE99-FF91155271BB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{43CFF0F3-44E5-4176-87D9-C64F16C19385}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [TCP Query User{BA6C21B6-17FD-47D8-AB9A-82EFB3A1E62F}C:\users\jan nakládal\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jan nakládal\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{61F6CA0B-11BC-44C8-A480-74E1044EE41D}C:\users\jan nakládal\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jan nakládal\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{98A9EEDE-412C-4A1C-88C4-8DE5D47F39AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{5E147298-DB1C-4B76-BF17-20E1139247A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [TCP Query User{F6B43AEA-1316-4883-BCFD-E393DA8160C5}C:\program files\adobe\adobe muse cc 2015\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015\muse.exe
FirewallRules: [UDP Query User{3240BEE4-8B06-4654-A55C-01A07F3F8B25}C:\program files\adobe\adobe muse cc 2015\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2015\muse.exe
FirewallRules: [{3AA29F8A-1964-4B33-A54E-9097FA08A44E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0813CC7B-0555-42DA-BEC0-80602C880CD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84D492E9-5C85-4FC9-9E94-E79651AD7B8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DAE59347-8B18-46C3-83C6-07BD3376F084}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4118D66D-DEEA-404B-88F8-E1FF011910D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{B4B6AFAD-0088-4C26-B48C-431C4BA644F2}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{A40758D9-F91F-4F9A-A426-34F2C3F93811}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{B3BE5ADE-BFDD-4EB2-A087-C9293E2F9A70}C:\users\jan nakládal\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jan nakládal\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{38B1D9EE-1973-4D35-977C-05331C4D192C}C:\users\jan nakládal\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jan nakládal\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{85DAC93F-0DE1-4AEC-8CB7-0F2D43D4388B}C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Allow) C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [UDP Query User{68250EC2-6343-47B6-B514-EB13D8D12C72}C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe] => (Allow) C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe
FirewallRules: [TCP Query User{2DD15199-AB41-4E17-99AA-106BBBC9F2C1}C:\program files (x86)\el-revize - demo\el-revize(demo).exe] => (Block) C:\program files (x86)\el-revize - demo\el-revize(demo).exe
FirewallRules: [UDP Query User{00C56030-3316-4720-87D5-B31D4DB13E07}C:\program files (x86)\el-revize - demo\el-revize(demo).exe] => (Block) C:\program files (x86)\el-revize - demo\el-revize(demo).exe
FirewallRules: [{CBA3571A-1265-4909-BEFE-1A58B97ED3D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{E537482D-A8FE-4E2E-8BFC-F6CDE92494BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{F425EC49-9633-4D2F-A4E7-36EDF16A0796}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{656680BD-B07B-4288-949A-3375262C59E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{37A9D3AF-E9C7-42E7-8F95-9A3D6362E0BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8D1C0E2A-78A7-4488-BD54-BEDB8A28E789}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{C37758F1-B3DE-4ABC-BB14-DF27642A8F2A}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{38C12131-C7A1-4F47-932B-E66F0714D701}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{A4E57655-8F4C-4678-96F5-0E6DAAA954F2}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{42F95346-C9B6-4148-ADCA-DDCC99625CF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2015 04:35:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HONZAN)
Description: Aplikaci Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/01/2015 03:34:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1 se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/01/2015 03:28:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HONZAN)
Description: Aplikaci Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/01/2015 03:21:03 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6432) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (10/01/2015 03:21:03 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6432) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (10/01/2015 03:20:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6432) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (10/01/2015 03:20:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6432) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (10/01/2015 03:20:42 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6432) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (10/01/2015 03:20:42 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6432) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (10/01/2015 03:20:32 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6432) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032


System errors:
=============
Error: (10/01/2015 05:54:57 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/01/2015 05:06:02 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/01/2015 04:41:27 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Server došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10001.

Error: (10/01/2015 03:31:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (10/01/2015 03:20:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TPCH Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/01/2015 03:20:03 PM) (Source: DCOM) (EventID: 10010) (User: HONZAN)
Description: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}

Error: (10/01/2015 03:12:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Support Solutions Framework Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/01/2015 03:12:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Support Solutions Framework Service bylo dosaženo časového limitu (30000 ms).

Error: (10/01/2015 03:12:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Razer Game Scanner neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/01/2015 03:12:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Razer Game Scanner bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================
Date: 2015-09-30 15:50:06.439
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-28 17:34:23.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-22 19:53:34.479
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-17 19:45:58.542
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-08 13:48:16.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 67%
Total physical RAM: 3971.27 MB
Available physical RAM: 1309.53 MB
Total Virtual: 8323.27 MB
Available Virtual: 5026.3 MB

==================== Drives ================================

Drive c: (TI31254900A) (Fixed) (Total:686.21 GB) (Free:427.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[jerabina]

Vypni trvale Windows Defender

Co ty cracky a keygeny? Víš, že to tahá do počítače akorát další bordel?

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"

HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan Nakládal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

C:\ProgramData\RogueKiller
C:\Users\Jan Nakládal\AppData\Roaming\winscp.rnd
C:\ProgramData\Ament.ini

Task: {08FD9B09-9A60-43CD-8206-312A32FA9949} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {1BAB6521-B8E1-4BBF-929B-3B4A9BE45FBC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2AFC53CC-859F-46D8-9D15-CE212DC953BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F6C433D-CAD8-46BC-8B53-8D3F00AA1D8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3C0D461C-1FC8-4780-B5F7-31DCE113FA73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {428B5883-E478-4AAD-9A1B-6DE372FC024C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {54AF6936-F810-41B5-AE5E-453CC4BFBA63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {6EA98CCD-BE05-404C-834A-2823192F6B29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {7D3C461C-9981-4116-BEF7-889DC8D364D1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89DEAD95-6CC2-4940-B367-5FEB770FC3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8C6F590B-E536-4058-9D3D-6B9C461AFECC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9BD28B9E-88D1-4DB1-AB8E-63408FCAB401} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-09-21] (Aequus Gaming)
Task: {A2995A63-6584-4A2F-BB9E-7BC65B8A7484} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A6368F8E-34D9-43EA-92F2-C41D99D60C9C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B36C9605-7037-4025-B469-7446F4447DBD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Jan Nakládal\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Jan Nakládal\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\DRM:??????

IE trusted site: HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\hola.org -> hxxp://hola.org

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\Windows\System32\drivers\wfpcapture.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[Rox]

Cracky a keygeny no už jsem je dlouho nepoužíval ,ale nějak jsem na ně zapoměl a tak tam furt straší.
Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
Ran by Jan Nakládal (2015-10-01 23:10:45) Run:1
Running from C:\Users\Jan Nakládal\Desktop
Loaded Profiles: Jan Nakládal (Available Profiles: Jan Nakládal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe --silent
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\RunOnce: [Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"

HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =
SearchScopes: HKLM-x32 -> DefaultScope {6DE05219-3ECE-461C-95D7-7A499C6ACC26} URL =

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/FlashPlayer -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @hola.org/vlc -> C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll No File
FF Plugin HKU\S-1-5-21-140239567-1682426600-1567885322-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan Nakládal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

C:\ProgramData\RogueKiller
C:\Users\Jan Nakládal\AppData\Roaming\winscp.rnd
C:\ProgramData\Ament.ini

Task: {08FD9B09-9A60-43CD-8206-312A32FA9949} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {1BAB6521-B8E1-4BBF-929B-3B4A9BE45FBC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2AFC53CC-859F-46D8-9D15-CE212DC953BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2F6C433D-CAD8-46BC-8B53-8D3F00AA1D8C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3C0D461C-1FC8-4780-B5F7-31DCE113FA73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {428B5883-E478-4AAD-9A1B-6DE372FC024C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {54AF6936-F810-41B5-AE5E-453CC4BFBA63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {6EA98CCD-BE05-404C-834A-2823192F6B29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {7D3C461C-9981-4116-BEF7-889DC8D364D1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89DEAD95-6CC2-4940-B367-5FEB770FC3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8C6F590B-E536-4058-9D3D-6B9C461AFECC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9BD28B9E-88D1-4DB1-AB8E-63408FCAB401} - System32\Tasks\Run LSI => C:\Program Files (x86)\LSI\LoLSummonerInfo.exe [2015-09-21] (Aequus Gaming)
Task: {A2995A63-6584-4A2F-BB9E-7BC65B8A7484} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A6368F8E-34D9-43EA-92F2-C41D99D60C9C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B36C9605-7037-4025-B469-7446F4447DBD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Jan Nakládal\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Jan Nakládal\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Public\DRM:??????

IE trusted site: HKU\S-1-5-21-140239567-1682426600-1567885322-1002\...\hola.org -> hxxp://hola.org

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 => value not found.
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64 => value not found.
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Jan Nakl?dal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 => value not found.
HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => not found.
"HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/FlashPlayer" => key removed successfully
C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => not found.
"HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/vlc" => key removed successfully
C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.
"HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\MozillaPlugins\@hola.org/FlashPlayer" => key removed successfully
C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => not found.
"HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\MozillaPlugins\@hola.org/vlc" => key removed successfully
C:\Users\Jan Nakládal\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.
"HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\Jan Nakládal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\ProgramData\RogueKiller => moved successfully
C:\Users\Jan Nakládal\AppData\Roaming\winscp.rnd => moved successfully
C:\ProgramData\Ament.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08FD9B09-9A60-43CD-8206-312A32FA9949}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08FD9B09-9A60-43CD-8206-312A32FA9949}" => key removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MicrosoftAccount-jan.nakladal@outlook.com" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BAB6521-B8E1-4BBF-929B-3B4A9BE45FBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BAB6521-B8E1-4BBF-929B-3B4A9BE45FBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AFC53CC-859F-46D8-9D15-CE212DC953BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AFC53CC-859F-46D8-9D15-CE212DC953BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F6C433D-CAD8-46BC-8B53-8D3F00AA1D8C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F6C433D-CAD8-46BC-8B53-8D3F00AA1D8C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C0D461C-1FC8-4780-B5F7-31DCE113FA73}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C0D461C-1FC8-4780-B5F7-31DCE113FA73}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{428B5883-E478-4AAD-9A1B-6DE372FC024C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{428B5883-E478-4AAD-9A1B-6DE372FC024C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54AF6936-F810-41B5-AE5E-453CC4BFBA63}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54AF6936-F810-41B5-AE5E-453CC4BFBA63}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6EA98CCD-BE05-404C-834A-2823192F6B29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EA98CCD-BE05-404C-834A-2823192F6B29}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D3C461C-9981-4116-BEF7-889DC8D364D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D3C461C-9981-4116-BEF7-889DC8D364D1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89DEAD95-6CC2-4940-B367-5FEB770FC3CD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89DEAD95-6CC2-4940-B367-5FEB770FC3CD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C6F590B-E536-4058-9D3D-6B9C461AFECC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C6F590B-E536-4058-9D3D-6B9C461AFECC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BD28B9E-88D1-4DB1-AB8E-63408FCAB401}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BD28B9E-88D1-4DB1-AB8E-63408FCAB401}" => key removed successfully
C:\WINDOWS\System32\Tasks\Run LSI => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run LSI" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2995A63-6584-4A2F-BB9E-7BC65B8A7484}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2995A63-6584-4A2F-BB9E-7BC65B8A7484}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6368F8E-34D9-43EA-92F2-C41D99D60C9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6368F8E-34D9-43EA-92F2-C41D99D60C9C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B36C9605-7037-4025-B469-7446F4447DBD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B36C9605-7037-4025-B469-7446F4447DBD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\Users\Jan Nakládal\OneDrive => ":ms-properties" ADS removed successfully.
"C:\Users\Jan Nakládal\SkyDrive" => ":ms-properties" ADS not found.
"C:\Users\Public\DRM" => ":??????" ADS not found.
"HKU\S-1-5-21-140239567-1682426600-1567885322-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org" => key removed successfully
EmptyTemp: => 835.4 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 23:11:55 ====

Ale ten wfpcapture.sys nemůžu furt najít i když mám povelené zobrazení skrytých složek a souboru plus to druhé.
Nevím kde dělám chybu (přílohy)

[jaro3]

Co problémy?

[Rox]

Je toho jsem si ani nevším ,furt jsem přemýšlel proč nemužu najit ten soubor. Už to nerovná mockrát děkuji všem co si dali tu práci a četli ty logy, no prostě diky všem co tu něco napsali :).
Jen mám dotaz ten soubor wfpcapture.sys už asi hledat nemusím že ?

[Orcus]

Nemusíš.

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

+ nový log z HJT

[Rox]

CCleaner: Hotovo
DelFix:
# DelFix v1.011 - Logfile created 04/10/2015 at 00:15:06
# Updated 18/08/2015 by Xplode
# Username : Jan Nakládal - HONZAN
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Jan Nakládal\Desktop\Addition.txt
Deleted : C:\Users\Jan Nakládal\Desktop\AdwCleaner (1).exe
Deleted : C:\Users\Jan Nakládal\Desktop\ComboFix.exe
Deleted : C:\Users\Jan Nakládal\Desktop\ComboFix.JPG
Deleted : C:\Users\Jan Nakládal\Desktop\Fixlog.txt
Deleted : C:\Users\Jan Nakládal\Desktop\FRST.txt
Deleted : C:\Users\Jan Nakládal\Desktop\FRST64.exe
Deleted : C:\Users\Jan Nakládal\Desktop\JRT.txt
Deleted : C:\Users\Jan Nakládal\Desktop\RogueKiller.txt
Deleted : C:\Users\Jan Nakládal\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Jan Nakládal\Desktop\zoek.exe
Deleted : C:\Users\Jan Nakládal\Downloads\AdwCleaner (1).exe
Deleted : C:\Users\Jan Nakládal\Downloads\AdwCleaner.exe
Deleted : C:\Users\Jan Nakládal\Downloads\ComboFix.exe
Deleted : C:\Users\Jan Nakládal\Downloads\FRST64.exe
Deleted : C:\Users\Jan Nakládal\Downloads\JRT.exe
Deleted : C:\Users\Jan Nakládal\Downloads\HijackThis.exe
Deleted : C:\Users\Jan Nakládal\Downloads\hijackthis.log
Deleted : C:\Users\Jan Nakládal\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Jan Nakládal\Downloads\TFC (1).exe
Deleted : C:\Users\Jan Nakládal\Downloads\TFC.exe
Deleted : C:\Users\Jan Nakládal\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #16 [Naplánovaný kontrolní bod | 09/19/2015 14:56:58]
Deleted : RP #17 [Windows Update | 09/22/2015 17:46:39]
Deleted : RP #18 [JRT Pre-Junkware Removal | 09/30/2015 13:39:11]

New restore point created !

########## - EOF - ##########
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:19:27, on 4. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)


Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\WindowsApps\Microsoft.BingWeather_4.5.168.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jan Nakládal\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [APSDaemon] "c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "c:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jan Nakládal\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Survarium Update Service - Unknown owner - C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16099 bytes