prosím o kontrolu logu - vyskakující stránky ve Firefoxu

[filatelik]

AHoj,

Chtěl bych poprosit o kontrolu logu. Před nedávnem mě začala outomaticky ve Firefoxu vyskakovat stránka s adresou "http://www.msftncsi.com/" na stránce napsáno jen "page not found". Stránka se otevře i při spuštění jiného programu a skočí do popředí, i když je firofeox vypnutý. Předem díky za pomoc! :) Jinak na okraj bych zmínil, že mou jedinou ochranou PC je samotný Windows 8.1, tedy jeho defaultně nainstalovaný Defender (nevím jestli to hraje roli při tahání havěti do PC, slyšel sem že je to dostačující ochrana).


Zde je log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:58, on 8. 11. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 40.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\PrtScr\PrtScr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Felipe Grande\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Felipe Grande\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS Partition Master 10.0\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [GIGABYTEMOUSE] C:\Users\Felipe Grande\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PrtScr by FireStarter] C:\Program Files (x86)\PrtScr\PrtScr.exe /Tray
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILHE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-212 213 Series" /EF "HKCU"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [TrayStatus] "C:\Program Files (x86)\TrayStatus\TrayStatus.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GoodSync] "C:\Program Files\Siber Systems\GoodSync\GoodSync.exe" /min
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_2A9B40912823FFDC4CC2AA40255E3C0A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: IconRestorer.lnk = C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GoodSync Runner Felipe Grande (GsRunner Felipe Grande) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit (mi-raysat_3dsmax2010_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16806 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[filatelik]

Ahoj Jaro, díky za odpoved!

tady dle postupu (nic jsem zatim nemazal):

x AdwCleaner log:

# AdwCleaner v5.019 - Logfile created 09/11/2015 at 17:27:04
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Felipe Grande - FILATELIK_PC
# Running from : C:\Users\Felipe Grande\Desktop\adwcleaner_5.019.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Zrychleni Pocitace
Folder Found : C:\Program Files (x86)\FLV and Media Player
Folder Found : C:\Program Files (x86)\myfree codec
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found : C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Found : C:\Users\Felipe Grande\AppData\Local\FileViewPro
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Solvusoft
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\FLV and Media Player
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\plugin@yontoo.com.xpi
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
Folder Found : C:\Users\Public\Documents\ShopperPro
Folder Found : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Files ] *****

File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\ProgramData\hpeF1A.dll
File Found : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\plugin@yontoo.com.xpi
File Found : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\user.js
File Found : C:\WINDOWS\SysNative\roboot64.exe

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : SMupdate1
Task Found : Microsoft\Windows\Multimedia\SMupdate3
Task Found : Microsoft\Windows\Maintenance\SMupdate2

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKLM\SOFTWARE\Freeze.com
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV and Media Player
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\iWebar
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Sense
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense

***** [ Web browsers ] *****

[C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Found : user_pref("extensions.crossrider.bic", "1447c034a17efe40c8cdcdffb98e1174");
[C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Found : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394477379522");
[C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Found : user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader");
[C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Found : user_pref("extentions.y2layers.installId", "4931b8c9-9849-4b5b-8a2b-de07ef8402d5");
[C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ojhagnahfpegocdhlopgljpaafeogmcc

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6408 bytes] ##########





x Malwarebytes' Anti-Malware log :

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9. 11. 2015
Čas skenování: 17:33
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.09.04
Databáze rootkitů: v2015.11.04.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Felipe Grande

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 381284
Uplynulý čas: 13 min, 31 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 15
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMupdate1, , [49afa3d83655f93d5cd6026e788b0cf4],
PUP.Optional.MyFreeze, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, , [8b6d3249ddae132391330b7317ecc63a],
PUP.Optional.iWebar, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [8d6b49321f6c1422ed7c86ef649fc739],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Sense, , [c434601ba8e3cf6736bb1c657e840af6],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [90683e3db2d9d06659625510ec1722de],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3784812C-A6B6-4644-BE12-D341F62BDC75}, , [31c7314a5635fd39f1db1a4c27dc40c0],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53F19768-16B9-472D-AFFA-A95C1AEE24D1}, , [61970e6da0ebfc3afecef67024dff60a],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ED533B9-D758-409D-B534-87EC81B8649F}, , [e810abd08cff2313cdfec89e54aff30d],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ABA1D3D-54B5-488E-A9D5-891FF8FF79DB}, , [d22604778efdde580ac105617c87d52b],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0C9D60A-96C3-4A77-B61C-6882D276EA9A}, , [c1373b40f2998ea88a41085ea162d828],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9BBDFB9-856F-4AB3-AF1B-473B92EE63D5}, , [ec0c88f37c0f72c4d9f2ce98d52e8977],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C637BCEA-FA1C-481E-9DEA-6E18EF586D32}, , [0aeec0bb2665a2942ca0a7bf798a23dd],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D61742BF-4D0C-4B3D-9288-AF7EE6D8B525}, , [3abe700ba3e856e0cffdde883ec532ce],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA3CE70A-D9AD-4147-9ED4-1A73291728FF}, , [d028017ab4d70531418b471f39ca8e72],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2458531-5D0D-411F-9815-D15F77BE845E}, , [c038007b3952241201ca78eee51ed42c],

Hodnoty registru: 10
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3784812C-A6B6-4644-BE12-D341F62BDC75}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [31c7314a5635fd39f1db1a4c27dc40c0]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53F19768-16B9-472D-AFFA-A95C1AEE24D1}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [61970e6da0ebfc3afecef67024dff60a]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ED533B9-D758-409D-B534-87EC81B8649F}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [e810abd08cff2313cdfec89e54aff30d]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ABA1D3D-54B5-488E-A9D5-891FF8FF79DB}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [d22604778efdde580ac105617c87d52b]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0C9D60A-96C3-4A77-B61C-6882D276EA9A}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [c1373b40f2998ea88a41085ea162d828]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9BBDFB9-856F-4AB3-AF1B-473B92EE63D5}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-buttonutil.exe, , [ec0c88f37c0f72c4d9f2ce98d52e8977]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C637BCEA-FA1C-481E-9DEA-6E18EF586D32}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [0aeec0bb2665a2942ca0a7bf798a23dd]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D61742BF-4D0C-4B3D-9288-AF7EE6D8B525}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-codedownloader.exe, , [3abe700ba3e856e0cffdde883ec532ce]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA3CE70A-D9AD-4147-9ED4-1A73291728FF}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [d028017ab4d70531418b471f39ca8e72]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2458531-5D0D-411F-9815-D15F77BE845E}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-buttonutil.exe, , [c038007b3952241201ca78eee51ed42c]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 9
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de, , [6494710a7912c5717d9071fffd05a759],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome, , [6494710a7912c5717d9071fffd05a759],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro, , [31c7e596820949edcc78bdb67989fe02],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver, , [31c7e596820949edcc78bdb67989fe02],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin, , [a3559be00289162051947df7fa0a58a8],

Soubory: 29
Trojan.MalPack.Suspicious, C:\Program Files\Artlantis Studio 5\Artlantis 5.0.2.3K.exe, , [9b5dde9de0ab4fe7f87c8bb9fa077090],
Trojan.MalPack.Suspicious, C:\Program Files\Artlantis Studio 5\X64.exe, , [ea0ea5d65c2f2c0a7301b88c9e636d93],
PUP.Optional.CrossRider, C:\Users\Felipe Grande\AppData\Local\Installer\Install_14288\cr.exe, , [a454fc7f4645c175ffe105b499673ac6],
CrackTool.Agent.Keygen, C:\Windows\AutoKMS.exe, , [837566153457d3635fd80c8c38c94eb2],
RiskWare.Tool.CK, C:\Windows\KMSEmulator.exe, , [c23617642e5d91a55ce772568180e41c],
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMupdate1, , [6e8af9826625df57a884de928e75857b],
PUP.Optional.Yontoo, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\plugin@yontoo.com.xpi, , [e711097234572b0b055db4e6bc477d83],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\appicon_48.png, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\Error.jpg, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\index.html, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\metadata, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\SplashScreen.jpg, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\state, , [c632f98262299c9a6ac9c8a69270768a],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome.manifest, , [6494710a7912c5717d9071fffd05a759],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\install.rdf, , [6494710a7912c5717d9071fffd05a759],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome\quickstorestoolbar.jar, , [6494710a7912c5717d9071fffd05a759],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [31c7e596820949edcc78bdb67989fe02],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\install.rdf, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content\main.xul, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content\options.html, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\button.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\icon32x32-disabled.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\icon32x32.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\options.css, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\options_bg.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\otaznik.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\slider.png, , [a3559be00289162051947df7fa0a58a8],
PUP.Optional.CrossRider, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js, Dobré: (), Špatné: (user_pref("extensions.crossrider.bic", "1447c034a17efe40c8cdcdffb98e1174");), ,[55a392e96b20c571d02480ef20e4c53b]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)


...předem díky za kontrolu.

f

[Orcus]

- Spusť znovu MbAM a dej Skenovat nyní
- Po proběhnutí programu, se ti objeví hláška, tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

====================================================

- Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
- Klikni na „ Smazat“
- Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[filatelik]

OK, skvělý, vše jsem projel, logy níže:

MbAM LOG:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9. 11. 2015
Čas skenování: 22:37
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.09.06
Databáze rootkitů: v2015.11.04.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Felipe Grande

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 382150
Uplynulý čas: 12 min, 42 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 15
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMupdate1, , [56a4ef8ccfbcfe385119f779de25ac54],
PUP.Optional.MyFreeze, HKLM\SOFTWARE\WOW6432NODE\Freeze.com, , [7a80a1daafdc2610c735334bac579769],
PUP.Optional.iWebar, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [fcfe304bdab15fd7aef3255014efa25e],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Sense, , [5f9bc7b4c3c8e1550e1b3a483cc630d0],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [6199de9d5a31a78f0be8ec7923e052ae],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3784812C-A6B6-4644-BE12-D341F62BDC75}, , [7f7bcbb03b5096a0f70dee79669dcd33],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53F19768-16B9-472D-AFFA-A95C1AEE24D1}, , [7387750654377bbb9470dd8a42c1a45c],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ED533B9-D758-409D-B534-87EC81B8649F}, , [c238730893f8fc3a60a3c99e55ae23dd],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ABA1D3D-54B5-488E-A9D5-891FF8FF79DB}, , [e218106bfc8f3afcbd46bfa8917257a9],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0C9D60A-96C3-4A77-B61C-6882D276EA9A}, , [7882f2898cff4aec5ea5660130d35ca4],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9BBDFB9-856F-4AB3-AF1B-473B92EE63D5}, , [8476abd0b7d480b6f80b91d66a99817f],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C637BCEA-FA1C-481E-9DEA-6E18EF586D32}, , [b34738430c7f053102024c1b5fa425db],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D61742BF-4D0C-4B3D-9288-AF7EE6D8B525}, , [c73365161e6d3ef8df25c0a7758e718f],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA3CE70A-D9AD-4147-9ED4-1A73291728FF}, , [b743cfac0586191d1fe5ec7b24dfbc44],
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2458531-5D0D-411F-9815-D15F77BE845E}, , [28d22457b1da84b2e51e9ec933d035cb],

Hodnoty registru: 10
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3784812C-A6B6-4644-BE12-D341F62BDC75}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [7f7bcbb03b5096a0f70dee79669dcd33]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53F19768-16B9-472D-AFFA-A95C1AEE24D1}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [7387750654377bbb9470dd8a42c1a45c]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7ED533B9-D758-409D-B534-87EC81B8649F}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [c238730893f8fc3a60a3c99e55ae23dd]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9ABA1D3D-54B5-488E-A9D5-891FF8FF79DB}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [e218106bfc8f3afcbd46bfa8917257a9]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0C9D60A-96C3-4A77-B61C-6882D276EA9A}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-buttonutil.exe, , [7882f2898cff4aec5ea5660130d35ca4]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B9BBDFB9-856F-4AB3-AF1B-473B92EE63D5}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-buttonutil.exe, , [8476abd0b7d480b6f80b91d66a99817f]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C637BCEA-FA1C-481E-9DEA-6E18EF586D32}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [b34738430c7f053102024c1b5fa425db]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D61742BF-4D0C-4B3D-9288-AF7EE6D8B525}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-codedownloader.exe, , [c73365161e6d3ef8df25c0a7758e718f]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA3CE70A-D9AD-4147-9ED4-1A73291728FF}|AppName, 5d27283f-b8bd-436a-82eb-61b8f246b910-2.exe-codedownloader.exe, , [b743cfac0586191d1fe5ec7b24dfbc44]
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2458531-5D0D-411F-9815-D15F77BE845E}|AppName, 71cc2990-a79e-4f3a-8c64-f26d3c6f8b4f-2.exe-buttonutil.exe, , [28d22457b1da84b2e51e9ec933d035cb]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 9
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de, , [f406e9928ffc79bdce77d997c93938c8],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome, , [f406e9928ffc79bdce77d997c93938c8],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro, , [db1f44372368a39328543a39aa5832ce],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver, , [db1f44372368a39328543a39aa5832ce],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin, , [25d55c1f800b072f51db98dd1ce85aa6],

Soubory: 29
Trojan.MalPack.Suspicious, C:\Program Files\Artlantis Studio 5\Artlantis 5.0.2.3K.exe, , [05f5bdbedead3bfb621c0a3a22df18e8],
Trojan.MalPack.Suspicious, C:\Program Files\Artlantis Studio 5\X64.exe, , [906abcbf6922e84e0e7047fdd8297e82],
PUP.Optional.CrossRider, C:\Users\Felipe Grande\AppData\Local\Installer\Install_14288\cr.exe, , [ae4cc6b5a7e4db5bca20e8d1b8486f91],
CrackTool.Agent.Keygen, C:\Windows\AutoKMS.exe, , [aa50fb80028955e1e35e6e2a2fd214ec],
RiskWare.Tool.CK, C:\Windows\KMSEmulator.exe, , [44b68fec2368a0963238ebddce33d22e],
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMupdate1, , [d22864172b6001359bc9313fc04309f7],
PUP.Optional.Yontoo, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\plugin@yontoo.com.xpi, , [93675f1c96f57db97b1fe3b737cc8d73],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\appicon_48.png, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\Error.jpg, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\index.html, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\metadata, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\SplashScreen.jpg, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.PCSpeedUp, C:\Users\Felipe Grande\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\state, , [807a94e7028958de75f61e5043bf867a],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome.manifest, , [f406e9928ffc79bdce77d997c93938c8],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\install.rdf, , [f406e9928ffc79bdce77d997c93938c8],
PUP.Optional.QuickStoresTB, C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome\quickstorestoolbar.jar, , [f406e9928ffc79bdce77d997c93938c8],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, , [db1f44372368a39328543a39aa5832ce],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\install.rdf, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content\main.xul, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\content\options.html, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\button.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\icon32x32-disabled.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\icon32x32.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\options.css, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\options_bg.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\otaznik.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.ZoomIt, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\extensions\{392499a4-ec30-c6e4-0ef2-ceb40d74b8b6}\chrome\skin\slider.png, , [25d55c1f800b072f51db98dd1ce85aa6],
PUP.Optional.CrossRider, C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js, Dobré: (), Špatné: (user_pref("extensions.crossrider.bic", "1447c034a17efe40c8cdcdffb98e1174");), ,[3bbfcead07847eb8af8cb9b74cb842be]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)





AdwCleaner LOG:

# AdwCleaner v5.019 - Logfile created 09/11/2015 at 22:58:11
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Felipe Grande - FILATELIK_PC
# Running from : C:\Users\Felipe Grande\Desktop\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
[-] Folder Deleted : C:\Program Files (x86)\FLV and Media Player
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Users\Felipe Grande\AppData\Local\FileViewPro
[-] Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\FLV and Media Player
[#] Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[-] Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{AF445D67-154C-4c69-A17B-7F392BCC36A3}
[-] Folder Deleted : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
[-] File Deleted : C:\Program Files\Common Files\System\SysMenu64.dll
[-] File Deleted : C:\ProgramData\hpeF1A.dll
[-] File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
[-] File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
[-] File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
[-] File Deleted : C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\user.js
[-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
[-] Task Deleted : Microsoft\Windows\Maintenance\SMupdate2

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV and Media Player
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense

***** [ Web browsers ] *****

[-] [C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Deleted : user_pref("extensions.crossrider.bic", "1447c034a17efe40c8cdcdffb98e1174");
[-] [C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394477379522");
[-] [C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader");
[-] [C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\prefs.js] [Preference] Deleted : user_pref("extentions.y2layers.installId", "4931b8c9-9849-4b5b-8a2b-de07ef8402d5");
[-] [C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ojhagnahfpegocdhlopgljpaafeogmcc

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6026 bytes] ##########





JRT LOG:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Felipe Grande on po 09. 11. 2015 at 23:15:49,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Felipe Grande\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Felipe Grande\Appdata\Local\installer



~~~ FireFox

Successfully deleted: [File] C:\Users\Felipe Grande\AppData\Roaming\mozilla\firefox\profiles\fsnplpzq.default-1398726264463\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Successfully deleted the following from C:\Users\Felipe Grande\AppData\Roaming\mozilla\firefox\profiles\fsnplpzq.default-1398726264463\prefs.js

user_pref(extensions.crossrider.bic, 1447c034a17efe40c8cdcdffb98e1174);
Emptied folder: C:\Users\Felipe Grande\AppData\Roaming\mozilla\firefox\profiles\fsnplpzq.default-1398726264463\minidumps [8 files]



~~~ Chrome


[C:\Users\Felipe Grande\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Felipe Grande\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Felipe Grande\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Felipe Grande\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 09. 11. 2015 at 23:18:55,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






roguekiller LOG:

RogueKiller V10.11.5.0 (x64) [Nov 9 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Felipe Grande [Práva správce]
Started from : C:\Users\Felipe Grande\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 11/09/2015 23:56:16

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Nahrazeno (http://search.msn.com/spbasic.htm)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 147.32.110.1 147.32.107.4 ([EUROPEAN UNION (EU)][CZECH REPUBLIC (CZ)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 147.32.110.1 147.32.107.4 ([EUROPEAN UNION (EU)][CZECH REPUBLIC (CZ)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2E76797D-BA9F-4B3E-9C17-9FF805AF068A} | DhcpNameServer : 10.33.110.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{85BED0DE-49DA-4491-B6B7-83B30D0B8D92} | DhcpNameServer : 147.32.110.1 147.32.107.4 ([EUROPEAN UNION (EU)][CZECH REPUBLIC (CZ)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2E76797D-BA9F-4B3E-9C17-9FF805AF068A} | DhcpNameServer : 10.33.110.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{85BED0DE-49DA-4491-B6B7-83B30D0B8D92} | DhcpNameServer : 147.32.110.1 147.32.107.4 ([EUROPEAN UNION (EU)][CZECH REPUBLIC (CZ)]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 13 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activate-sjc0.adobe.com

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 16 ¤¤¤
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Bulk Image Downloader [{524B8EF8-C312-11DB-8039-536F56D89593}] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Image Picker [ImagePicker@topolog.org] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : YouTube to MP3 Button [flvto@hotger.com] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Flash Video Downloader - YouTube HD Download [4K] [artur.dubovoy@gmail.com] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Complete YouTube Saver [{AF445D67-154C-4c69-A17B-7F392BCC36A3}] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Multi YouTube mp3 [d.lehr@chello.at] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Classic Theme Restorer [ClassicThemeRestorer@ArisT2Noia4dev] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Save Images [LDSI_plashcor@gmail.com] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : DoubleClick Save Picture [doubleclick-picture@windpr.tw] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : ??? ????? ??? ????????? [images@wink.su] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : FlashGot Mass Downloader [{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}] -> Smazáno
[PUP][FIREFX:Addon] fsnplpzq.default-1398726264463 : Seznam li?ti?ka [{ea614400-e918-4741-9a97-7a972ff7c30b}] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Easy Youtube Video Downloader Express [{b9acf540-acba-11e1-8ccb-001fd0e08bd4}] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Video DownloadHelper [{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] -> Smazáno
[FIREFX:Addon] fsnplpzq.default-1398726264463 : Image Download ? [imagedownload@Merci.chao] -> Smazáno
[PUM.HomePage][FIREFX:Config] fsnplpzq.default-1398726264463 : user_pref("browser.startup.homepage", "http://www.centrum.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 5bd809edfb048b7546639d405e8f6605
[BSP] 40f857800dfe3e029f108b23d3357749 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Ba | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EF | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Ba | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Mi | Offset (sectors): 4630528 | Size: 128 MB
4 - | Offset (sectors): 4892672 | Size: 102430 MB
5 - | Offset (sectors): 214669312 | Size: 808000 MB
6 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1869453312 | Size: 450 MB
7 - Ba | Offset (sectors): 1870374912 | Size: 25600 MB
8 - [SYSTEM][MAN-MOUNT] Ba | Offset (sectors): 1922803712 | Size: 15000 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

nic se nesmazalo..


+
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[filatelik]

Ahoj, tak to jsem sem dal asi log po scanu a ne po mazani z MbAMu omylem, urcite jsem ale dal pak vymazat. Tady davam log novy - ted to naslo a smazalo uz jen jednu polozku:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14. 11. 2015
Čas skenování: 12:26
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.14.02
Databáze rootkitů: v2015.11.13.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Felipe Grande

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 382381
Uplynulý čas: 12 min, 34 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.CrossRider, HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\WINDOWS_IE_AC_001\SOFTWARE\Crossrider, Do karantény, [d1192d50612ae4529a18eee955ae40c0],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)





Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Felipe Grande (administrator) on FILATELIK_PC (14-11-2015 12:44:41)
Running from C:\Users\Felipe Grande\Desktop
Loaded Profiles: Felipe Grande (Available Profiles: Felipe Grande)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Windows\SysWOW64\UMonit64.exe
(FireStarter) C:\Program Files (x86)\PrtScr\PrtScr.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
() C:\Users\Felipe Grande\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
(FSL - Freesoftland) C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13545032 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [40960 2013-04-09] ()
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-11-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-11-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985200 2013-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS Partition Master 10.0\bin\EpmNews.exe [2086568 2014-03-06] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS Partition Master 10.0\bin\TrayPopupE\TrayTipAgentE.exe [254024 2014-02-13] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [GIGABYTEMOUSE] => C:\Users\Felipe Grande\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe [1308672 2012-12-03] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [PrtScr by FireStarter] => C:\Program Files (x86)\PrtScr\PrtScr.exe [1700864 2009-05-16] (FireStarter)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILHE.EXE [297024 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [Dropbox Update] => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-16] (Dropbox, Inc.)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [13690000 2014-06-17] ()
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\MountPoints2: {5d424377-cf0b-11e3-be7e-28d24434939e} - "F:\Setup.exe"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: acaptuser64.dll => C:\WINDOWS\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-09-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconRestorer.lnk [2015-03-07]
ShortcutTarget: IconRestorer.lnk -> C:\Program Files (x86)\FSL\IconRestorer\IconRestorer.exe (FSL - Freesoftland)
Startup: C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2015-11-03]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea)
Startup: C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2014-04-25]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 147.32.110.1 147.32.107.4
Tcpip\..\Interfaces\{85BED0DE-49DA-4491-B6B7-83B30D0B8D92}: [DhcpNameServer] 147.32.110.1 147.32.107.4

Internet Explorer:
==================
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> {E0783AB0-5977-495D-AAAE-98B1FC3DA297} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
IE Session Restore: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> is enabled.
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463
FF DefaultSearchEngine: Google
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\WINDOWS\SysWOW64\npdeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2464649380-609429310-1827663864-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\doplky-pro-firefox.xml [2010-10-16]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\imdb.xml [2010-10-16]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\sfd.xml [2010-10-16]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\uloto.xml [2015-11-09]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\wikiarquitectura---buildings-of-the-world-en.xml [2014-03-31]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\wikipedia-eng.xml [2010-10-16]
FF SearchPlugin: C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\searchplugins\youtube.xml [2010-10-16]
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\LogMeInClient@logmein.com [2015-10-25] [not signed]
FF Extension: Nokia Maps 3D browser plugin - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\maps@ovi.com [2015-10-25] [not signed]
FF Extension: Bazzacuda Image Saver Plus - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{FF2FA6A4-B3B1-11DD-B910-6C9A55D89593} [2015-10-25]
FF Extension: Classic Theme Restorer - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-11-10]
FF Extension: Czech (CZ) Language Pack - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\langpack-cs@firefox.mozilla.org.xpi [2015-08-12] [not signed]
FF Extension: Youtube Mp3 Downloader - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\youtubemp3@email.com.xpi [2013-04-05] [not signed]
FF Extension: Adblock Plus - C:\Users\Felipe Grande\AppData\Roaming\Mozilla\Firefox\Profiles\fsnplpzq.default-1398726264463\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Norton Identity Safe) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.48_0\npcoplgn.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll => No File
CHR Profile: C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Simple Autofill) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjplknefldnfcncohonjbeeocljjmbm [2014-11-19]
CHR Extension: (Adblock Plus) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (Dropbox) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-10-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [217088 2015-04-09] (Connectify) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 GsRunner Felipe Grande; C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [13690000 2014-06-17] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-09] (Robert McNeel & Associates)
R2 mi-raysat_3dsmax2010_64; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [86016 2009-03-12] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-29] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S2 Správce výběru OS; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-21] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-29] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [42152 2015-02-06] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-05] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [91368 2013-03-22] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-22] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 s0016bus; C:\Windows\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\system32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\system32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\system32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\system32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\system32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-03] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-14 12:43 - 2015-11-14 12:44 - 00056901 _____ C:\Users\Felipe Grande\Desktop\Addition.txt
2015-11-14 12:43 - 2015-11-14 12:44 - 00036879 _____ C:\Users\Felipe Grande\Desktop\FRST.txt
2015-11-14 12:43 - 2015-11-14 12:44 - 00000000 ____D C:\FRST
2015-11-14 12:42 - 2015-11-14 12:42 - 02198528 _____ (Farbar) C:\Users\Felipe Grande\Desktop\FRST64.exe
2015-11-14 12:39 - 2015-11-14 12:40 - 00001362 _____ C:\Users\Felipe Grande\Desktop\mbam.txt
2015-11-14 12:35 - 2015-11-14 12:38 - 00000000 ____D C:\Users\Felipe Grande\AppData\Local\Autodesk
2015-11-14 01:41 - 2015-11-14 01:41 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 19:09 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 19:09 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 19:09 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 19:09 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 19:09 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 19:09 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 19:09 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 19:09 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 19:09 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 19:09 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 19:09 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 19:09 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 19:09 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 19:09 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 19:09 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 19:09 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 19:09 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 19:09 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 19:09 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 19:09 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 19:09 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 19:09 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 19:09 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 19:09 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 19:09 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 19:09 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 19:09 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 19:09 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 19:09 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 19:09 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 19:09 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 19:09 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 19:09 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 19:09 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 19:09 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 19:09 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 19:09 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 19:09 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 19:09 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 19:09 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 19:09 - 2015-03-20 04:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-11-11 19:09 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-11-11 19:08 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 19:08 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 19:08 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 19:08 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 19:08 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 19:08 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 19:08 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 19:08 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 19:08 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 19:08 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 19:08 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 19:08 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 19:08 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 19:08 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 19:08 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 19:08 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 19:08 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 19:08 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 19:08 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 19:08 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 19:08 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 19:08 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 19:08 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 19:08 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 19:08 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 19:08 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 19:08 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 19:08 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 19:08 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 19:08 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 19:08 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-09 23:32 - 2015-11-09 23:57 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-09 23:32 - 2015-11-09 23:32 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-09 23:30 - 2015-11-09 23:30 - 22939720 _____ C:\Users\Felipe Grande\Desktop\RogueKillerX64.exe
2015-11-09 18:21 - 2015-11-09 18:21 - 00000000 ____D C:\Users\Felipe Grande\AppData\Local\ACD Systems
2015-11-09 17:31 - 2015-11-14 12:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-09 17:31 - 2015-11-09 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-09 17:31 - 2015-11-09 17:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-09 17:31 - 2015-11-09 17:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-09 17:31 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-09 17:31 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-09 17:31 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-09 17:21 - 2015-11-12 21:26 - 00000000 ____D C:\Users\Felipe Grande\AppData\Local\Adobe
2015-11-09 17:21 - 2015-11-09 23:37 - 00000000 ____D C:\Users\Felipe Grande\Desktop\_PC SECURITY
2015-11-09 17:09 - 2015-11-09 17:09 - 00275400 _____ C:\WINDOWS\Minidump\110915-84812-01.dmp
2015-11-08 23:04 - 2015-11-14 12:21 - 00000000 ____D C:\Users\Felipe Grande\Desktop\bordýlek
2015-11-08 13:43 - 2015-11-08 13:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Felipe Grande\Desktop\HijackThis.exe
2015-11-05 08:57 - 2015-11-05 10:21 - 00000851 _____ C:\Users\Felipe Grande\Desktop\electro TXT.txt
2015-11-04 23:09 - 2015-11-07 16:46 - 00000000 ____D C:\Users\Felipe Grande\Desktop\TW
2015-11-04 09:28 - 2015-11-04 09:28 - 00001364 _____ C:\Users\Felipe Grande\Desktop\Lymedale Suites.lnk
2015-11-02 22:53 - 2015-11-04 09:28 - 00000000 ____D C:\Users\Felipe Grande\Desktop\EXPO Photos
2015-10-26 10:42 - 2015-10-26 11:50 - 00000571 _____ C:\Users\Felipe Grande\Documents\batchz20.scr
2015-10-25 18:39 - 2015-10-25 20:17 - 00000266 _____ C:\Users\Felipe Grande\Desktop\weby to see.txt
2015-10-19 18:16 - 2015-11-09 22:51 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\AIMP3
2015-10-19 18:16 - 2015-10-19 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2015-10-19 18:16 - 2015-10-19 18:16 - 00000000 ____D C:\Program Files (x86)\AIMP3

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-14 12:40 - 2015-09-16 22:35 - 00000976 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA.job
2015-11-14 12:29 - 2015-10-13 11:25 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-14 12:18 - 2014-04-24 23:25 - 01518325 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-14 12:07 - 2014-04-18 00:56 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2464649380-609429310-1827663864-1002
2015-11-14 12:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-14 11:53 - 2014-04-24 22:11 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-14 11:24 - 2014-04-25 00:08 - 00004018 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BF2D5DA6-A788-49AB-96FD-351677E20358}
2015-11-14 11:23 - 2015-10-03 15:24 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\GoodSync
2015-11-14 11:22 - 2014-04-25 18:20 - 00000000 __RDO C:\Users\Felipe Grande\OneDrive
2015-11-14 11:22 - 2014-04-24 22:11 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 02:21 - 2014-04-28 19:03 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\ClassicShell
2015-11-14 02:20 - 2014-04-27 12:42 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\vlc
2015-11-14 01:41 - 2014-04-24 20:22 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\Dropbox
2015-11-13 23:40 - 2015-09-16 22:35 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core.job
2015-11-13 08:14 - 2015-02-08 21:09 - 00000521 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-13 08:14 - 2013-08-22 15:46 - 00375285 _____ C:\WINDOWS\setupact.log
2015-11-13 08:13 - 2015-09-03 10:20 - 00000242 _____ C:\WINDOWS\Tasks\AutoKMS.job
2015-11-13 08:13 - 2013-11-21 12:23 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-13 08:13 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-13 08:13 - 2013-08-22 15:44 - 05475016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-12 23:11 - 2013-11-21 12:55 - 00020992 _____ C:\WINDOWS\system32\VfService.trf
2015-11-12 23:11 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-12 23:11 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-12 22:33 - 2014-03-18 16:33 - 01775132 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-12 22:33 - 2014-03-18 15:54 - 00749274 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-12 22:33 - 2014-03-18 15:54 - 00156736 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-12 10:29 - 2015-10-13 11:25 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-11 19:16 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-09 23:00 - 2014-03-18 08:20 - 00807704 _____ C:\WINDOWS\PFRO.log
2015-11-09 22:58 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-09 22:52 - 2015-09-03 10:20 - 00000236 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2015-11-09 22:52 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-09 19:01 - 2014-05-10 18:30 - 00000000 ____D C:\Users\Felipe Grande\Documents\Lexicon
2015-11-09 18:55 - 2014-05-02 14:57 - 00000132 _____ C:\Users\Felipe Grande\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-11-09 17:25 - 2015-09-03 10:20 - 00002754 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2015-11-09 17:25 - 2014-04-28 14:26 - 00015419 _____ C:\WINDOWS\AutoKMS.log
2015-11-09 17:15 - 2014-04-27 16:33 - 00000000 ____D C:\Users\Felipe Grande\AppData\Local\CrashDumps
2015-11-09 17:15 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-08 13:46 - 2015-02-09 13:27 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-07 11:22 - 2014-04-24 23:35 - 00000000 ____D C:\Users\Felipe Grande
2015-11-07 01:24 - 2014-05-04 17:47 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\Skype
2015-11-06 14:41 - 2014-04-28 13:41 - 00012295 _____ C:\Users\Felipe Grande\Documents\plot.log
2015-11-06 12:19 - 2014-04-18 16:02 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\Adobe
2015-11-03 22:21 - 2014-05-10 18:32 - 00001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Lingea Lexicon 5.lnk
2015-11-03 22:21 - 2014-05-10 18:32 - 00001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Lingea LexWin.lnk
2015-11-03 18:11 - 2014-07-19 13:08 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\Azureus
2015-11-03 18:11 - 2014-05-04 21:27 - 00000000 ____D C:\Users\Felipe Grande\AppData\Roaming\TeamViewer
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 18:09 - 2015-05-16 18:00 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-26 10:38 - 2014-04-27 02:29 - 00000000 ____D C:\Users\Felipe Grande\AppData\Local\cache
2015-10-21 15:44 - 2015-10-05 23:17 - 00000932 _____ C:\Users\Felipe Grande\Desktop\WORK.lnk
2015-10-19 18:20 - 2014-04-18 01:16 - 00000000 ___RD C:\Users\Felipe Grande\Desktop\PROGS
2015-10-18 16:01 - 2015-10-11 11:59 - 00000000 ____D C:\Users\Felipe Grande\Desktop\Plzen trip Veru
2015-10-18 15:59 - 2015-09-08 22:27 - 00000117 _____ C:\Users\Felipe Grande\Desktop\foto - chci.txt
2015-10-18 15:54 - 2015-10-07 11:40 - 00001227 _____ C:\Users\Felipe Grande\Desktop\RD Brtníkovi - přístavba.lnk
2015-10-18 13:43 - 2014-07-10 10:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-18 10:55 - 2014-05-06 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-15 09:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2015-06-10 18:02 - 2015-06-10 18:30 - 0008786 _____ () C:\Program Files\log.txt
2014-10-22 18:45 - 2015-04-29 22:51 - 0000132 _____ () C:\Users\Felipe Grande\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2014-05-02 14:57 - 2015-11-09 18:55 - 0000132 _____ () C:\Users\Felipe Grande\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-05-31 15:13 - 2015-09-03 11:51 - 0010240 _____ () C:\Users\Felipe Grande\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-28 19:39 - 2014-04-28 19:39 - 0007602 _____ () C:\Users\Felipe Grande\AppData\Local\Resmon.ResmonCfg
2013-11-21 12:51 - 2013-11-21 12:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-27 02:17 - 2014-04-27 02:17 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Felipe Grande\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Felipe Grande\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Felipe Grande\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-08 10:24

==================== End of FRST.txt ============================

[filatelik]

Additional Scan:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Felipe Grande (2015-11-14 12:44:58)
Running from C:\Users\Felipe Grande\Desktop
Windows 8.1 (X64) (2014-04-24 23:01:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2464649380-609429310-1827663864-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2464649380-609429310-1827663864-1003 - Limited - Enabled)
Felipe Grande (S-1-5-21-2464649380-609429310-1827663864-1002 - Administrator - Enabled) => C:\Users\Felipe Grande
Guest (S-1-5-21-2464649380-609429310-1827663864-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Abelssoft SyncManager (HKLM-x32\...\SyncManager_is1) (Version: 1.0.9 - Abelssoft)
ACDSee Photo Manager 12 (HKLM-x32\...\{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}) (Version: 12.0.344 - ACD Systems International Inc.)
Acronis Disk Director Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 16 CZE (HKLM\...\001FFF2FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Artlantis 5 Exporter for SketchUp Pro 2014 (HKLM-x32\...\Abvent_SkpPro2014toATL5) (Version: - )
Artlantis Studio 5.0.2.3 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.0.2.3 - Abvent R&D)
AutoCAD 2013 – Čeština (Czech) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2013 Language Pack – Čeština (Czech)) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 Language Pack – Čeština (Czech) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2015 – Čeština (Czech) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack – Čeština (Czech) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 3ds Max 2010 64-bit (HKLM\...\{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 64-bit Components (HKLM\...\{B9E591DD-DAAC-0409-B1B8-5667E359170B}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 Tutorials Files (HKLM-x32\...\{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}) (Version: 12.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 – Čeština (Czech) (HKLM\...\AutoCAD 2015 – Čeština (Czech)) (Version: 20.0.51.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit (HKLM\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit) (Version: - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Pixlr (HKLM-x32\...\Autodesk Pixlr) (Version: 1.0.2.0 - Autodesk)
Autodesk Pixlr (x32 Version: 1.0.2.0 - Autodesk) Hidden
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Bentley V8i (SELECTseries 2) - Autodesk® RealDWG™ 2010 (HKLM-x32\...\{477F115E-D48E-4D9D-B839-2AF37CA2987B}) (Version: 8.11.7.452 - Bentley Systems, Incorporated)
BitTorrent (HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CINEMA 4D 11.514 (HKLM\...\MAXON1592A040) (Version: 11.514 - MAXON Computer GmbH)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Connectify 2015 (HKLM\...\Connectify) (Version: 2015.0.5.34877 - Connectify)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
EPSON XP-212 213 Series Printer Uninstall (HKLM\...\EPSON XP-212 213 Series) (Version: - SEIKO EPSON Corporation)
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Font Viewer 2.0 (HKLM-x32\...\Font Viewer_is1) (Version: - Thinking BIG Information Technology Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
GIGABYTE Sim (HKLM-x32\...\{55BD137D-5AC1-4BC4-9C08-DDCDC88A1B47}) (Version: 1.09.0000 - GIGABYTE)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.8.8.5 - Siber Systems)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google SketchUp Pro 8 (HKLM-x32\...\{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}) (Version: 3.0.3117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GRAPHISOFT Správce BIM serveru 16 CZE (HKLM\...\057FFF2FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
Hantecký Slovník 3.0 (HKLM-x32\...\Hantecký Slovník 3.0_is1) (Version: - )
IconRestorer 2.0.8.1 SR1 (HKLM-x32\...\IconRestorer Supporters Edition_is1) (Version: - FSL - FreeSoftLand)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1332.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0366 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aaf3655f-6961-4be2-aa4e-6de4dc1dc8f4}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5219.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5219.52 - CyberLink Corp.) Hidden
Lenovo Smart Assistant 1.03 (HKLM-x32\...\VibeRomFlash) (Version: 1.03.0.0 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lingea Lexicon 5 (HKLM-x32\...\Lexicon5) (Version: - Lingea s.r.o.)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
MicroStation V8i (SELECTseries 2) 08.11.07.446 (HKLM-x32\...\{8B0B9FB0-0BA5-43A0-9204-60BEADEB78AD}) (Version: 8.11.7.446 - Bentley Systems, Incorporated)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 40.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 cs)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
MyDriveConnect 4.0.4.2260 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.4.2260 - TomTom)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ObjectDock Free (HKLM-x32\...\ObjectDock Free2.00) (Version: 2.00 - Stardock Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
Ovládací panel NVIDIA 355.98 (Version: 355.98 - NVIDIA Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PrtScr 1.5 (HKLM-x32\...\PrtScr_is1) (Version: - FireStarter)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform)
Rhinoceros 5 (64-bit) (HKLM\...\{2E56CC75-611E-4278-9DFE-0912997A1E89}) (Version: 5.9.40609.20145 - Robert McNeel & Associates)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Serif PanoramaPlus Starter Edition (HKLM-x32\...\{64AEB598-E518-4AD0-B02B-99F365B8054C}) (Version: 2.0.0.001 - Serif (Europe) Ltd)
Serif PanoramaPlus X4 (HKLM-x32\...\{35EDE682-4AE5-47D6-B44F-103F859951DC}) (Version: 4.0.1.008 - Serif (Europe) Ltd)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{6496C7D3-51A9-48BC-8524-BEAEDD827791}) (Version: 15.0.9350 - Trimble Navigation Limited)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.3.11 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55 - Ghisler Software GmbH)
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
V-Ray for SketchUp (HKLM-x32\...\V-Ray for SketchUp 1.48.93) (Version: 1.48.93 - ASGVIS)
V-Ray for SketchUp adv (HKLM-x32\...\V-Ray for SketchUp adv 2.00.25244) (Version: 2.00.25244 - Chaos Software, Ltd)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00d of 2011-Sep-22 (Build 138) (Setup) - WIBU-SYSTEMS AG)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {184EE08A-9468-D082-DC70-3FE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5A30E931-9468-D082-6779-41AB85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\cs-CZ\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Restore Points =========================

03-11-2015 21:24:06 Naplánovaný kontrolní bod
03-11-2015 22:20:44 LINGEA POINT
09-11-2015 23:15:52 JRT Pre-Junkware Removal
13-11-2015 22:01:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-10 09:30 - 2015-06-10 09:30 - 00001459 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com # 127.0.0.1 www.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16CB89CA-596D-438B-A266-399F126C67FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1D7A4AD8-9261-41F1-B4B9-B396066192D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {34F24C3A-C4BE-43F6-8B38-26EEC398CD35} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {3D0D77E5-2027-4B1C-BDDF-BFAFA1377A3A} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
Task: {53942BA3-34B1-4C88-8186-14E603D69533} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {5E5452D1-0253-4851-A7DB-CFBD4A6B43F2} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {67BB069D-DDF8-42CC-92B0-39970F0C8B23} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {6B324C20-E3FB-4971-A7B1-B380DCA40FFC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {6D35FE5B-702C-4878-A788-F964EEB61895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {71BD2768-79B3-40C2-AF6B-B9766CB4A15D} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {8CA9DB46-FF4B-455A-B089-1D9A0E9D23A5} - System32\Tasks\{3C20F83C-E3B9-4781-80C8-CFF830D6CA89} => pcalua.exe -a "G:\NOVE ZE STOLNIHO\Install\Rhinoceros 4 (+Vray)\Rhinoceros 4\Rhinoceros_4_SR9\Rhinoceros 4 SR9 2011-Mar-09\rh40sr9_en_20110309.exe" -d "G:\NOVE ZE STOLNIHO\Install\Rhinoceros 4 (+Vray)\Rhinoceros 4\Rhinoceros_4_SR9\Rhinoceros 4 SR9 2011-Mar-09"
Task: {A8716E14-4976-4D4B-8D04-50F1FC59BB73} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {AB19CA3E-1F93-4413-9E8B-F818B75B5A21} - \SMupdate1 -> No File <==== ATTENTION
Task: {AE40A534-65DB-4B32-8DB4-F3316A8F1913} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {CFFB189A-87B1-424C-A315-FDC6B880804F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-03] (Synaptics Incorporated)
Task: {D2EE1D60-F542-4AFC-9467-2D41F461A0E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {DB10AE1F-D608-4EF7-9023-69137E5D8477} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2014-06-17 16:55 - 2014-06-17 16:55 - 13690000 _____ () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
2009-03-12 16:39 - 2009-03-12 16:39 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
2014-07-19 15:17 - 2009-04-30 11:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
2013-11-21 12:55 - 2013-11-21 12:55 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-11-21 12:55 - 2013-11-21 12:55 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-04-24 23:25 - 2015-09-13 23:09 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-08 15:21 - 2010-11-08 15:21 - 00780104 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-07-04 06:48 - 2015-07-04 06:48 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-11-21 12:42 - 2013-04-09 07:39 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-12-03 11:54 - 2012-12-03 11:54 - 01308672 _____ () C:\Users\Felipe Grande\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
2013-07-11 12:21 - 2013-07-11 12:21 - 00143752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axutil.dll
2013-04-25 14:43 - 2013-04-25 14:43 - 00472904 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_engine.dll
2013-07-11 12:21 - 2013-07-11 12:21 - 00179592 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axiom.dll
2013-04-25 14:44 - 2013-04-25 14:44 - 00040264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_parser.dll
2013-04-25 14:43 - 2013-04-25 14:43 - 00140104 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\neethi.dll
2013-04-25 14:44 - 2013-04-25 14:44 - 01310024 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\libxml2.dll
2013-07-11 12:21 - 2013-07-11 12:21 - 00067912 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll
2013-07-11 12:21 - 2013-07-11 12:21 - 00023368 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll
2013-07-11 12:21 - 2013-07-11 12:21 - 00036680 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll
2015-04-14 19:19 - 2014-12-05 03:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-04-14 19:19 - 2014-12-05 03:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-07-27 23:59 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-11-08 15:21 - 2010-11-08 15:21 - 00681288 _____ () C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
2014-05-09 21:42 - 2009-05-11 08:29 - 11083776 _____ () C:\Program Files (x86)\PrtScr\dsp_ipp.dll
2010-10-04 17:54 - 2010-10-04 17:54 - 00807936 ____N () C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
2010-10-04 17:54 - 2010-10-04 17:54 - 00053760 ____N () C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
2010-10-04 17:54 - 2010-10-04 17:54 - 00094208 ____N () C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe Grande\AppData\Roaming\FSL\IconRestorer\Wallpapers\IconRestorer.bmp
DNS Servers: 147.32.110.1 - 147.32.107.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "EnergyUtility"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "OnekeyStudio"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "UMonit64"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(SM) center"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run32: => "Connectify Dispatch"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\StartupFolder: => "Lingea Update Center.lnk"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{022A786E-BCE0-4756-AC32-91F62B87FA63}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1527EB74-5CFB-4927-8C28-17C57AB06739}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E64896FE-D603-4EE7-8A0A-830C41F1E152}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{759864C8-3103-4494-9427-8FA06245DCC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2E97E774-838D-4CB0-9B9C-831F6B5DC60F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C3073B69-EE70-4861-98FF-773E06FF83EA}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{F2BFF73D-92EC-4EC0-B02E-D9927D6DF00D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2EE554F7-A577-45CA-B89A-2A334EFFE5D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1D6ABBD8-9D7C-4746-AA6E-0251370E3463}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{EC25A397-DEA6-4CA4-A7FD-60F2D0EEA5B4}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{9A2A8BC9-8A08-4937-A50A-7B67D1845FDA}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{795520BA-DFE2-411A-A5FD-C2650511D08E}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{2AE42529-C8D2-4C73-8224-424824634B38}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{C8B08204-447D-4CCC-A223-C278C9CFF920}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{9E89FE96-97C2-4F75-8341-FB07994EEEAB}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{C227850A-C9B4-4760-999E-B32ADCC4EFEA}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{B1F310CD-4B43-4779-8D88-1C260C6DBBF1}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{EEF06CA3-1983-4273-8BD2-9D684C1199BF}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{026B1B9B-7662-486B-BB17-7E5535A59CC4}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{EA5451D4-896B-45DF-BA3E-C32723ECBE52}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{900F1124-E0B6-4785-8C0E-BC880EE7FB9E}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C716D94B-A22B-4C89-883E-CD67EA676F37}] => (Allow) C:\Users\Felipe Grande\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{449D628D-7919-4223-926A-FE25075D869C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{5A94D5E1-4E60-4EAA-9F21-F5307516B641}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7D9C9A08-0254-4BB9-BE36-A4FB817D674A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{EB69678C-3F9E-4500-8F2B-56A31B038CBC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{5F455660-121D-4C47-BC56-F52818D1C767}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3DF7BDA6-3A7B-4D6D-B695-0E117A2DDA3B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6150B2EE-A0DD-487D-A77C-3E4FFB371817}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{4D9532B3-98B3-47B4-B09A-D8D351E6469F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AE3B7903-F06F-4E8E-B8A6-3AEE92AE61AA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{746C4057-E991-468D-AEEF-3AA7CD952AD1}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{504CBD65-D531-4771-9F73-66EEF7E09B03}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{38D2C74E-FD75-4F30-AD09-9F9BA0D6F972}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{0BC0A369-2FFB-4503-BC04-395D24228F8C}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{3BD6E116-8412-4709-BC1F-42EBB0935127}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{61E1D433-039D-477A-9C4C-A90B327D61AC}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{01C55108-C988-4C4F-924B-D0E5CDAAEE80}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{9C08E2CD-A624-4FBA-B146-309871CD9E3C}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{DED510D2-A71E-4BD5-862C-0D04717F2E79}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{52D4E12B-FBFF-4626-B6F6-CAC7F6EBCFAD}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe
FirewallRules: [{F8FE1CCE-B1D1-456A-BDBD-8B978F3E5FD4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe
FirewallRules: [{5AE323A1-5026-4B0A-8EEE-480941D44E5B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{C0A7E23F-BA10-48F4-A300-EC5E518BDF58}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{C7DFC133-0762-4CCE-8C46-5D1106D161DB}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
FirewallRules: [{D5B2D9DC-E54C-490E-8C74-10D392EC3EFD}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
FirewallRules: [TCP Query User{C5FD7FA9-33DB-4488-B56D-78EAC61ACB6C}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{428A651D-C2F2-4B56-B3C4-5DDB697351F1}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{0EDA78F9-F50A-478A-ADBE-793D9F7AFE7E}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{A4F257CB-EBFC-4BCB-90A8-3DC2003890DF}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{0872CA91-E335-4286-96F0-E5020ADF6F87}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{D928E23C-D126-47D4-88A4-E9AB66EB1BB6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{7074081A-ECD1-4ABD-888F-9DE5940C26D6}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{38CBF035-B7A7-4C19-A01C-C2A06D441F69}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{2E701FFB-1EAA-4C7F-BFAC-D439ED005CAE}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{983C4955-C8B1-4E67-8502-0CAE8D0E20E3}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [{A0F0C21A-4796-4DE3-8628-CAE06BC4DF66}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{375020FC-6F43-4610-8C98-55E93D12B142}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{1AAAF534-4735-4216-B6D0-312FD9850C1F}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{6572CD45-FFEC-4231-AAC0-B16D6EC34E1F}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{23BD082C-7EF2-427A-85E9-A11CBE6DD85B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{39840916-5ED3-45DE-9C78-B16305FEB466}C:\program files\graphisoft\archicad 16\archicad.exe] => (Block) C:\program files\graphisoft\archicad 16\archicad.exe
FirewallRules: [UDP Query User{93487655-6216-431F-9716-209414EE8C91}C:\program files\graphisoft\archicad 16\archicad.exe] => (Block) C:\program files\graphisoft\archicad 16\archicad.exe
FirewallRules: [{C5307CB4-90EE-49F7-A4EA-43C5006FAEF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E9EA433A-E749-437D-8F89-7F535B20FCF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{48FC30B5-255E-4309-A547-5E0F008254A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4CF317CE-D38F-48A3-857B-6432711D46FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD91940F-61B2-4309-9BE1-05D73FE60C3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1DDB033C-2274-4C96-971B-B52B0B1183C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CDCE551D-52F8-4048-8874-F30261F6AA45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{285A85F3-EA81-416A-A948-501BE426E5B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{B499B976-11AB-4287-9276-A3BC5589AE29}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{8E652714-C1D1-405A-86DC-BF69F5BD1C33}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{B167A182-3928-4D4C-9711-E0FBBA524FDE}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
FirewallRules: [{75D570CE-D0C9-497E-8528-8896DB0841B8}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{A22BE80D-725B-4FC7-B13C-69AD67311B42}] => (Allow) C:\Program Files\Siber Systems\GoodSync\GsExplorer.exe
FirewallRules: [{60D9EB6F-6369-4938-9823-054C58F4FC03}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{7CDFFBBF-CDBB-43D1-A394-20DDC8C63878}] => (Allow) C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
FirewallRules: [{053C513E-1DAE-4497-8396-69278C20DF5A}] => (Allow) LPort=33333
FirewallRules: [{309332F4-5C54-4D41-B39B-0BF7B8320C23}] => (Allow) LPort=33338
FirewallRules: [{04A743B5-8087-4CE6-8007-4CF55D55572A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2015 11:23:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (11/14/2015 11:23:02 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (11/14/2015 11:23:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8

Error: (11/14/2015 11:23:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (11/14/2015 11:23:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8

Error: (11/14/2015 11:23:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (11/13/2015 08:33:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (11/13/2015 08:33:08 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (11/13/2015 08:33:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8

Error: (11/13/2015 08:33:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8


System errors:
=============
Error: (11/14/2015 12:31:50 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (11/14/2015 12:26:48 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: FILATELIK_PC)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2464649380-609429310-1827663864-1002-0-ntuser.dat

Error: (11/14/2015 12:26:43 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: FILATELIK_PC)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2464649380-609429310-1827663864-1002-0-ntuser.dat

Error: (11/13/2015 10:01:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246013): Nástroj pro odebrání škodlivého softwaru systému Windows pro Windows 8, 8.1, 10 a Windows Server 2012, 2012 R2 x64 Edition – listopad 2015 (KB890830).

Error: (11/13/2015 08:14:46 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba TeamViewer 9 přestala během spouštění reagovat.

Error: (11/13/2015 08:13:41 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Aktivátor Správce výběru OS Acronis závisí na následující službě: ProtectedStorage. Tato služba pravděpodobně není nainstalována.

Error: (11/13/2015 08:12:48 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Místní adaptér nepodporuje důležitý stav řadiče úspory energie. Minimální požadovaná podporovaná maska stavu je 0x1f7fffff, aktuální hodnota je 0x1f3fffff. Funkce úspory energie bude vypnuta.

Error: (11/12/2015 10:42:41 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR3.

Error: (11/11/2015 06:58:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název FILATELIK_PC :0 nelze zaregistrovat v rozhraní s IP adresou 147.32.110.112.
Počítač s IP adresou 169.254.44.251 nepovolil získání názvu
tímto počítačem.

Error: (11/11/2015 06:58:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název FILATELIK_PC :20 nelze zaregistrovat v rozhraní s IP adresou 147.32.110.112.
Počítač s IP adresou 169.254.44.251 nepovolil získání názvu
tímto počítačem.


CodeIntegrity:
===================================
Date: 2015-11-14 12:08:36.296
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-12 21:36:06.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-09 17:52:56.441
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-07 11:59:56.134
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-06 23:12:16.883
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-04 21:21:17.033
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-11-03 23:34:02.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-26 08:47:29.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-10-16 10:13:44.149
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-10-09 09:23:06.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 16%
Total physical RAM: 16330.27 MB
Available physical RAM: 13689.63 MB
Total Virtual: 32714.27 MB
Available Virtual: 29966.4 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:100.03 GB) (Free:19.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.88 GB) NTFS
Drive e: (Stuff) (Fixed) (Total:789.06 GB) (Free:123.61 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:143.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 66B6D47B)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: F6915EDE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jerabina]

Máš v počítači něco nelegálně od Adobe? Že máš upravený soubor hosts:

Kód: Vybrat vše

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com # 127.0.0.1 www.adobe.com

Nelegální office?

Kód: Vybrat vše

C:\WINDOWS\AutoKMS.exe

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\Program Files\Unlocker\UnlockerCOM.dll
C:\WINDOWS\system32\epmntdrv.sys
C:\WINDOWS\SysWOW64\epmntdrv.sys
C:\WINDOWS\system32\EuGdiDrv.sys
C:\WINDOWS\SysWOW64\EuGdiDrv.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\MountPoints2: {5d424377-cf0b-11e3-be7e-28d24434939e} - "F:\Setup.exe"
AppInit_DLLs-x32: acaptuser32.dll => No File

SearchScopes: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> {E0783AB0-5977-495D-AAAE-98B1FC3DA297} URL =
Toolbar: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Norton Identity Safe) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.48_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll => No File

C:\ProgramData\RogueKiller
C:\Users\Felipe Grande\Documents\batchz20.scr
C:\ProgramData\DP45977C.lfl
C:\Users\Felipe Grande\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {184EE08A-9468-D082-DC70-3FE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5A30E931-9468-D082-6779-41AB85889A47} => No File

Task: {16CB89CA-596D-438B-A266-399F126C67FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1D7A4AD8-9261-41F1-B4B9-B396066192D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {34F24C3A-C4BE-43F6-8B38-26EEC398CD35} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {3D0D77E5-2027-4B1C-BDDF-BFAFA1377A3A} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
Task: {53942BA3-34B1-4C88-8186-14E603D69533} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {5E5452D1-0253-4851-A7DB-CFBD4A6B43F2} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {6D35FE5B-702C-4878-A788-F964EEB61895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8CA9DB46-FF4B-455A-B089-1D9A0E9D23A5} - System32\Tasks\{3C20F83C-E3B9-4781-80C8-CFF830D6CA89} => pcalua.exe -a "G:\NOVE ZE STOLNIHO\Install\Rhinoceros 4 (+Vray)\Rhinoceros 4\Rhinoceros_4_SR9\Rhinoceros 4 SR9 2011-Mar-09\rh40sr9_en_20110309.exe" -d "G:\NOVE ZE STOLNIHO\Install\Rhinoceros 4 (+Vray)\Rhinoceros 4\Rhinoceros_4_SR9\Rhinoceros 4 SR9 2011-Mar-09"
Task: {AB19CA3E-1F93-4413-9E8B-F818B75B5A21} - \SMupdate1 -> No File <==== ATTENTION
Task: {AE40A534-65DB-4B32-8DB4-F3316A8F1913} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

FirewallRules: [TCP Query User{285A85F3-EA81-416A-A948-501BE426E5B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{B499B976-11AB-4287-9276-A3BC5589AE29}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe

C:\WINDOWS\AutoKMS.exe
C:\windows\kmsemulator.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Při spouštění se ti tam spouští strašně moc aplikací. Měl by jsi ty, které nepotřebuješ vypnout:
Start -> Po spuštění -> a zde odškrtej co nepotřebuješ.

[filatelik]

*ano je mozne, ze mam nezakoupeny software.


tady vypisy z VirusTotal:

https://www.virustotal.com/cs/file/8d60 ... 447536179/

https://www.virustotal.com/cs/file/0a66 ... 447535867/

https://www.virustotal.com/cs/file/27f8 ... 447536029/





vypis z FRST:

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Felipe Grande (2015-11-14 22:33:05) Run:1
Running from C:\Users\Felipe Grande\Desktop
Loaded Profiles: Felipe Grande (Available Profiles: Felipe Grande)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\...\MountPoints2: {5d424377-cf0b-11e3-be7e-28d24434939e} - "F:\Setup.exe"
AppInit_DLLs-x32: acaptuser32.dll => No File

SearchScopes: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> {E0783AB0-5977-495D-AAAE-98B1FC3DA297} URL =
Toolbar: HKU\S-1-5-21-2464649380-609429310-1827663864-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => No File
CHR Plugin: (Norton Identity Safe) - C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.48_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll => No File

C:\ProgramData\RogueKiller
C:\Users\Felipe Grande\Documents\batchz20.scr
C:\ProgramData\DP45977C.lfl
C:\Users\Felipe Grande\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {184EE08A-9468-D082-DC70-3FE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5A30E931-9468-D082-6779-41AB85889A47} => No File

Task: {16CB89CA-596D-438B-A266-399F126C67FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1D7A4AD8-9261-41F1-B4B9-B396066192D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {53942BA3-34B1-4C88-8186-14E603D69533} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-16] (Dropbox, Inc.)
Task: {6D35FE5B-702C-4878-A788-F964EEB61895} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {AB19CA3E-1F93-4413-9E8B-F818B75B5A21} - \SMupdate1 -> No File <==== ATTENTION
Task: {AE40A534-65DB-4B32-8DB4-F3316A8F1913} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA.job => C:\Users\Felipe Grande\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

FirewallRules: [TCP Query User{285A85F3-EA81-416A-A948-501BE426E5B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{B499B976-11AB-4287-9276-A3BC5589AE29}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe



EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d424377-cf0b-11e3-be7e-28d24434939e}" => key removed successfully
HKCR\CLSID\{5d424377-cf0b-11e3-be7e-28d24434939e} => key not found.
"acaptuser32.dll" => Value data removed successfully.
"HKU\S-1-5-21-2464649380-609429310-1827663864-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0783AB0-5977-495D-AAAE-98B1FC3DA297}" => key removed successfully
HKCR\CLSID\{E0783AB0-5977-495D-AAAE-98B1FC3DA297} => key not found.
HKU\S-1-5-21-2464649380-609429310-1827663864-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => not found.
C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => not found.
C:\Users\Felipe Grande\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.48_0\npcoplgn.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll => not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => not found.
C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll => not found.
C:\ProgramData\RogueKiller => moved successfully
C:\Users\Felipe Grande\Documents\batchz20.scr => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Felipe Grande\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}" => key removed successfully
"HKU\S-1-5-21-2464649380-609429310-1827663864-1002_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16CB89CA-596D-438B-A266-399F126C67FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16CB89CA-596D-438B-A266-399F126C67FB}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D7A4AD8-9261-41F1-B4B9-B396066192D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D7A4AD8-9261-41F1-B4B9-B396066192D6}" => key removed successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53942BA3-34B1-4C88-8186-14E603D69533}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53942BA3-34B1-4C88-8186-14E603D69533}" => key removed successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6D35FE5B-702C-4878-A788-F964EEB61895}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D35FE5B-702C-4878-A788-F964EEB61895}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB19CA3E-1F93-4413-9E8B-F818B75B5A21}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB19CA3E-1F93-4413-9E8B-F818B75B5A21}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE40A534-65DB-4B32-8DB4-F3316A8F1913}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE40A534-65DB-4B32-8DB4-F3316A8F1913}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002Core.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2464649380-609429310-1827663864-1002UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{285A85F3-EA81-416A-A948-501BE426E5B3}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B499B976-11AB-4287-9276-A3BC5589AE29}C:\windows\kmsemulator.exe => value removed successfully
EmptyTemp: => 952.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 22:33:13 ====

[jerabina]

Takže nejlépe napravit, akorát si tímto taháš do počítače havěť ..

Co problémy?

[filatelik]

Vypada to, ze jsem se jich uz zbavil, cimz dekuji za pomoc. Bude treba podnikat jeste nejake kroky?