prosim o kontrolu logu, pc trochu "blbne" Vyřešeno

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\gilan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'SYSTEM')

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[mgilan]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by gilan (2015-12-05 21:33:05)
Running from C:\Users\gilan\Downloads
Windows 8.1 (X64) (2014-02-21 03:43:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-94618715-2390031703-3489685880-500 - Administrator - Disabled)
gilan (S-1-5-21-94618715-2390031703-3489685880-1001 - Administrator - Enabled) => C:\Users\gilan
Guest (S-1-5-21-94618715-2390031703-3489685880-501 - Limited - Enabled) => C:\Users\Guest
hardworker (S-1-5-21-94618715-2390031703-3489685880-1003 - Limited - Enabled) => C:\Users\hardworker
Netflix and Chill (S-1-5-21-94618715-2390031703-3489685880-1005 - Limited - Enabled) => C:\Users\Netflix and Chill

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0 - Adobe Systems Incorporated)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Any Video Converter 5.7.7 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
BitTorrent (HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\BitTorrent) (Version: 7.9.2.34312 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
CreaWriter 1.0.1.10 (HKLM-x32\...\CreaWriter_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 14.200 (20140213_15) - CÍGLER SOFTWARE, a.s.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
Evernote v. 5.3.1 (HKLM-x32\...\{28AAF752-C41B-11E3-8CB0-00163E98E7D6}) (Version: 5.3.1.3363 - Evernote Corp.)
FastStone Photo Resizer 3.3 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.3 - FastStone Soft.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Jarte 5.2 (HKLM-x32\...\Jarte_is1) (Version: 5.2 - Carolina Road Software L.L.C.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LANGMaster.com: Francouzsko-český + Česko-francouzský slovník (HKLM-x32\...\DictFr_Cs_com_cs_cz_EasyLex_is1) (Version: - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.33.0 - Lenovo Group Limited)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Light Image Resizer 4.7.3.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.7.3.1 - ObviousIdea)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.103.06300 (HKLM-x32\...\{CB7048B4-5D1F-E24E-41FC-2AB7AAFE6597}) (Version: 2.12.103.06300 - Sony)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM-x32\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft OneNote 2016 pro domácnosti - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.2.100.0 - Nokia)
Nokia Suite (x32 Version: 3.2.100.0 - Nokia) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Opera Stable 33.0.1990.115 (HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.13.314.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6859 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Secure Folder 7.9 (HKLM-x32\...\SubiSoft Secure Folder_is1) (Version: 7.9 - SubiSoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{78A9943A-5DB1-4B90-8AEF-5CE30456FB6E}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skitch (HKLM-x32\...\Skitch 2.3.1.163) (Version: 2.3.1.163 - Evernote Corp.)
Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
System Ninja version 3.0.2 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.2 - SingularLabs)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.OMUI.cs-cz_{6B99320D-817F-42CE-B45E-5C9AD42678E3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Video Edit Master (HKLM-x32\...\{35A99221-DAF4-4769-880F-ECC57548FBCC}) (Version: 2.0.0 - Hazem Osman)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Youtube to MP3 Converter v. 1.4 (HKLM-x32\...\Youtube to MP3 Converter_is1) (Version: - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-94618715-2390031703-3489685880-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\gilan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-94618715-2390031703-3489685880-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-94618715-2390031703-3489685880-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-94618715-2390031703-3489685880-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-94618715-2390031703-3489685880-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

27-11-2015 13:06:55 JRT Pre-Junkware Removal
03-12-2015 08:56:07 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-11-20 14:59 - 00001132 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B2C8F13-2124-47DA-B9FB-3A98059B854C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {0C248D77-0EE7-4D4D-A16D-5B3A71731DFA} - System32\Tasks\Opera scheduled Autoupdate 1393978642 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {1DCBA6F4-7733-447F-A273-A625FFEB929E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {1F13B00A-8E17-437B-8A96-AD2AB3087E4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {209D2092-5AC6-466F-96C0-44114A27A1D0} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-05-02] ()
Task: {21DD93AE-D0BA-423E-9A56-C889769DD3E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {2C7148B5-0D19-4C06-993A-E5E102D08448} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {396CF6AB-CA94-4255-A60A-A8DFD2FAC9E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4D0140B9-1D3F-4FCC-8CCA-113311CAF6F3} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-05-02] ()
Task: {7ABFBC83-A06C-4274-81C9-5DF5B129EDB5} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-05-02] ()
Task: {7D1FA134-39AE-4E0A-BEEC-DEAAA390CAC4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8BD7C16D-6805-4575-9559-4E40BCB54F43} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-94618715-2390031703-3489685880-1001 => C:\Users\gilan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-27] (Microsoft Corporation)
Task: {9CDFD8A4-E659-4FE7-A542-E8F42A9344F8} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-05-02] ()
Task: {A3D5E84F-7A4C-45C7-9CCF-1DB3A2DD8D89} - System32\Tasks\Opera scheduled Autoupdate 1448346969 => C:\Users\Netflix and Chill\AppData\Local\Programs\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {A894CC62-D0BF-46B8-8C29-F231B7B36AD4} - \OFFICE2013ACT -> No File <==== ATTENTION
Task: {B1C82E5F-A1C0-42A4-81AD-5ED625DE6D00} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {B2083FFB-CE69-426E-8A7E-371021326D0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {BC5B6091-8959-4DC1-B9A7-C6E7C1D50B13} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-03] (AVAST Software)
Task: {C0878DB6-C03C-4BFD-A6DB-981010A6021E} - \Builder Pool -> No File <==== ATTENTION
Task: {C206E591-57BF-4AF6-A28B-C1977E89B3D1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {D900848A-55F3-43E8-AB29-1C0199D19A4E} - System32\Tasks\AdobeAAMUpdater-1.0-traceur-hardworker => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {E1E9D5E4-3BF1-4BAE-8946-4EBAFF82FE51} - System32\Tasks\{4C02F359-D406-47E7-AC66-BDD7D6316040} => pcalua.exe -a "C:\Program Files (x86)\JDownloader\JDUninstall.exe"
Task: {E490B68C-037A-4B9A-BA4C-CAD245E5EE67} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-28] (Microsoft Corporation)
Task: {F671715F-C143-462C-97C7-6243A2564B8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-09-21 08:18 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-21 05:00 - 2013-09-21 05:00 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-09-21 05:00 - 2013-09-21 05:00 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2015-11-16 14:52 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\15306libfoxloader-x64.dll
2013-03-01 02:05 - 2013-03-01 02:05 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-03-01 02:02 - 2013-03-01 02:02 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-03-01 02:06 - 2013-03-01 02:06 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-09 01:01 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-11-16 14:52 - 2015-05-26 12:38 - 00457384 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-11-16 14:52 - 2015-05-26 12:36 - 00073896 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-11-16 17:55 - 2015-11-16 17:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-11-21 00:00 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\6104libfoxloader-x64.dll
2015-11-21 00:00 - 2015-05-26 12:38 - 00457384 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-11-21 00:00 - 2015-05-26 12:36 - 00073896 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-11-20 23:22 - 2015-05-26 12:35 - 00079872 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\31404libfoxloader-x64.dll
2015-11-20 23:22 - 2015-05-26 12:38 - 00457384 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-11-20 23:22 - 2015-05-26 12:36 - 00073896 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2013-09-21 05:00 - 2013-09-21 05:00 - 00104552 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfCredProv.dll
2015-10-03 13:43 - 2015-10-03 13:43 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-03 13:43 - 2015-10-03 13:43 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-02 14:40 - 2015-12-02 14:40 - 02813440 _____ () C:\Program Files\AVAST Software\Avast\defs\15120201\algo.dll
2015-12-04 12:50 - 2015-12-04 12:50 - 02802176 _____ () C:\Program Files\AVAST Software\Avast\defs\15120402\algo.dll
2015-12-05 21:30 - 2015-12-05 21:30 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120504\algo.dll
2015-11-11 12:05 - 2015-11-11 12:05 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8a4ebd0132a76f2a7ce438310a41e9d1\PSIClient.ni.dll
2013-09-21 04:31 - 2012-10-23 14:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-12-03 09:34 - 2015-12-03 09:34 - 00098816 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32api.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00110080 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\pywintypes27.dll
2015-12-03 09:34 - 2015-12-03 09:34 - 00364544 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\pythoncom27.dll
2015-12-03 09:34 - 2015-12-03 09:34 - 00046080 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_socket.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 01208320 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_ssl.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00320512 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32com.shell.shell.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00776704 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_hashlib.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 01176576 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._core_.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00806400 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._gdi_.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00816128 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._windows_.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 01067008 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._controls_.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00733184 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._misc_.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00682496 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\pysqlite2._sqlite.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00088064 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_ctypes.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00119808 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32file.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00108544 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32security.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00007168 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\hashobjs_ext.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00017920 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\thumbnails_ext.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00079360 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\usb_ext.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00167936 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32gui.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00018432 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32event.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00128512 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_elementtree.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00127488 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\pyexpat.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00013824 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\common.time34.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00036864 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_psutil_windows.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00038912 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32inet.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00525640 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\windows._lib_cacheinvalidation.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00011264 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32crypt.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00077312 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._html2.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00027136 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_multiprocessing.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00020480 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\_yappi.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00035840 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32process.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00686080 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\unicodedata.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00123392 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._wizard.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00024064 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32pipe.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00010240 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\select.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00025600 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32pdh.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00017408 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32profile.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00022528 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\win32ts.pyd
2015-12-03 09:34 - 2015-12-03 09:34 - 00078848 _____ () C:\Users\gilan\AppData\Local\Temp\_MEI36122\wx._animate.pyd
2011-11-01 14:41 - 2011-11-01 14:41 - 08172928 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 02288512 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00919936 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00346496 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2011-11-01 14:40 - 2011-11-01 14:40 - 00032640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2011-11-01 14:40 - 2011-11-01 14:40 - 00034688 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2011-11-01 14:40 - 2011-11-01 14:40 - 00202624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 02252672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2011-11-01 14:42 - 2011-11-01 14:42 - 00095104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00165248 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 10843520 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 01294208 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00196480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 02557312 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00384896 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll
2011-11-01 14:42 - 2011-11-01 14:42 - 00272768 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2011-11-01 14:42 - 2011-11-01 14:42 - 00392064 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2011-11-01 14:40 - 2011-11-01 14:40 - 00388480 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll
2011-11-01 14:42 - 2011-11-01 14:42 - 00058240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2011-11-01 14:39 - 2011-11-01 14:39 - 01041792 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll
2015-11-16 14:52 - 2015-05-26 12:37 - 00078504 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\15303libfoxloader.dll
2011-11-01 14:40 - 2011-11-01 14:40 - 00438144 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00422272 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00517504 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2011-11-01 14:41 - 2011-11-01 14:41 - 00682880 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2011-11-01 14:39 - 2011-11-01 14:39 - 00740736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2011-11-01 13:57 - 2011-11-01 13:57 - 00112640 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2014-11-09 01:01 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-11-09 01:01 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-11-09 01:01 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-11-09 01:01 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-11-16 14:52 - 2015-05-26 12:38 - 00862888 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-11-16 14:52 - 2015-02-17 09:35 - 00764416 _____ () C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-04-14 13:17 - 2014-04-14 13:17 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-04-14 13:17 - 2014-04-14 13:17 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-10-03 13:43 - 2015-10-03 13:43 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-03 10:47 - 2015-12-03 10:47 - 00098816 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32api.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00110080 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\pywintypes27.dll
2015-12-03 10:47 - 2015-12-03 10:47 - 00364544 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\pythoncom27.dll
2015-12-03 10:47 - 2015-12-03 10:47 - 00046080 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_socket.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 01208320 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_ssl.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00320512 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32com.shell.shell.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00776704 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_hashlib.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 01176576 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._core_.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00806400 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._gdi_.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00816128 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._windows_.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 01067008 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._controls_.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00733184 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._misc_.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00682496 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\pysqlite2._sqlite.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00088064 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_ctypes.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00119808 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32file.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00108544 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32security.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00007168 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\hashobjs_ext.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00017920 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\thumbnails_ext.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00079360 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\usb_ext.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00167936 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32gui.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00018432 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32event.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00128512 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_elementtree.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00127488 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\pyexpat.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00013824 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\common.time34.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00036864 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_psutil_windows.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00038912 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32inet.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00525640 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\windows._lib_cacheinvalidation.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00011264 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32crypt.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00077312 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._html2.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00027136 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_multiprocessing.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00020480 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\_yappi.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00035840 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32process.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00686080 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\unicodedata.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00123392 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._wizard.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00024064 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32pipe.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00010240 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\select.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00025600 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32pdh.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00017408 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32profile.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00022528 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\win32ts.pyd
2015-12-03 10:47 - 2015-12-03 10:47 - 00078848 _____ () C:\Users\hardworker\AppData\Local\Temp\_MEI30922\wx._animate.pyd
2015-11-21 00:00 - 2015-05-26 12:37 - 00078504 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\6104libfoxloader.dll
2015-11-21 00:00 - 2015-05-26 12:38 - 00862888 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-11-21 00:00 - 2015-02-17 09:35 - 00764416 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2015-11-21 00:00 - 2015-05-26 12:39 - 01778376 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2015-11-21 00:00 - 2012-10-24 15:42 - 00247352 _____ () C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\unlockInstance.dll
2015-11-16 21:42 - 2015-05-26 12:38 - 00862888 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-11-20 23:22 - 2015-02-17 09:35 - 00764416 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2015-11-20 23:22 - 2015-05-26 12:37 - 00078504 _____ () C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\31401libfoxloader.dll
2015-09-30 21:47 - 2015-09-30 21:47 - 26156728 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\sqlite.dll
2015-09-30 21:47 - 2015-09-30 21:47 - 45080248 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\libcef.dll
2015-11-27 12:27 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-27 12:27 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-11-27 12:27 - 2015-11-07 05:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:E2F200D2

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gilan\Desktop\zyyz.jpg
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\hardworker\Desktop\apple-splashcreative-graphic-design-wallpapers-abstract-photo-design-wallpaper.jpg
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6FEF4473-52B6-4687-99FB-20DA22872024}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{9DCB5E2E-F771-4312-AB1C-3482532E3774}] => (Allow) C:\Users\gilan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FFA68E04-0CC6-4D0F-90CB-E9D18174EE18}] => (Allow) C:\Users\gilan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0D9BFA56-121E-4137-B17B-BD895A5C9B28}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0B9CD204-8545-48EF-B27E-6B1E03C07C6F}] => (Allow) LPort=2869
FirewallRules: [{D59CAC94-FD37-46B7-89A2-513E7856BF94}] => (Allow) LPort=1900
FirewallRules: [{04450220-3EB4-4EAA-A259-A390EABE33F6}] => (Allow) C:\Users\gilan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{97480094-4514-452D-A448-F41F451FB539}] => (Allow) C:\Users\gilan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{903A2685-2154-4FE9-A8D4-916BC62586F3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4457F4B9-5E39-4A2D-BC40-4276A25DB0E7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{525F2BEC-7592-4EA5-8303-045E69BB5583}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0C2BF916-8C74-42D5-B939-3AF8CE2A033D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7B951272-EF11-483C-9A8F-2CB856D78BF6}C:\program files (x86)\jeyo\jmc_windowsmobile\jmc_wm.exe] => (Allow) C:\program files (x86)\jeyo\jmc_windowsmobile\jmc_wm.exe
FirewallRules: [UDP Query User{EA3E7484-7E32-49CC-A721-6DAC5FA2F4DE}C:\program files (x86)\jeyo\jmc_windowsmobile\jmc_wm.exe] => (Allow) C:\program files (x86)\jeyo\jmc_windowsmobile\jmc_wm.exe
FirewallRules: [{23E2F556-C054-4995-8BF3-E24F419C3A9B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{0C538BC8-BDC4-4B42-B3DD-8B75D34B45D6}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{A50BC5C1-D58D-4F3C-B785-51D8DF9AB216}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{B7777372-5436-4345-975C-2B21C7096CC4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{A6731697-54B3-441F-B674-91F3D4314E85}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{23A8F131-6FE1-4DAA-8001-D1CD281DEB2A}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{3B8F56D5-4058-4556-A4C1-2F277817F044}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C0B66E4C-0205-4B54-A64E-A76F917B9B68}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9ED774DD-C2E5-4DF6-92AE-D95BAECE5BAF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{16377060-0E84-4A33-BCA8-45DC97795A10}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9A486F93-A1C1-48EF-8409-C4745A08D934}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: UMDF HID minidriver Device
Description: UMDF HID minidriver Device
Class Guid: {177b1d2a-679c-4093-98bf-fd6999695d3b}
Manufacturer: Lenovo
Service: mshidumdf
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2015 07:05:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (12/05/2015 06:00:22 PM) (Source: MsiInstaller) (EventID: 1024) (User: traceur)
Description: Product: Adobe Acrobat DC - Update '{AC76BA86-A440-FFFF-A440-0C0F094E6F00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/04/2015 08:23:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x2034
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 08:11:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x2594
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 07:34:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x22a8
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 07:04:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x1898
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 10:48:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x119c
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 09:45:41 AM) (Source: MsiInstaller) (EventID: 1024) (User: traceur)
Description: Product: Adobe Acrobat DC - Update '{AC76BA86-A440-FFFF-A440-0C0F094E6F00}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/03/2015 09:06:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0x1104
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5

Error: (12/03/2015 08:36:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 15.0.4763.1002, time stamp: 0x5615b470
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0x40000015
Fault offset: 0x00000000000761c9
Faulting process id: 0xf3c
Faulting application start time: 0xOfficeC2RClient.exe0
Faulting application path: OfficeC2RClient.exe1
Faulting module path: OfficeC2RClient.exe2
Report Id: OfficeC2RClient.exe3
Faulting package full name: OfficeC2RClient.exe4
Faulting package-relative application ID: OfficeC2RClient.exe5


System errors:
=============
Error: (12/05/2015 09:22:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/05/2015 09:16:07 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (12/05/2015 07:04:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (12/05/2015 05:44:07 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/05/2015 05:43:37 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/05/2015 05:43:07 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/05/2015 05:42:37 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/05/2015 05:42:07 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/05/2015 01:09:14 PM) (Source: DCOM) (EventID: 10010) (User: traceur)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/05/2015 11:24:24 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.


CodeIntegrity:
===================================
Date: 2015-07-21 20:09:28.877
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-07 12:18:22.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
Percentage of memory in use: 61%
Total physical RAM: 3975.27 MB
Available physical RAM: 1519.43 MB
Total Virtual: 7647.02 MB
Available Virtual: 3743.59 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.52 GB) (Free:245.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8F1BD17D)

Partition: GPT.

==================== End of Addition.txt ============================

[mgilan]

a tady ten první, díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by gilan (administrator) on TRACEUR (05-12-2015 21:30:49)
Running from C:\Users\gilan\Downloads
Loaded Profiles: gilan & hardworker & Netflix and Chill (Available Profiles: gilan & hardworker & Netflix and Chill & Guest)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
() C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Users\gilan\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13425224 2013-03-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-09] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-09-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-09-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-11] (AVAST Software)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1856184 2015-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132224 2013-03-01] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1053056 2011-11-01] (Nokia)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4851008 2014-05-01] (Evernote)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\MountPoints2: {861072ee-6795-11e4-bef9-48d224dc8466} - "E:\Startme.exe"
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [2911406FB4B541BF60AB7D4418DCEB8B8DBFFD99._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-03] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\gilan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\Users\gilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-04-29]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\gilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-05-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-11-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

[mgilan]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.1
Tcpip\..\Interfaces\{3641BC71-B3F1-44F4-BC5E-E7D3D544B2BC}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6C36827-B13C-4064-8C79-DB87060608CE}: [DhcpNameServer] 192.168.1.1 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {075BD102-5862-4DD5-8DFD-90980D228127} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {15461DAF-9D1D-487B-9F95-73630EC058A3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {2F4914C5-69A3-41F0-8359-622BF0B06E79} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {3812DCBC-1FD2-4989-8F58-D21BCFA6EB43} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {570D676F-BDBE-4BDB-B52C-7FCD435D1BE3} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6D7223E1-ACFC-4A59-9D8F-29D190D0A17F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {ACA6993E-EDE1-4969-AD63-FE05699AEC69} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {D1C62174-0C68-48E5-AF80-937EE147055D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {24E6CF3D-7075-45BB-920A-1D76CA0F2AD5} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {4C1A402A-2399-4F37-9775-69EA58F2C466} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {5E4D2CED-0567-4A7C-8762-29A0EC952D4A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {6AE081B2-3890-441B-9CF7-B0B7C4274306} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {7D271E50-A3AD-471D-BD47-C8C3DA4D4A55} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {8A132AC8-A47E-46EC-871C-517963C70D61} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B3FE09B4-0DCA-4C72-A4F1-E44B292982D3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B516A2DA-567A-4427-991C-056A19054CCC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {EC8747F9-F3C5-477A-A29E-503AEB9C7E72} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-07] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll [2014-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll [2014-04-07] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL [2014-09-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-94618715-2390031703-3489685880-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-02-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-02-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fe_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2014-05-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-11-16] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: No Name - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2014-05-23] [not signed]

Chrome:
=======
CHR Profile: C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-03]
CHR Extension: (Disk Google) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-03]
CHR Extension: (Vyhledávání Google) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Tabulky Google) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-03]
CHR Extension: (Gmail) - C:\Users\gilan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-03]
CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-01] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-03] (AVAST Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164736 2012-11-08] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-05-02] (LENOVO INCORPORATED.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-01] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-03] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-01] (Qualcomm Atheros)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 21:30 - 2015-12-05 21:32 - 00036879 _____ C:\Users\gilan\Downloads\FRST.txt
2015-12-05 21:30 - 2015-12-05 21:30 - 00000000 ____D C:\FRST
2015-12-05 21:29 - 2015-12-05 21:29 - 02369024 _____ (Farbar) C:\Users\gilan\Downloads\FRST64.exe
2015-12-05 21:26 - 2015-12-05 21:26 - 01719808 _____ (Farbar) C:\Users\gilan\Downloads\FRST.exe
2015-12-05 11:24 - 2015-11-20 20:40 - 00157696 _____ C:\WINDOWS\ERUNT.exe
2015-12-04 15:27 - 2015-12-04 15:27 - 00000000 ____D C:\Users\gilan\Downloads\backups
2015-12-04 13:41 - 2015-12-04 13:41 - 00643382 _____ C:\Users\hardworker\Downloads\oleopro preklad.pdf
2015-12-04 10:20 - 2015-12-04 10:22 - 53509486 _____ C:\Users\hardworker\Downloads\Guidelines for trade fairs and exhibitions.pdf
2015-12-03 20:01 - 2015-12-03 20:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-03 20:00 - 2015-12-03 20:00 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-03 19:57 - 2015-12-03 19:57 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\VirtualStore
2015-12-03 10:48 - 2015-12-03 10:48 - 00000000 ____D C:\Users\hardworker\AppData\Local\VirtualStore
2015-12-03 10:17 - 2015-12-03 10:17 - 00007598 _____ C:\Users\gilan\Desktop\ttt.txt
2015-12-03 09:34 - 2015-12-03 09:34 - 00000000 ____D C:\Users\gilan\AppData\Local\NokiaAccount
2015-12-03 09:23 - 2015-12-03 08:53 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-12-03 08:53 - 2015-12-03 09:31 - 00000000 ____D C:\zoek_backup
2015-12-03 08:48 - 2015-12-03 08:51 - 01309184 _____ C:\Users\gilan\Desktop\zoek.exe
2015-12-02 20:58 - 2015-12-02 20:58 - 00000000 ____D C:\Users\hardworker\Downloads\reemail
2015-12-02 20:57 - 2015-12-02 20:57 - 06585028 _____ C:\Users\hardworker\Downloads\zakzkaledendusseldorf.zip
2015-12-02 14:07 - 2015-12-02 14:07 - 00301537 _____ C:\Users\hardworker\Downloads\ben_reg_d (1).pdf
2015-12-02 13:58 - 2015-12-02 13:58 - 00301537 _____ C:\Users\hardworker\Downloads\ben_reg_d.pdf
2015-12-02 12:24 - 2015-12-02 12:24 - 06585028 _____ C:\Users\hardworker\Downloads\reemail.zip
2015-12-02 10:20 - 2015-12-02 10:20 - 00548152 _____ C:\Users\hardworker\Downloads\rough-2.pdf
2015-11-30 23:24 - 2015-12-01 01:16 - 1432398252 _____ C:\Users\Netflix and Chill\Downloads\Gran-Torino-(2008)-HD-CZ-dabing-by-BREWISIUS.mp4
2015-11-30 22:40 - 2015-11-30 22:40 - 01159497 _____ C:\Users\hardworker\Downloads\fwdluxairport.zip
2015-11-30 18:32 - 2015-11-30 18:32 - 00003036 _____ C:\Users\Netflix and Chill\Desktop\kontakty 27.11.15.pdf
2015-11-29 14:49 - 2015-11-29 14:49 - 00103793 _____ C:\Users\hardworker\Desktop\kontakty 13_11.pdf
2015-11-28 21:08 - 2015-11-28 22:05 - 731097088 _____ C:\Users\Netflix and Chill\Downloads\The-Man-from-Earth-Pozemstan-(2007)-dvdrip-xvid-ENG+CZ-titulky.avi (1).crdownload
2015-11-28 21:07 - 2015-11-28 21:07 - 00127732 _____ C:\Users\Netflix and Chill\Downloads\The-Man-from-Earth-Pozemstan-(2007)-dvdrip-xvid-ENG+CZ-titulky.srt
2015-11-28 21:02 - 2015-11-28 21:07 - 55287350 _____ C:\Users\Netflix and Chill\Downloads\The-Man-from-Earth-Pozemstan-(2007)-dvdrip-xvid-ENG+CZ-titulky.avi.crdownload
2015-11-28 16:00 - 2015-12-03 20:11 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\CrashDumps
2015-11-27 14:51 - 2015-12-04 08:23 - 00000000 ____D C:\Users\hardworker\AppData\Local\CrashDumps
2015-11-27 14:18 - 2015-11-27 14:18 - 00007914 _____ C:\Users\gilan\Desktop\rogue.txt
2015-11-27 13:56 - 2015-12-03 09:46 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-27 13:56 - 2015-12-03 07:56 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-27 13:55 - 2015-11-27 13:54 - 23719496 _____ C:\Users\gilan\Desktop\RogueKillerX64.exe
2015-11-27 13:54 - 2015-11-27 13:54 - 23719496 _____ C:\Users\gilan\Downloads\RogueKillerX64.exe
2015-11-27 13:38 - 2015-11-27 13:38 - 00002500 _____ C:\Users\gilan\Desktop\malware.txt
2015-11-27 13:13 - 2015-11-27 13:13 - 00001323 _____ C:\Users\gilan\Desktop\JRT.txt
2015-11-27 13:06 - 2015-11-27 13:05 - 01599336 _____ (Malwarebytes) C:\Users\gilan\Desktop\JRT.exe
2015-11-27 13:05 - 2015-11-27 13:05 - 01599336 _____ (Malwarebytes) C:\Users\gilan\Downloads\JRT.exe
2015-11-27 12:27 - 2015-11-27 12:27 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-27 12:27 - 2015-11-27 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-27 12:25 - 2015-11-27 12:25 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (6).exe
2015-11-27 12:25 - 2015-11-27 12:25 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (5).exe
2015-11-27 12:20 - 2015-11-27 12:21 - 00181902 _____ C:\WINDOWS\ntbtlog.txt
2015-11-27 12:17 - 2015-11-27 12:17 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (4).exe
2015-11-27 12:12 - 2015-11-27 12:04 - 00400600 _____ C:\mmmmm.xml
2015-11-27 11:39 - 2015-11-27 13:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-27 11:39 - 2015-11-27 11:39 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-27 11:39 - 2015-11-27 11:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-27 11:39 - 2015-11-27 11:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-27 11:39 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-27 11:39 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-27 11:39 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-27 11:37 - 2015-11-27 11:38 - 22908888 _____ (Malwarebytes ) C:\Users\gilan\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-27 11:28 - 2015-11-27 11:28 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (3).exe
2015-11-27 11:27 - 2015-11-27 11:27 - 01733632 _____ C:\Users\gilan\Downloads\AdwCleaner (1).exe
2015-11-27 11:27 - 2015-11-27 11:27 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (2).exe
2015-11-27 11:19 - 2015-11-27 11:22 - 00174035 _____ C:\Users\gilan\Downloads\AdwCleaner (1).exe.opdownload
2015-11-27 11:18 - 2015-11-27 11:18 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup (1).exe
2015-11-27 11:09 - 2015-11-27 12:57 - 00000000 ____D C:\AdwCleaner
2015-11-27 11:03 - 2015-11-27 11:03 - 00000000 ____D C:\Users\gilan\AppData\Local\Okidata
2015-11-27 11:00 - 2015-11-27 11:00 - 00929872 _____ (Google Inc.) C:\Users\gilan\Downloads\ChromeSetup.exe
2015-11-27 10:52 - 2015-11-27 10:51 - 01733632 _____ C:\Users\gilan\Desktop\AdwCleaner.exe
2015-11-27 10:51 - 2015-11-27 10:51 - 01733632 _____ C:\Users\gilan\Downloads\AdwCleaner.exe
2015-11-27 10:50 - 2015-11-27 10:50 - 00000000 _____ C:\Users\gilan\Downloads\TFC.exe.51phskf.partial
2015-11-27 10:49 - 2015-11-27 10:49 - 00447132 _____ (OldTimer Tools) C:\Users\gilan\Downloads\TFC.exe (2).opdownload
2015-11-27 10:47 - 2015-11-27 10:47 - 00448172 _____ (OldTimer Tools) C:\Users\gilan\Downloads\TFC.exe.opdownload
2015-11-27 10:47 - 2015-11-27 10:47 - 00446720 _____ (OldTimer Tools) C:\Users\gilan\Downloads\TFC.exe (1).opdownload
2015-11-27 10:19 - 2015-11-27 10:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\gilan\Downloads\HijackThis (1).exe
2015-11-27 10:18 - 2015-11-27 10:18 - 00388608 _____ (Trend Micro Inc.) C:\Users\gilan\Downloads\HijackThis.exe
2015-11-27 10:09 - 2015-11-27 10:09 - 00003818 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1393978642
2015-11-27 10:03 - 2015-11-27 10:03 - 00209986 _____ C:\Users\gilan\Documents\cc_20151127_100310.reg
2015-11-27 09:59 - 2015-11-27 10:00 - 00000000 ____D C:\Users\gilan\AppData\Local\Deployment
2015-11-27 09:45 - 2015-11-27 09:45 - 00000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-27 09:15 - 2015-11-27 09:15 - 00000000 ____H C:\Users\gilan\Documents\Default.rdp
2015-11-27 09:00 - 2015-11-27 09:00 - 00929872 _____ (Google Inc.) C:\Users\Netflix and Chill\Downloads\ChromeSetup.exe
2015-11-27 07:53 - 2015-11-27 12:23 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-25 15:12 - 2015-11-25 15:12 - 00000017 _____ C:\Users\gilan\AppData\Local\resmon.resmoncfg
2015-11-25 14:39 - 2015-11-30 22:26 - 00000000 ____D C:\Users\hardworker\Downloads\wetransfer-dd3a1b
2015-11-24 07:36 - 2015-11-24 07:39 - 00004128 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448346969
2015-11-24 07:36 - 2015-11-24 07:39 - 00001456 _____ C:\Users\Netflix and Chill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-24 07:36 - 2015-11-24 07:36 - 00001450 _____ C:\Users\Netflix and Chill\Desktop\Opera.lnk
2015-11-24 07:36 - 2015-11-24 07:36 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Roaming\Opera Software
2015-11-24 07:36 - 2015-11-24 07:36 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\Opera Software
2015-11-23 21:56 - 2015-11-23 21:59 - 34534904 _____ (Opera Software) C:\Users\Netflix and Chill\Downloads\Opera_32.0.1948.25_Setup.exe
2015-11-23 08:35 - 2015-11-23 08:35 - 07827071 _____ C:\Users\hardworker\Downloads\BW FruitLogistica2016 - vues..pdf
2015-11-21 22:04 - 2015-11-22 00:03 - 1387435314 _____ C:\Users\Netflix and Chill\Downloads\RRRrrrr!!!.avi.crdownload
2015-11-20 23:59 - 2015-12-03 10:53 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\Seznam.cz
2015-11-20 15:35 - 2015-11-20 15:35 - 00003510 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-traceur-hardworker
2015-11-20 15:25 - 2015-11-20 15:25 - 00001229 _____ C:\Users\hardworker\AppData\Local\recently-used.xbel
2015-11-20 14:49 - 2015-11-20 14:49 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2015-11-20 14:34 - 2015-11-20 15:11 - 00001569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-11-20 14:34 - 2015-11-20 15:11 - 00001557 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-11-20 14:33 - 2015-11-20 14:49 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-20 14:33 - 2015-11-20 14:33 - 00000000 ____D C:\Program Files\Adobe
2015-11-20 13:47 - 2015-11-20 14:19 - 00000000 ____D C:\Users\hardworker\Downloads\indesign
2015-11-17 22:07 - 2015-11-17 22:07 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Roaming\inkscape
2015-11-17 17:15 - 2015-11-17 17:15 - 00000000 ____D C:\Users\hardworker\AppData\Local\fontconfig
2015-11-17 17:14 - 2015-11-17 17:14 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\inkscape
2015-11-17 17:10 - 2015-11-17 17:10 - 00000878 _____ C:\Users\Public\Desktop\Inkscape 0.91.lnk
2015-11-17 17:09 - 2015-11-17 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-11-17 17:09 - 2015-11-17 17:10 - 00000000 ____D C:\Program Files\Inkscape
2015-11-17 16:41 - 2015-11-17 16:48 - 00085992 _____ C:\Users\hardworker\Documents\Book1.pdf
2015-11-16 21:41 - 2015-12-03 20:02 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz
2015-11-16 14:53 - 2015-11-16 14:53 - 00002286 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-11-16 14:53 - 2015-11-16 14:53 - 00002286 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-11-16 14:52 - 2015-12-03 09:39 - 00000000 ____D C:\Users\gilan\AppData\Roaming\Seznam.cz
2015-11-16 14:52 - 2015-11-16 14:52 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-11-16 12:04 - 2015-11-16 12:04 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\AMPSoft
2015-11-16 12:03 - 2015-11-16 12:03 - 00001089 _____ C:\Users\Netflix and Chill\Desktop\AMP Font Viewer.lnk
2015-11-16 12:03 - 2015-11-16 12:03 - 00001089 _____ C:\Users\hardworker\Desktop\AMP Font Viewer.lnk
2015-11-16 12:03 - 2015-11-16 12:03 - 00001089 _____ C:\Users\Guest\Desktop\AMP Font Viewer.lnk
2015-11-16 12:03 - 2015-11-16 12:03 - 00001089 _____ C:\Users\gilan\Desktop\AMP Font Viewer.lnk
2015-11-16 12:03 - 2015-11-16 12:03 - 00000000 ____D C:\Users\gilan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer
2015-11-16 12:03 - 2015-11-16 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer
2015-11-16 12:03 - 2015-11-16 12:03 - 00000000 ____D C:\Program Files (x86)\AMP Font Viewer
2015-11-16 09:50 - 2015-11-16 09:50 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-16 09:46 - 2015-11-16 09:46 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-11-16 09:46 - 2015-11-16 09:46 - 00002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-11-16 09:46 - 2015-11-16 09:46 - 00002045 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2015-11-16 08:51 - 2015-11-16 08:58 - 00000000 ____D C:\Users\hardworker\Downloads\acrobat
2015-11-15 20:49 - 2015-11-14 17:13 - 49237233 ____N C:\Users\Netflix and Chill\Desktop\rybicky-48-adios-embryos-2006-pres-MultiLoad.cz.rar
2015-11-15 16:20 - 2015-11-15 16:20 - 00109980 _____ C:\Users\Netflix and Chill\Downloads\kontakty 09_11.pdf
2015-11-15 16:20 - 2015-11-15 16:20 - 00000000 ____D C:\Users\Netflix and Chill\AppData\LocalLow\Adobe
2015-11-15 16:20 - 2015-11-15 16:20 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\CEF
2015-11-14 09:09 - 2015-11-03 01:23 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-14 09:09 - 2015-11-03 01:23 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-13 12:22 - 2015-11-13 12:22 - 00208586 _____ C:\Users\hardworker\Desktop\na 100 g.pdf
2015-11-11 11:55 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2015-11-11 11:55 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2015-11-11 11:55 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2015-11-11 11:55 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2015-11-11 11:55 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-11-11 11:55 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-11-11 11:55 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-11-11 11:55 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-11-11 11:55 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-11-11 11:55 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-11-11 11:55 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-11-11 11:55 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-11-11 11:55 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-11-11 11:55 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-11-11 11:55 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-11-11 11:55 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2015-11-11 11:55 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-11-11 11:55 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-11-11 11:55 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-11-11 11:55 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-11-11 11:55 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-11-11 11:52 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 11:52 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 11:52 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2015-11-11 11:50 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 11:50 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 11:50 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-11-11 11:50 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-11-11 11:50 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-11-11 11:47 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 11:47 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 11:47 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-11-11 11:47 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-11-11 11:47 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 11:47 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 11:47 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-11-11 11:47 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 11:47 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-11-11 11:47 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 11:47 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-11-11 11:47 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-11-11 11:47 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 11:47 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-11-11 11:47 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-11-11 11:47 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-11-11 11:47 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-11-11 11:47 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 11:47 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 11:47 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-11-11 11:47 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-11-11 11:47 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 11:47 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-11-11 11:47 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-11-11 11:47 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-11-11 11:47 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-11-11 11:47 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-11-11 11:47 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-11-11 11:47 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-11-11 11:47 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-11-11 11:47 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-11-11 11:47 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-11-11 11:47 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-11-11 11:47 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-11-11 11:47 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-11-11 11:47 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-11 11:47 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 11:47 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-11-11 11:47 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-11-11 11:47 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-11-11 11:47 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-11-11 11:47 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-11-11 11:46 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-11-11 11:46 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-11-11 11:46 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-11-11 11:46 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-11-11 11:46 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-11-11 11:46 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-11-11 11:46 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-11-09 13:47 - 2015-11-09 13:47 - 00000000 ____D C:\Users\hardworker\Documents\Freemake
2015-11-09 12:51 - 2015-11-20 13:48 - 00000000 ____D C:\Users\hardworker\Downloads\films

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 21:30 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-05 19:08 - 2014-02-18 12:28 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-05 17:45 - 2015-10-17 11:15 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6ACBF976-FC54-48E5-A41C-7EEDE6C8FB4C}
2015-12-05 17:45 - 2015-03-06 20:49 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B022853-45DF-42EC-937D-96F442685AAE}
2015-12-05 17:45 - 2014-04-07 06:38 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8601B4B7-BA7D-409C-9021-52AEC189DDF9}
2015-12-05 13:08 - 2014-02-18 12:28 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-05 11:29 - 2015-10-01 10:24 - 00000000 ____D C:\Users\hardworker\AppData\Local\Adobe
2015-12-04 15:22 - 2014-04-29 10:12 - 00000000 ____D C:\Users\gilan\AppData\Local\Skitch
2015-12-04 14:58 - 2015-10-10 16:51 - 00000000 ___RD C:\Users\hardworker\Google Drive
2015-12-04 13:12 - 2014-02-17 21:39 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-94618715-2390031703-3489685880-1001
2015-12-04 12:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-04 12:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 11:27 - 2014-02-18 11:41 - 00000000 ____D C:\Users\gilan\AppData\Local\VirtualStore
2015-12-03 09:34 - 2014-02-20 21:35 - 00000000 ___RD C:\Users\gilan\Disk Google
2015-12-03 09:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-03 09:30 - 2013-09-21 05:00 - 00029184 _____ C:\WINDOWS\system32\VfService.trf
2015-12-03 09:30 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-03 09:06 - 2014-02-18 23:06 - 00000000 ____D C:\Users\gilan\AppData\Local\CrashDumps
2015-12-02 14:39 - 2015-10-09 09:04 - 00000233 _____ C:\Users\hardworker\AppData\LocaldependencyLog.txt
2015-12-02 14:39 - 2015-10-09 09:04 - 00000184 _____ C:\Users\hardworker\AppData\Local\RegisteredPackageInformation.xml
2015-12-02 14:39 - 2015-10-09 09:04 - 00000022 _____ C:\Users\hardworker\AppData\LocalUserGuideLog.txt
2015-12-02 14:39 - 2015-10-09 09:04 - 00000000 _____ C:\Users\hardworker\AppData\LocalMachineInfoLog.txt
2015-12-02 14:39 - 2014-06-17 06:38 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-02 13:03 - 2014-02-18 12:28 - 00003894 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 13:03 - 2014-02-18 12:28 - 00003658 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 10:14 - 2015-10-12 10:06 - 00000000 ____D C:\Users\hardworker\AppData\Local\Skitch
2015-12-01 22:07 - 2015-10-16 16:48 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Roaming\vlc
2015-11-30 23:18 - 2015-09-09 22:57 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\vlc
2015-11-30 11:19 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-11-28 18:09 - 2015-10-15 18:42 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-94618715-2390031703-3489685880-1005
2015-11-28 15:45 - 2015-10-15 18:36 - 00002286 _____ C:\Users\Netflix and Chill\Desktop\Google Chrome.lnk
2015-11-27 14:46 - 2015-03-06 20:54 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-94618715-2390031703-3489685880-1003
2015-11-27 13:39 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-11-27 13:36 - 2014-03-05 11:00 - 00000000 ____D C:\Program Files (x86)\AbiWord
2015-11-27 12:26 - 2014-02-18 12:28 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-27 12:24 - 2014-02-18 12:19 - 00000022 _____ C:\Users\gilan\AppData\LocalUserGuideLog.txt
2015-11-27 12:23 - 2014-02-18 12:19 - 00000233 _____ C:\Users\gilan\AppData\LocaldependencyLog.txt
2015-11-27 12:23 - 2014-02-18 12:19 - 00000184 _____ C:\Users\gilan\AppData\Local\RegisteredPackageInformation.xml
2015-11-27 12:23 - 2014-02-18 12:19 - 00000000 _____ C:\Users\gilan\AppData\LocalMachineInfoLog.txt
2015-11-27 11:22 - 2014-06-21 10:01 - 00003094 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-94618715-2390031703-3489685880-1001
2015-11-27 11:22 - 2014-06-21 10:01 - 00000000 ___RD C:\Users\gilan\OneDrive
2015-11-27 10:10 - 2014-03-05 01:17 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 10:09 - 2014-03-05 01:17 - 00001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-27 09:54 - 2014-10-16 21:50 - 00000000 ____D C:\Users\gilan\AppData\Roaming\BitTorrent
2015-11-27 09:54 - 2014-03-04 10:07 - 00000000 ____D C:\Users\gilan\AppData\Roaming\inkscape
2015-11-27 09:53 - 2014-04-10 10:07 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-27 09:00 - 2015-10-15 18:36 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\Google
2015-11-27 08:31 - 2015-10-15 18:36 - 00000000 ____D C:\Users\Netflix and Chill
2015-11-27 08:04 - 2015-07-16 12:02 - 00002053 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-27 08:04 - 2014-11-09 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-27 08:03 - 2013-09-21 04:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-25 08:50 - 2014-02-20 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-11-23 07:59 - 2015-10-01 07:55 - 00000000 ____D C:\ProgramData\Adobe
2015-11-21 12:46 - 2014-02-25 20:43 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-11-21 12:44 - 2015-03-06 20:49 - 00000000 ____D C:\Users\hardworker
2015-11-21 12:37 - 2013-08-22 15:44 - 00490120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-20 15:35 - 2015-03-06 20:49 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\Adobe
2015-11-20 14:50 - 2015-10-01 08:45 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-20 14:33 - 2014-02-18 11:41 - 00000000 ____D C:\Users\gilan\AppData\Roaming\Adobe
2015-11-16 09:29 - 2015-03-06 20:49 - 00000000 ____D C:\Users\hardworker\AppData\Local\Packages
2015-11-15 16:21 - 2015-10-15 18:36 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Roaming\Adobe
2015-11-15 16:20 - 2015-10-15 18:37 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\Adobe
2015-11-15 16:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-11-15 16:06 - 2015-10-15 18:36 - 00000000 ____D C:\Users\Netflix and Chill\AppData\Local\Packages
2015-11-14 09:13 - 2015-07-08 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-14 09:03 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-11-13 09:01 - 2015-10-01 12:10 - 00000000 ____D C:\Users\hardworker\AppData\Roaming\ObviousIdea
2015-11-11 15:38 - 2014-06-17 06:37 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-11 15:38 - 2014-06-17 06:37 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-11 13:48 - 2014-10-17 19:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 13:47 - 2014-09-20 12:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 13:46 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 13:17 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-11-11 13:15 - 2014-02-19 17:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 12:48 - 2014-02-19 17:13 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-10 07:44 - 2013-09-21 04:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-10 07:44 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories =======

2014-12-08 19:43 - 2014-12-08 19:43 - 0000218 _____ () C:\Users\gilan\AppData\Local\recently-used.xbel
2014-02-18 12:19 - 2015-11-27 12:23 - 0000184 _____ () C:\Users\gilan\AppData\Local\RegisteredPackageInformation.xml
2015-11-25 15:12 - 2015-11-25 15:12 - 0000017 _____ () C:\Users\gilan\AppData\Local\resmon.resmoncfg
2014-02-18 11:35 - 2014-02-18 11:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\gilan\AppData\Local\Temp\dllnt_dump.dll
C:\Users\gilan\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-30 11:31

==================== End of FRST.txt ============================

[jerabina]

Máš tam nějaké zbytky Aviry, smažu je FRST dobře?

Dále, máš něco nelegálně od Adobe?

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\MountPoints2: {861072ee-6795-11e4-bef9-48d224dc8466} - "E:\Startme.exe"
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [2911406FB4B541BF60AB7D4418DCEB8B8DBFFD99._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {075BD102-5862-4DD5-8DFD-90980D228127} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {15461DAF-9D1D-487B-9F95-73630EC058A3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {2F4914C5-69A3-41F0-8359-622BF0B06E79} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {3812DCBC-1FD2-4989-8F58-D21BCFA6EB43} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {570D676F-BDBE-4BDB-B52C-7FCD435D1BE3} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6D7223E1-ACFC-4A59-9D8F-29D190D0A17F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {ACA6993E-EDE1-4969-AD63-FE05699AEC69} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {D1C62174-0C68-48E5-AF80-937EE147055D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {24E6CF3D-7075-45BB-920A-1D76CA0F2AD5} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {4C1A402A-2399-4F37-9775-69EA58F2C466} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {5E4D2CED-0567-4A7C-8762-29A0EC952D4A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {6AE081B2-3890-441B-9CF7-B0B7C4274306} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {7D271E50-A3AD-471D-BD47-C8C3DA4D4A55} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {8A132AC8-A47E-46EC-871C-517963C70D61} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B3FE09B4-0DCA-4C72-A4F1-E44B292982D3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B516A2DA-567A-4427-991C-056A19054CCC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {EC8747F9-F3C5-477A-A29E-503AEB9C7E72} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl
C:\Program Files (x86)\Avira
C:\Users\gilan\AppData\Local\Temp

Task: {0B2C8F13-2124-47DA-B9FB-3A98059B854C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {1F13B00A-8E17-437B-8A96-AD2AB3087E4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {A894CC62-D0BF-46B8-8C29-F231B7B36AD4} - \OFFICE2013ACT -> No File <==== ATTENTION
Task: {C0878DB6-C03C-4BFD-A6DB-981010A6021E} - \Builder Pool -> No File <==== ATTENTION
Task: {D900848A-55F3-43E8-AB29-1C0199D19A4E} - System32\Tasks\AdobeAAMUpdater-1.0-traceur-hardworker => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {E1E9D5E4-3BF1-4BAE-8946-4EBAFF82FE51} - System32\Tasks\{4C02F359-D406-47E7-AC66-BDD7D6316040} => pcalua.exe -a "C:\Program Files (x86)\JDownloader\JDUninstall.exe"
Task: {F671715F-C143-462C-97C7-6243A2564B8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:E2F200D2

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[mgilan]

Ok, jo mám něco na pdfko od adobe,
dík

[mgilan]

Fix result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by gilan (2015-12-07 08:04:40) Run:1
Running from C:\Users\gilan\Desktop
Loaded Profiles: gilan & hardworker & Netflix and Chill (Available Profiles: gilan & hardworker & Netflix and Chill & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [] => [X]
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\...\MountPoints2: {861072ee-6795-11e4-bef9-48d224dc8466} - "E:\Startme.exe"
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [2911406FB4B541BF60AB7D4418DCEB8B8DBFFD99._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\hardworker\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Netflix and Chill\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {075BD102-5862-4DD5-8DFD-90980D228127} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {15461DAF-9D1D-487B-9F95-73630EC058A3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {2F4914C5-69A3-41F0-8359-622BF0B06E79} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {3812DCBC-1FD2-4989-8F58-D21BCFA6EB43} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {570D676F-BDBE-4BDB-B52C-7FCD435D1BE3} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {6D7223E1-ACFC-4A59-9D8F-29D190D0A17F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {ACA6993E-EDE1-4969-AD63-FE05699AEC69} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1001 -> {D1C62174-0C68-48E5-AF80-937EE147055D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {24E6CF3D-7075-45BB-920A-1D76CA0F2AD5} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {4C1A402A-2399-4F37-9775-69EA58F2C466} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {5E4D2CED-0567-4A7C-8762-29A0EC952D4A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {6AE081B2-3890-441B-9CF7-B0B7C4274306} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {7D271E50-A3AD-471D-BD47-C8C3DA4D4A55} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {8A132AC8-A47E-46EC-871C-517963C70D61} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B3FE09B4-0DCA-4C72-A4F1-E44B292982D3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {B516A2DA-567A-4427-991C-056A19054CCC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1003 -> {EC8747F9-F3C5-477A-A29E-503AEB9C7E72} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> DefaultScope {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =
SearchScopes: HKU\S-1-5-21-94618715-2390031703-3489685880-1005 -> {455D72AB-9585-47F2-ABB7-ECF7482D3BDA} URL =

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl
C:\Program Files (x86)\Avira
C:\Users\gilan\AppData\Local\Temp

Task: {0B2C8F13-2124-47DA-B9FB-3A98059B854C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {1F13B00A-8E17-437B-8A96-AD2AB3087E4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {A894CC62-D0BF-46B8-8C29-F231B7B36AD4} - \OFFICE2013ACT -> No File <==== ATTENTION
Task: {C0878DB6-C03C-4BFD-A6DB-981010A6021E} - \Builder Pool -> No File <==== ATTENTION
Task: {D900848A-55F3-43E8-AB29-1C0199D19A4E} - System32\Tasks\AdobeAAMUpdater-1.0-traceur-hardworker => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {E1E9D5E4-3BF1-4BAE-8946-4EBAFF82FE51} - System32\Tasks\{4C02F359-D406-47E7-AC66-BDD7D6316040} => pcalua.exe -a "C:\Program Files (x86)\JDownloader\JDUninstall.exe"
Task: {F671715F-C143-462C-97C7-6243A2564B8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:E2F200D2

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Avira SystrayStartTrigger => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{861072ee-6795-11e4-bef9-48d224dc8466}" => key removed successfully
HKCR\CLSID\{861072ee-6795-11e4-bef9-48d224dc8466} => key not found.
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Windows\CurrentVersion\Run\\2911406FB4B541BF60AB7D4418DCEB8B8DBFFD99._service_run => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0 => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value removed successfully
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{075BD102-5862-4DD5-8DFD-90980D228127}" => key removed successfully
HKCR\CLSID\{075BD102-5862-4DD5-8DFD-90980D228127} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15461DAF-9D1D-487B-9F95-73630EC058A3}" => key removed successfully
HKCR\CLSID\{15461DAF-9D1D-487B-9F95-73630EC058A3} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F4914C5-69A3-41F0-8359-622BF0B06E79}" => key removed successfully
HKCR\CLSID\{2F4914C5-69A3-41F0-8359-622BF0B06E79} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3812DCBC-1FD2-4989-8F58-D21BCFA6EB43}" => key removed successfully
HKCR\CLSID\{3812DCBC-1FD2-4989-8F58-D21BCFA6EB43} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{570D676F-BDBE-4BDB-B52C-7FCD435D1BE3}" => key removed successfully
HKCR\CLSID\{570D676F-BDBE-4BDB-B52C-7FCD435D1BE3} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D7223E1-ACFC-4A59-9D8F-29D190D0A17F}" => key removed successfully
HKCR\CLSID\{6D7223E1-ACFC-4A59-9D8F-29D190D0A17F} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACA6993E-EDE1-4969-AD63-FE05699AEC69}" => key removed successfully
HKCR\CLSID\{ACA6993E-EDE1-4969-AD63-FE05699AEC69} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1C62174-0C68-48E5-AF80-937EE147055D}" => key removed successfully
HKCR\CLSID\{D1C62174-0C68-48E5-AF80-937EE147055D} => key not found.
HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24E6CF3D-7075-45BB-920A-1D76CA0F2AD5}" => key removed successfully
HKCR\CLSID\{24E6CF3D-7075-45BB-920A-1D76CA0F2AD5} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{455D72AB-9585-47F2-ABB7-ECF7482D3BDA}" => key removed successfully
HKCR\CLSID\{455D72AB-9585-47F2-ABB7-ECF7482D3BDA} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4C1A402A-2399-4F37-9775-69EA58F2C466}" => key removed successfully
HKCR\CLSID\{4C1A402A-2399-4F37-9775-69EA58F2C466} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E4D2CED-0567-4A7C-8762-29A0EC952D4A}" => key removed successfully
HKCR\CLSID\{5E4D2CED-0567-4A7C-8762-29A0EC952D4A} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6AE081B2-3890-441B-9CF7-B0B7C4274306}" => key removed successfully
HKCR\CLSID\{6AE081B2-3890-441B-9CF7-B0B7C4274306} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7D271E50-A3AD-471D-BD47-C8C3DA4D4A55}" => key removed successfully
HKCR\CLSID\{7D271E50-A3AD-471D-BD47-C8C3DA4D4A55} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A132AC8-A47E-46EC-871C-517963C70D61}" => key removed successfully
HKCR\CLSID\{8A132AC8-A47E-46EC-871C-517963C70D61} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3FE09B4-0DCA-4C72-A4F1-E44B292982D3}" => key removed successfully
HKCR\CLSID\{B3FE09B4-0DCA-4C72-A4F1-E44B292982D3} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B516A2DA-567A-4427-991C-056A19054CCC}" => key removed successfully
HKCR\CLSID\{B516A2DA-567A-4427-991C-056A19054CCC} => key not found.
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC8747F9-F3C5-477A-A29E-503AEB9C7E72}" => key removed successfully
HKCR\CLSID\{EC8747F9-F3C5-477A-A29E-503AEB9C7E72} => key not found.
HKU\S-1-5-21-94618715-2390031703-3489685880-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{455D72AB-9585-47F2-ABB7-ECF7482D3BDA}" => key removed successfully
HKCR\CLSID\{455D72AB-9585-47F2-ABB7-ECF7482D3BDA} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
"HKU\S-1-5-21-94618715-2390031703-3489685880-1003\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => key removed successfully
C:\ProgramData\RogueKiller => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Program Files (x86)\Avira => moved successfully
C:\Users\gilan\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B2C8F13-2124-47DA-B9FB-3A98059B854C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B2C8F13-2124-47DA-B9FB-3A98059B854C}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F13B00A-8E17-437B-8A96-AD2AB3087E4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F13B00A-8E17-437B-8A96-AD2AB3087E4D}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A894CC62-D0BF-46B8-8C29-F231B7B36AD4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A894CC62-D0BF-46B8-8C29-F231B7B36AD4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OFFICE2013ACT" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0878DB6-C03C-4BFD-A6DB-981010A6021E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0878DB6-C03C-4BFD-A6DB-981010A6021E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Builder Pool" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D900848A-55F3-43E8-AB29-1C0199D19A4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D900848A-55F3-43E8-AB29-1C0199D19A4E}" => key removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-traceur-hardworker => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-traceur-hardworker" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1E9D5E4-3BF1-4BAE-8946-4EBAFF82FE51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1E9D5E4-3BF1-4BAE-8946-4EBAFF82FE51}" => key removed successfully
C:\WINDOWS\System32\Tasks\{4C02F359-D406-47E7-AC66-BDD7D6316040} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4C02F359-D406-47E7-AC66-BDD7D6316040}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F671715F-C143-462C-97C7-6243A2564B8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F671715F-C143-462C-97C7-6243A2564B8B}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Temp => ":E2F200D2" ADS removed successfully.
EmptyTemp: => 251.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 08:05:42 ====

[mgilan]

Hustý! už můžu používat karty a nezavíraj se :)

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[mgilan]

# DelFix v1.011 - Logfile created 07/12/2015 at 11:41:26
# Updated 18/08/2015 by Xplode
# Username : gilan - TRACEUR
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\gilan\Desktop\AdwCleaner.exe
Deleted : C:\Users\gilan\Desktop\Fixlog.txt
Deleted : C:\Users\gilan\Desktop\FRST64.exe
Deleted : C:\Users\gilan\Desktop\JRT.exe
Deleted : C:\Users\gilan\Desktop\JRT.txt
Deleted : C:\Users\gilan\Desktop\hjt.jpg
Deleted : C:\Users\gilan\Desktop\RogueKillerX64.exe
Deleted : C:\Users\gilan\Desktop\zoek.exe
Deleted : C:\Users\gilan\Downloads\Addition.txt
Deleted : C:\Users\gilan\Downloads\AdwCleaner (1).exe
Deleted : C:\Users\gilan\Downloads\AdwCleaner (1).exe.opdownload
Deleted : C:\Users\gilan\Downloads\AdwCleaner.exe
Deleted : C:\Users\gilan\Downloads\FRST.exe
Deleted : C:\Users\gilan\Downloads\FRST.txt
Deleted : C:\Users\gilan\Downloads\JRT.exe
Deleted : C:\Users\gilan\Downloads\HijackThis (1).exe
Deleted : C:\Users\gilan\Downloads\HijackThis.exe
Deleted : C:\Users\gilan\Downloads\hijackthis.log
Deleted : C:\Users\gilan\Downloads\RogueKillerX64.exe
Deleted : C:\Users\gilan\Downloads\TFC.exe (1).opdownload
Deleted : C:\Users\gilan\Downloads\TFC.exe (2).opdownload
Deleted : C:\Users\gilan\Downloads\TFC.exe.51phskf.partial
Deleted : C:\Users\gilan\Downloads\TFC.exe.opdownload
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #103 [JRT Pre-Junkware Removal | 11/27/2015 12:06:55]
Deleted : RP #104 [zoek.exe restore point | 12/03/2015 07:56:07]

New restore point created !

########## - EOF - ##########

[mgilan]

Luxusní! Super děkuju moc :)