Prosim o kontrolu logu - zmena dom. stranky Vyřešeno

[Bohuš]

RogueKiller V11.0.5.0 (x64) [Dec 28 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : PC [Administrator]
Started from : C:\Users\PC\Desktop\RogueKillerX64.exe
Mode : Scan -- Date : 01/02/2016 17:26:40

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[Hidden.ADS][[[ADS]]] C:\Windows:nlsPreferences -> Found

¤¤¤ Hosts File : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD3000HLFS-01G6U0 ATA Device +++++
--- User ---
[MBR] 712d0a86919d3d9ca1458f69380e6c34
[BSP] 9789a9a37828c7b32f42caeb02fc12bc : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 285616 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 585148416 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Hitachi HDE721010SLA330 ATA Device +++++
--- User ---
[MBR] 3de6263b7d5cb966ecc0e602586d1764
[BSP] 0cdb4b810e5e2b822c5251b48648c2db : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953859 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[Reklama]

[Bohuš]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by PC on so 02. 01. 2016 at 17:32:34,61.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2. 1. 2016 17:33:57 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\firebird deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\PC\AppData\Local\ActiveSync deleted successfully
C:\Users\PC\AppData\Local\Skype deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\prefs.js:
user_pref("browser.startup.homepage", "www.google.sk");

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default\prefs.js:

Added to C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\Users\PC\.android deleted
C:\Users\PC\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\PC\AppData\LocalLow\Unity deleted
C:\WINDOWS\wininit.ini deleted
"C:\WINDOWS\Installer\fe4a30e.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847
70858ED7836E5C849D33576A84DC8CCF - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12. 10. 2015 09:31]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

IE Tab - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd
Skype - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Drive App Launcher - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - https://www.google.com/search?q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3CE42A810AB28344AAC53AFC1891D422 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18A24EC3-2BA0-4438-AA5C-A3CF81194D22} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blue Coat K9 Web Protection deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3CE42A810AB28344AAC53AFC1891D422 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Andy deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=76 folders=39 420070305 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 02. 01. 2016 at 17:54:35,99 ======================

[Bohuš]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by PC on so 02. 01. 2016 at 17:32:34,61.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2. 1. 2016 17:33:57 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\firebird deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\PC\AppData\Local\ActiveSync deleted successfully
C:\Users\PC\AppData\Local\Skype deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\prefs.js:
user_pref("browser.startup.homepage", "www.google.sk");

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default\prefs.js:

Added to C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\Users\PC\.android deleted
C:\Users\PC\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\PC\AppData\LocalLow\Unity deleted
C:\WINDOWS\wininit.ini deleted
"C:\WINDOWS\Installer\fe4a30e.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\lh2ctx6u.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847
70858ED7836E5C849D33576A84DC8CCF - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12. 10. 2015 09:31]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

IE Tab - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd
Skype - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Drive App Launcher - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - https://www.google.com/search?q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3CE42A810AB28344AAC53AFC1891D422 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18A24EC3-2BA0-4438-AA5C-A3CF81194D22} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blue Coat K9 Web Protection deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3CE42A810AB28344AAC53AFC1891D422 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Andy deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=76 folders=39 420070305 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 02. 01. 2016 at 17:54:35,99 ======================

[Bohuš]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by PC (administrator) on PC-PC (02-01-2016 17:59:05)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2602248 2015-09-03] (FSPro Labs)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-08] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-08] (AVAST Software)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk [2015-12-31]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d4eb35b5-aeb2-4f9b-8037-1bcc6d0ca95b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-27] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-27] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t0lp9rua.default-1451564025847
FF NewTab: about:newtab
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-27] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1447758070-3208373595-3319655905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-24]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-24]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-24]
CHR Extension: (IE Tab) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-12-24]
CHR Extension: (Skype Click to Call) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-04]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-08] (AVAST Software)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2122000 2012-02-13] (Blue Coat Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [204296 2012-04-01] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-08] (AVAST Software)
R1 bckd; C:\Windows\System32\drivers\bckd.sys [108304 2012-02-13] (Blue Coat Systems, Inc.)
R0 FSProFilter2; C:\Windows\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2015-10-30] (Marvell)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

[Bohuš]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-02 17:59 - 2016-01-02 17:59 - 00016099 _____ C:\Users\PC\Desktop\FRST.txt
2016-01-02 17:58 - 2016-01-02 17:59 - 00000000 ____D C:\FRST
2016-01-02 17:58 - 2016-01-02 17:58 - 02370560 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2016-01-02 17:56 - 2016-01-02 17:56 - 00000000 ____D C:\Users\PC\AppData\Local\ActiveSync
2016-01-02 17:55 - 2016-01-02 17:55 - 00010403 _____ C:\Users\PC\Desktop\zoek-results.txt
2016-01-02 17:52 - 2016-01-02 17:32 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-01-02 17:32 - 2016-01-02 17:50 - 00000000 ____D C:\zoek_backup
2016-01-02 17:31 - 2016-01-02 17:32 - 01309184 _____ C:\Users\PC\Desktop\zoek.exe
2016-01-02 17:28 - 2016-01-02 17:28 - 00003354 _____ C:\Users\PC\Desktop\RougueKiller.txt
2016-01-02 10:37 - 2016-01-02 17:56 - 00000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2016-01-02 10:30 - 2016-01-02 17:17 - 00036608 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-02 10:30 - 2016-01-02 10:46 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-02 10:30 - 2016-01-02 10:30 - 25035336 _____ C:\Users\PC\Desktop\RogueKillerX64.exe
2016-01-02 10:22 - 2016-01-02 10:23 - 01599336 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2016-01-01 18:02 - 2016-01-02 10:17 - 00000000 ____D C:\AdwCleaner
2016-01-01 18:02 - 2016-01-01 18:01 - 01745920 _____ C:\Users\PC\Desktop\adwcleaner_5.027.exe
2016-01-01 17:38 - 2016-01-01 17:38 - 00601716 _____ C:\Users\PC\Documents\Scan0175.pdf
2015-12-31 17:13 - 2016-01-01 18:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-31 17:12 - 2015-12-31 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-31 17:12 - 2015-12-31 17:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-31 17:12 - 2015-12-31 17:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-31 17:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-31 17:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-31 17:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-31 16:28 - 2015-12-31 16:28 - 01685013 _____ C:\Users\PC\Documents\Scan0174.pdf
2015-12-31 13:56 - 2015-09-12 11:06 - 00452235 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20151231-135643.backup
2015-12-31 13:26 - 2015-12-31 13:44 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
2015-12-31 13:05 - 2015-12-31 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-31 13:03 - 2015-12-31 13:03 - 00226016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-29 21:06 - 2015-12-29 21:06 - 00523487 _____ C:\Users\PC\Documents\Scan0173.pdf
2015-12-29 21:04 - 2015-12-29 21:04 - 00460969 _____ C:\Users\PC\Documents\Scan0172.pdf
2015-12-29 19:11 - 2015-12-31 13:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-28 18:34 - 2015-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-22 10:38 - 2015-12-22 10:38 - 01009533 _____ C:\Users\PC\Documents\Scan0171.pdf
2015-12-21 20:19 - 2015-12-21 20:19 - 00533679 _____ C:\Users\PC\Documents\Scan0170.pdf
2015-12-21 19:38 - 2015-12-21 19:38 - 00334078 _____ C:\Users\PC\Documents\Scan0169.pdf
2015-12-20 20:24 - 2015-12-20 20:24 - 00623469 _____ C:\Users\PC\Documents\Scan0168.pdf
2015-12-17 19:12 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-17 19:12 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 19:12 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-17 19:12 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 19:12 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-17 19:12 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-17 19:12 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-17 19:12 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-17 19:12 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-17 19:12 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-17 19:12 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 19:12 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 19:12 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 19:12 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 19:12 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 19:12 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 19:12 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 19:12 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 19:12 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 19:12 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 19:12 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-17 19:12 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 19:12 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 19:12 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 19:12 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 19:12 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-17 19:12 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-17 19:12 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-17 19:12 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-17 19:12 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-17 19:12 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 19:12 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-17 19:12 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-17 19:12 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 19:12 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 19:12 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 19:12 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 19:12 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-17 19:12 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-17 19:12 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-17 19:12 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-17 19:12 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 19:12 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-17 19:12 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-17 19:12 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-17 19:12 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 19:12 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-17 19:12 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-17 19:12 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-17 19:12 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-17 19:12 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-17 19:12 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-17 19:12 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 19:12 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-17 19:12 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 19:12 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-17 19:12 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-17 19:12 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 19:12 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 19:12 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 19:12 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-17 19:12 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-17 19:12 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 19:12 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 19:12 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-17 19:12 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-17 19:12 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 19:12 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-17 19:12 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-17 19:12 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-17 19:12 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-17 19:12 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:07 - 2015-12-17 18:07 - 00543372 _____ C:\Users\PC\Documents\Scan0167.pdf
2015-12-16 20:10 - 2015-12-16 20:10 - 00567721 _____ C:\Users\PC\Documents\Scan0166.pdf
2015-12-16 18:08 - 2015-12-16 18:08 - 04480540 _____ C:\Users\PC\Documents\Scan0165.pdf
2015-12-16 18:06 - 2015-12-16 18:07 - 00845368 _____ C:\Users\PC\Documents\Scan0164.pdf
2015-12-16 18:05 - 2015-12-16 18:05 - 01128293 _____ C:\Users\PC\Documents\Scan0163.pdf
2015-12-16 18:02 - 2015-12-16 18:02 - 00899766 _____ C:\Users\PC\Documents\Scan0162.pdf
2015-12-16 18:00 - 2015-12-16 18:00 - 01762772 _____ C:\Users\PC\Documents\Scan0161.pdf
2015-12-16 17:24 - 2015-12-16 17:24 - 00518493 _____ C:\Users\PC\Documents\Scan0160.pdf
2015-12-16 17:23 - 2015-12-16 17:23 - 00256793 _____ C:\Users\PC\Documents\Scan0159.pdf
2015-12-16 16:22 - 2015-12-16 16:22 - 03085377 _____ C:\Users\PC\Documents\Scan0158.pdf
2015-12-15 21:10 - 2015-12-15 21:10 - 04589400 _____ C:\Users\PC\Documents\Scan0157.pdf
2015-12-15 21:08 - 2015-12-15 21:08 - 07159497 _____ C:\Users\PC\Documents\Scan0156.pdf
2015-12-15 21:06 - 2015-12-15 21:06 - 11785421 _____ C:\Users\PC\Documents\Scan0155.pdf
2015-12-15 21:01 - 2015-12-15 21:01 - 01551352 _____ C:\Users\PC\Documents\Scan0154.pdf
2015-12-14 17:08 - 2015-12-14 17:08 - 00538803 _____ C:\Users\PC\Documents\Scan0153.pdf
2015-12-14 16:11 - 2015-12-14 16:11 - 00560654 _____ C:\Users\PC\Documents\Scan0152.pdf
2015-12-11 17:53 - 2015-12-11 17:53 - 00585063 _____ C:\Users\PC\Documents\Scan0151.pdf
2015-12-09 19:26 - 2015-12-09 19:26 - 00575352 _____ C:\Users\PC\Documents\Scan0150.pdf
2015-12-09 17:09 - 2015-12-09 17:09 - 00552531 _____ C:\Users\PC\Documents\Scan0149.pdf
2015-12-09 16:35 - 2015-12-09 16:35 - 00899406 _____ C:\Users\PC\Documents\Scan0148.pdf
2015-12-09 16:35 - 2015-12-09 16:35 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-09 16:34 - 2015-12-09 16:34 - 00168853 _____ C:\Users\PC\Documents\Scan0147.pdf
2015-12-09 16:26 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 16:26 - 2015-11-24 13:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 16:26 - 2015-11-24 12:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 16:26 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 16:26 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 16:26 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 16:26 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 16:26 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 16:26 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 16:26 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 16:26 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 16:26 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 16:26 - 2015-11-24 09:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 16:26 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 16:26 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 16:26 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 16:26 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 16:26 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 16:26 - 2015-11-24 09:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 16:26 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 16:26 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 16:26 - 2015-11-24 08:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 16:26 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 16:26 - 2015-11-24 08:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 16:26 - 2015-11-24 08:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 16:26 - 2015-11-24 08:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 16:26 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 16:37 - 2015-12-08 16:37 - 03728865 _____ C:\Users\PC\Documents\Scan0146.pdf
2015-12-08 15:24 - 2015-12-08 15:24 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-08 15:24 - 2015-12-08 15:24 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-07 15:59 - 2015-12-07 15:59 - 00276969 _____ C:\Users\PC\Documents\Scan0145.pdf
2015-12-07 15:56 - 2015-12-07 15:56 - 02514610 _____ C:\Users\PC\Documents\Scan0144.pdf
2015-12-03 15:24 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 15:24 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 15:24 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 15:24 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 15:24 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 15:24 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 15:24 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 15:24 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 15:24 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 15:24 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 15:24 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 15:24 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 15:24 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 15:24 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 15:24 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 15:24 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 15:24 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 15:24 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 15:24 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 15:24 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 15:24 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 15:24 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 15:24 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 15:24 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 15:24 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 15:24 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 15:24 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 15:24 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 15:24 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 15:24 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 15:24 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 15:24 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 15:24 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 15:24 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 15:24 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 15:24 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 15:24 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 15:24 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 15:24 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 15:24 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 15:24 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 15:24 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 15:24 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 15:24 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 15:24 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 15:24 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 15:24 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 15:24 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 15:24 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 15:24 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 15:24 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 15:24 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 15:24 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 15:24 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 15:24 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 15:24 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 15:24 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 15:24 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 15:24 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 15:24 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 15:24 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 15:24 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 15:24 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 15:24 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 15:24 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 15:24 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 15:24 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 15:24 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 15:24 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 15:24 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 15:24 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 15:24 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 15:24 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 15:24 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 15:24 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 15:24 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 15:24 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 15:24 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 15:24 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 15:24 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 15:24 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 15:24 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 15:24 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 15:24 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 15:24 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 15:24 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 15:24 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 15:24 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 15:24 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 15:24 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 15:24 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 15:24 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 15:24 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 15:24 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 15:24 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 15:24 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 15:24 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 15:24 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 15:24 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 15:24 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 15:24 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 15:24 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-03 15:24 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 15:24 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 15:24 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 15:24 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 15:24 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 15:24 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 15:24 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-02 17:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-02 17:55 - 2014-11-18 21:01 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-01-02 17:55 - 2014-11-18 18:01 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-02 17:54 - 2015-11-27 21:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-02 17:54 - 2015-11-27 20:49 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-02 17:54 - 2015-11-27 20:49 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2016-01-02 17:53 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-02 17:50 - 2015-11-27 20:52 - 00000000 ____D C:\Users\PC
2016-01-02 17:47 - 2014-11-18 18:01 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-02 17:25 - 2014-12-05 14:31 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-02 17:20 - 2015-11-27 20:51 - 01008216 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-02 17:20 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-02 16:28 - 2015-09-15 19:25 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1AD57C5D-E272-4530-8523-770C88368009}
2016-01-02 15:00 - 2015-09-06 09:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-02 14:59 - 2015-09-06 09:56 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-02 10:20 - 2014-11-18 18:03 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-01 17:59 - 2015-08-03 19:36 - 00000000 ____D C:\Users\PC\AppData\Local\Comms
2016-01-01 17:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-31 17:22 - 2015-11-27 20:56 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-31 17:22 - 2015-11-18 13:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-31 17:22 - 2015-11-18 13:35 - 00002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-12-31 17:22 - 2015-08-03 16:32 - 00002368 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-31 17:22 - 2015-08-03 16:25 - 00001051 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voliteľné funkcie.lnk
2015-12-31 17:22 - 2015-06-03 10:25 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-12-31 17:22 - 2015-05-22 19:08 - 00002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-31 17:22 - 2015-04-14 08:23 - 00002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 7.lnk
2015-12-31 17:22 - 2014-11-19 12:10 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-12-31 17:22 - 2014-11-19 10:03 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-31 17:22 - 2014-11-19 10:03 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-31 17:22 - 2014-11-18 18:41 - 00002725 _____ C:\Users\PC\Desktop\Microsoft Office Word 2007.lnk
2015-12-31 17:22 - 2014-11-18 18:41 - 00002639 _____ C:\Users\PC\Desktop\Microsoft Office Excel 2007.lnk
2015-12-31 13:06 - 2014-11-18 21:01 - 00000000 ____D C:\ProgramData\Skype
2015-12-31 13:05 - 2015-09-05 07:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-31 13:03 - 2014-11-19 10:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-31 11:46 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 11:40 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-30 15:55 - 2014-11-18 21:33 - 00000000 ____D C:\Program Files\Blue Coat K9 Web Protection
2015-12-28 19:03 - 2015-11-28 09:13 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-28 19:03 - 2015-11-27 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-27 22:10 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-27 22:10 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-19 12:00 - 2014-11-18 18:01 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 12:00 - 2014-11-18 18:01 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-18 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-13 14:37 - 2014-11-18 21:17 - 00000000 ____D C:\Users\PC\AppData\Roaming\HpUpdate
2015-12-10 19:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-09 16:36 - 2014-11-18 18:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 16:34 - 2014-11-19 09:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 16:30 - 2014-11-19 09:16 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 16:25 - 2014-12-05 14:31 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-08 15:24 - 2014-11-18 18:01 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-08 15:24 - 2014-11-18 18:01 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-08 15:24 - 2014-11-18 18:01 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-08 15:24 - 2014-11-18 18:01 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-08 15:24 - 2014-11-18 18:01 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-08 15:24 - 2014-11-18 18:01 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-07 16:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 19:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-04 18:42 - 2014-11-18 18:01 - 00004010 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 18:42 - 2014-11-18 18:01 - 00003778 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 18:01 - 2015-08-04 19:42 - 00000000 ____D C:\Users\PC\AppData\Local\IE Tab

==================== Files in the root of some directories =======

2014-11-18 21:14 - 2014-11-18 21:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-24 11:00 - 2015-08-03 19:28 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-02 10:04

==================== End of FRST.txt ============================

[Bohuš]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by PC (2016-01-02 17:59:54)
Running from C:\Users\PC\Desktop
Windows 10 Home (X64) (2015-11-27 20:06:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1447758070-3208373595-3319655905-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1447758070-3208373595-3319655905-503 - Limited - Disabled)
Guest (S-1-5-21-1447758070-3208373595-3319655905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1447758070-3208373595-3319655905-1002 - Limited - Enabled)
PC (S-1-5-21-1447758070-3208373595-3319655905-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{18A24EC3-2BA0-4438-AA5C-A3CF81194D22}_AdAwareUpdater) (Version: 11.8.586.8535 - Lavasoft)
AdAwareInstaller (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizácie NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Ashampoo Burning Studio 9.03 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.0.3 - ashampoo GmbH & Co. KG)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Fakturatik (HKLM-x32\...\Fakturatik_is1) (Version: - Rastislav Korytár - RK Software)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 43.0.3 (x86 sk) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 sk)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 sk)) (Version: 38.5.0 - Mozilla)
My Lockbox 3.8.3 (HKLM\...\My Lockbox_is1) (Version: 3.8.3 - )
Nitro Pro 7 (HKLM\...\{25AC9C66-2795-4022-AD15-BAB4902EF6E3}) (Version: 7.3.1.6 - Nitro PDF Software)
NVIDIA 3D Vision radič ovládača 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafický ovládač 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.20 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Ziacik v3.1 (HKLM-x32\...\Ziacik v3.1) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {11F2CEF1-C8ED-4D10-8C59-87EF04DF922F} - System32\Tasks\{22F47926-3A0C-4F8E-9E06-0B229A33D049} => pcalua.exe -a "C:\Program Files\Andy\AndyUninstall.exe" -d "C:\Program Files\Andy"
Task: {14035AE4-8995-48A1-8242-3EC6CD28CB11} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {15E39C71-724B-4DFC-9F01-B4FACD7F8F94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {27C7AB13-B4E9-4B70-9E29-E3B48FCFE364} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {32CDC5F2-E998-4746-95FC-FDF29EF6B29C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {347380EE-EEA8-4D54-AA43-BC3D3E2362D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {3ECB778C-D478-44E8-A1C4-C4D6945ADD71} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3FD229B3-9F88-4089-B0D8-FBDF1BBB9199} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {40A4AC29-594C-4D6D-9ED1-6FFDC850430E} - System32\Tasks\{39D47786-8C84-4A53-BEE3-0EBCB1687682} => D:\Internet\BlueStacks-SplitInstaller_native.exe
Task: {47DBC052-6B12-4F39-B7A8-8173FCCF0D2C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {48426837-3300-46E7-8357-3B582D9C9B47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-08] (AVAST Software)
Task: {4980D8DC-9158-492D-B94C-97282F735465} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4AEE93A4-D647-4036-924A-71D56847A3B4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {53831836-4F01-4747-989D-7FF14D7EC937} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {5CD09487-6CDD-4170-9A52-1E1C3B9130AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {5E43049E-5238-428A-AFB3-46F3B011DC3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {600DE539-A6C6-4381-B5FB-715A69DDCE6F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6096551F-20CA-4EEA-BBB7-8B9D0F08BC48} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {6536008F-B063-4312-B2BC-00E7F663A365} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6BE76FDE-7830-4FC0-8B56-654AD373AF30} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {737F04F0-E78E-4F75-B871-E3C4C0E44724} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {74595268-5179-4FB1-9B4D-A116B70EEA8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {7A84B4DF-77D2-4B96-A5B6-11C79ACB7A94} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {7B602691-8B9D-482A-AA14-69A4740C9669} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7E073F1D-F2BF-4279-8534-99583A2339FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7EB79165-5266-47D3-8A62-2276788E0BC8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {861D86F6-768B-419C-9E94-3D126BE1ED19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8A4FFFA6-B504-4D9B-A8EC-6370AF26A7F7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8BA161CA-EA86-4E5D-9BAE-FD463C234967} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {923BAA3F-6A86-41C1-902F-874ADA5FFE32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {99D47878-B98E-4579-B96B-0930B705E1A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9B96FE7F-AE77-4356-85E4-88C6D3E4FF90} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A0E988A3-00B3-4698-BCAF-55E5D3E39CE7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A9E6F3E8-E45F-4DDA-B2AA-1737A23E0CBD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {B2D144E2-55A2-4B08-B74C-9B7EF030A953} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B35A5434-E5D7-4026-9396-46CD7BB6419F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {BBCEB5D9-5743-4798-8018-6F921367F2EB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {C21004F5-8D38-407A-A878-1DAC37686C65} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CCB159C9-7571-413E-9C99-2EF8A823D4F8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {DA17A224-7343-4A05-8973-158F84764570} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F34D6193-CAA7-4EE5-B2E0-3F7423136FFA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F43CD631-BA0E-4BB4-AB69-5F495E7C5D3D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F7844196-84D7-4CA6-BB9E-E63E8EE3D78B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {FFBF238D-6747-4B85-A9D8-DB93BCB5E6B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-27 20:49 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 15:24 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 19:12 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 16:10 - 2015-12-17 16:11 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 15:24 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-04-01 23:20 - 2012-04-01 23:20 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2015-12-17 19:12 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 19:12 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-08 15:24 - 2015-12-08 15:24 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-08 15:24 - 2015-12-08 15:24 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-02 14:22 - 2016-01-02 14:22 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010200\algo.dll
2015-12-08 15:24 - 2015-12-08 15:24 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-17 16:10 - 2015-12-17 16:11 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 16:10 - 2015-12-17 16:11 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 18:12 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-08 15:24 - 2015-12-08 15:24 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-01-02 17:54 - 00002451 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9
216.239.32.20 www.google.com.co # bck9
216.239.32.20 www.google.com.gr # bck9
216.239.32.20 www.google.com.hk # bck9
216.239.32.20 www.google.com.mx # bck9
216.239.32.20 www.google.com.my # bck9
216.239.32.20 www.google.com.pe # bck9
216.239.32.20 www.google.com.ph # bck9
216.239.32.20 www.google.com.pk # bck9
216.239.32.20 www.google.com.sg # bck9
216.239.32.20 www.google.com.tr # bck9
216.239.32.20 www.google.com.tw # bck9

There are 60 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Fotky 8\2015 Turecko\0002.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKLM\...\StartupApproved\Run: => "mylbx"
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\StartupApproved\Run: => "HP Officejet Pro 8600 (NET)"
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5B8E5FE0-788A-4605-8A28-688C792C2A86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0F4EB437-A37D-4C9B-B1BB-C20FFC1751F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6FA505E6-69DA-4930-9907-CED2C7E3C3D0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D4D28579-747A-4794-ADAD-7DCF20AE26E0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7166E71A-C2E0-4515-84E7-E56A8D6BF0E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7D394205-579E-4D30-AA4B-B9C87080CCE2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{5FC3D659-2D9C-40E0-8E01-EA4A0F0F9A09}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{112BBF23-60E5-44AE-91F9-6DF47E06B714}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{B2B29B79-D6F1-4B0C-8B78-87CA364C49FA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{F80B944C-8F35-4083-9D61-80CC68FC0930}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CE58F09B-DE96-46CA-BC39-99BFEFB814C2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{EB486950-EA26-408E-ABE1-A5224965D4D9}D:\program files (x86)\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3DD53B06-57E5-48DC-8071-64192D74DD6C}D:\program files (x86)\world_of_tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{3394039B-7ABD-43CA-841B-8442420802FD}D:\program files (x86)\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A086BD88-8FD0-4580-9BDE-991BDA2AA3B4}D:\program files (x86)\world_of_tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{E113DC8D-D7C0-4273-BB37-05E78F3728BE}E:\easysetupassistant\tl-wdr3500\easysetupassistant.exe] => (Allow) E:\easysetupassistant\tl-wdr3500\easysetupassistant.exe
FirewallRules: [UDP Query User{D2DD27DC-80F0-428A-A827-6CABDB82C353}E:\easysetupassistant\tl-wdr3500\easysetupassistant.exe] => (Allow) E:\easysetupassistant\tl-wdr3500\easysetupassistant.exe
FirewallRules: [{25730846-8388-4785-9BA3-E33BF8BFF5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{419FC309-AE59-48C7-B423-7834CF53B79A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{06C4B32C-18B3-4F2B-85B7-BC37B875AE50}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB55996D-AAFB-46A3-AEF9-8310C768BC81}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4AE40C87-C1DF-4911-811D-7C9C04C3100E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38CDEFDD-CBCD-4D68-9EE3-938C84A65540}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C98203D0-48B8-4244-90E4-7E72B223F417}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CD40BBF6-C7B5-4ED1-8E46-626B55B68A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F00AFE59-AC86-4AC0-AB68-E69774DC8311}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{876C2D5A-8F2F-4B0F-9C14-1148E611B77B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{023637AB-9C5D-4C27-BE8E-85C639DAE5A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AD5E834-71B0-4008-BC67-0BBBDC800FEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

17-12-2015 19:13:56 Windows Update
27-12-2015 12:43:46 Scheduled Checkpoint
31-12-2015 11:45:57 Windows Update
01-01-2016 17:34:30 Windows Zálohovanie
02-01-2016 10:23:53 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Multimedia Controller
Description: Multimedia Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2016 06:00:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/02/2016 06:00:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/02/2016 05:56:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x18f4
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:55:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x18dc
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:55:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x1bc4
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x18b0
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x17f4
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:55:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PC-PC)
Description: Aktivácia aplikácie Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp zlyhala pre chybu: -2144927148 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (01/02/2016 05:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0xdc4
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5

Error: (01/02/2016 05:29:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchUI.exe, verzia: 10.0.10586.35, časová značka: 0x566503dc
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.35, časová značka: 0x566505e8
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006fcc8b
Identifikácia chybujúceho procesu: 0x1dd0
Čas spustenia chybujúcej aplikácie: 0xSearchUI.exe0
Cesta chybujúcej aplikácie: SearchUI.exe1
Cesta chybujúceho modulu: SearchUI.exe2
Identifikácia hlásenia: SearchUI.exe3
Celé meno chybujúceho balíka: SearchUI.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: SearchUI.exe5


System errors:
=============
Error: (01/02/2016 05:54:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
%%1058

Error: (01/02/2016 05:53:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Prístup k používateľským údajom_35dfe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/02/2016 05:53:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ukladací priestor používateľských údajov_35dfe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/02/2016 05:53:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Kontaktné údaje_35dfe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/02/2016 05:53:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sync Host_35dfe sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/02/2016 05:50:07 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/02/2016 05:50:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/02/2016 05:50:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/02/2016 05:50:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/02/2016 05:50:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.


CodeIntegrity:
===================================
Date: 2016-01-02 10:22:18.471
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-31 13:07:01.668
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-19 11:56:23.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-11 17:42:16.313
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-10 19:26:47.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-10 18:59:36.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-06 14:08:24.760
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-05 11:41:02.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-05 11:38:37.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-27 21:22:02.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9650 @ 3.00GHz
Percentage of memory in use: 26%
Total physical RAM: 6142.86 MB
Available physical RAM: 4533.66 MB
Total Virtual: 12286.86 MB
Available Virtual: 10660.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:278.92 GB) (Free:232.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.5 GB) (Free:559.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 279.5 GB) (Disk ID: 1D281D28)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1D6A1D6A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jerabina]

Odinstaluj Ad-Aware Antivirus

Podívej se co je v této složce:
C:\WINDOWS\CbsTemp

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\ProgramData\Ament.ini
C:\ProgramData\AndyDrivers.zip
C:\WINDOWS\SYSTEM32\ism32k.dll
C:\WINDOWS\SYSTEM32\mqsvc.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> (No File)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

FF NewTab: about:newtab
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1447758070-3208373595-3319655905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

CHR HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

U3 idsvc; no ImagePath

C:\ProgramData\RogueKiller
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\Program Files\Common Files\AV\Spybot - Search and Destroy

Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {11F2CEF1-C8ED-4D10-8C59-87EF04DF922F} - System32\Tasks\{22F47926-3A0C-4F8E-9E06-0B229A33D049} => pcalua.exe -a "C:\Program Files\Andy\AndyUninstall.exe" -d "C:\Program Files\Andy"
Task: {15E39C71-724B-4DFC-9F01-B4FACD7F8F94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {347380EE-EEA8-4D54-AA43-BC3D3E2362D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {40A4AC29-594C-4D6D-9ED1-6FFDC850430E} - System32\Tasks\{39D47786-8C84-4A53-BEE3-0EBCB1687682} => D:\Internet\BlueStacks-SplitInstaller_native.exe
Task: {47DBC052-6B12-4F39-B7A8-8173FCCF0D2C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {53831836-4F01-4747-989D-7FF14D7EC937} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {5CD09487-6CDD-4170-9A52-1E1C3B9130AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {600DE539-A6C6-4381-B5FB-715A69DDCE6F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6BE76FDE-7830-4FC0-8B56-654AD373AF30} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {737F04F0-E78E-4F75-B871-E3C4C0E44724} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {74595268-5179-4FB1-9B4D-A116B70EEA8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {7B602691-8B9D-482A-AA14-69A4740C9669} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7E073F1D-F2BF-4279-8534-99583A2339FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {861D86F6-768B-419C-9E94-3D126BE1ED19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {923BAA3F-6A86-41C1-902F-874ADA5FFE32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2D144E2-55A2-4B08-B74C-9B7EF030A953} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F34D6193-CAA7-4EE5-B2E0-3F7423136FFA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Google\Update

AlternateDataStreams: C:\Windows:nlsPreferences

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123simsen.com -> www.123simsen.com

127.0.0.1 localhost
216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9
216.239.32.20 www.google.com.co # bck9
216.239.32.20 www.google.com.gr # bck9
216.239.32.20 www.google.com.hk # bck9
216.239.32.20 www.google.com.mx # bck9
216.239.32.20 www.google.com.my # bck9
216.239.32.20 www.google.com.pe # bck9
216.239.32.20 www.google.com.ph # bck9
216.239.32.20 www.google.com.pk # bck9
216.239.32.20 www.google.com.sg # bck9
216.239.32.20 www.google.com.tr # bck9
216.239.32.20 www.google.com.tw # bck9

Hosts:
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Bohuš]

https://www.virustotal.com/sk/file/8b3c ... 451814395/

[Bohuš]

https://www.virustotal.com/sk/file/e4d6 ... 451814602/

[Bohuš]

C:\WINDOWS\SYSTEM32\ism32k.dll
C:\WINDOWS\SYSTEM32\mqsvc.exe
Subory sa nenašli....

[Bohuš]

http://www.msn.com/?ocid=wispr toto stale naskoči po reštarte

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by PC (2016-01-03 11:05:56) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> (No File)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

FF NewTab: about:newtab
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1447758070-3208373595-3319655905-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

CHR HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

U3 idsvc; no ImagePath

C:\ProgramData\RogueKiller
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\Program Files\Common Files\AV\Spybot - Search and Destroy

Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {11F2CEF1-C8ED-4D10-8C59-87EF04DF922F} - System32\Tasks\{22F47926-3A0C-4F8E-9E06-0B229A33D049} => pcalua.exe -a "C:\Program Files\Andy\AndyUninstall.exe" -d "C:\Program Files\Andy"
Task: {15E39C71-724B-4DFC-9F01-B4FACD7F8F94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {347380EE-EEA8-4D54-AA43-BC3D3E2362D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {40A4AC29-594C-4D6D-9ED1-6FFDC850430E} - System32\Tasks\{39D47786-8C84-4A53-BEE3-0EBCB1687682} => D:\Internet\BlueStacks-SplitInstaller_native.exe
Task: {47DBC052-6B12-4F39-B7A8-8173FCCF0D2C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {53831836-4F01-4747-989D-7FF14D7EC937} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {5CD09487-6CDD-4170-9A52-1E1C3B9130AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {600DE539-A6C6-4381-B5FB-715A69DDCE6F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6BE76FDE-7830-4FC0-8B56-654AD373AF30} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {737F04F0-E78E-4F75-B871-E3C4C0E44724} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {74595268-5179-4FB1-9B4D-A116B70EEA8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {7B602691-8B9D-482A-AA14-69A4740C9669} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7E073F1D-F2BF-4279-8534-99583A2339FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {861D86F6-768B-419C-9E94-3D126BE1ED19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {923BAA3F-6A86-41C1-902F-874ADA5FFE32} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2D144E2-55A2-4B08-B74C-9B7EF030A953} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F34D6193-CAA7-4EE5-B2E0-3F7423136FFA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Google\Update

AlternateDataStreams: C:\Windows:nlsPreferences

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\...\123simsen.com -> www.123simsen.com

127.0.0.1 localhost
216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9
216.239.32.20 www.google.com.co # bck9
216.239.32.20 www.google.com.gr # bck9
216.239.32.20 www.google.com.hk # bck9
216.239.32.20 www.google.com.mx # bck9
216.239.32.20 www.google.com.my # bck9
216.239.32.20 www.google.com.pe # bck9
216.239.32.20 www.google.com.ph # bck9
216.239.32.20 www.google.com.pk # bck9
216.239.32.20 www.google.com.sg # bck9
216.239.32.20 www.google.com.tr # bck9
216.239.32.20 www.google.com.tw # bck9

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value removed successfully
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> (No File) => not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Firefox "newtab" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => key removed successfully
idsvc => service removed successfully
C:\ProgramData\RogueKiller => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\Program Files\Common Files\AV\Spybot - Search and Destroy => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CFE2E40-6A97-48C5-9F38-DE82315CF1B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CFE2E40-6A97-48C5-9F38-DE82315CF1B0}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11F2CEF1-C8ED-4D10-8C59-87EF04DF922F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11F2CEF1-C8ED-4D10-8C59-87EF04DF922F}" => key removed successfully
C:\WINDOWS\System32\Tasks\{22F47926-3A0C-4F8E-9E06-0B229A33D049} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22F47926-3A0C-4F8E-9E06-0B229A33D049}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15E39C71-724B-4DFC-9F01-B4FACD7F8F94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15E39C71-724B-4DFC-9F01-B4FACD7F8F94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{347380EE-EEA8-4D54-AA43-BC3D3E2362D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347380EE-EEA8-4D54-AA43-BC3D3E2362D3}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40A4AC29-594C-4D6D-9ED1-6FFDC850430E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40A4AC29-594C-4D6D-9ED1-6FFDC850430E}" => key removed successfully
C:\WINDOWS\System32\Tasks\{39D47786-8C84-4A53-BEE3-0EBCB1687682} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39D47786-8C84-4A53-BEE3-0EBCB1687682}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47DBC052-6B12-4F39-B7A8-8173FCCF0D2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47DBC052-6B12-4F39-B7A8-8173FCCF0D2C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53831836-4F01-4747-989D-7FF14D7EC937}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53831836-4F01-4747-989D-7FF14D7EC937}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CD09487-6CDD-4170-9A52-1E1C3B9130AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CD09487-6CDD-4170-9A52-1E1C3B9130AF}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{600DE539-A6C6-4381-B5FB-715A69DDCE6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{600DE539-A6C6-4381-B5FB-715A69DDCE6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BE76FDE-7830-4FC0-8B56-654AD373AF30}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BE76FDE-7830-4FC0-8B56-654AD373AF30}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{737F04F0-E78E-4F75-B871-E3C4C0E44724}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{737F04F0-E78E-4F75-B871-E3C4C0E44724}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74595268-5179-4FB1-9B4D-A116B70EEA8F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74595268-5179-4FB1-9B4D-A116B70EEA8F}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B602691-8B9D-482A-AA14-69A4740C9669}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B602691-8B9D-482A-AA14-69A4740C9669}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E073F1D-F2BF-4279-8534-99583A2339FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E073F1D-F2BF-4279-8534-99583A2339FC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{861D86F6-768B-419C-9E94-3D126BE1ED19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{861D86F6-768B-419C-9E94-3D126BE1ED19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{923BAA3F-6A86-41C1-902F-874ADA5FFE32}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{923BAA3F-6A86-41C1-902F-874ADA5FFE32}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2D144E2-55A2-4B08-B74C-9B7EF030A953}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2D144E2-55A2-4B08-B74C-9B7EF030A953}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34D6193-CAA7-4EE5-B2E0-3F7423136FFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34D6193-CAA7-4EE5-B2E0-3F7423136FFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Program Files (x86)\Google\Update => moved successfully
C:\Windows => ":nlsPreferences" ADS removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\007guard.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\010402.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\032439.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-2005-search.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1000gratisproben.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001namen.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100888290cs.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\10sek.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-26.net" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-27.net" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123fporn.info" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123haustiereundmehr.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123moviedownload.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123simsen.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\007guard.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\010402.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\032439.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-2005-search.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1000gratisproben.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001namen.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100888290cs.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\10sek.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-26.net" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12-27.net" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123fporn.info" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123haustiereundmehr.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123moviedownload.com" => key removed successfully
"HKU\S-1-5-21-1447758070-3208373595-3319655905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123simsen.com" => key removed successfully
127.0.0.1 localhost => Error: No automatic fix found for this entry.
216.239.32.20 www.google.ae # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.at # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.be # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.ca # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.ch # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.cl # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.il # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.in # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.jp # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.kr # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.nz # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.uk # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.ve # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.co.za # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.ar # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.au # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.br # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.co # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.gr # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.hk # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.mx # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.my # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.pe # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.ph # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.pk # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.sg # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.tr # bck9 => Error: No automatic fix found for this entry.
216.239.32.20 www.google.com.tw # bck9 => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 64.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 11:06:10 ====

[Bohuš]

C:\WINDOWS\CbsTemp je prazdna