Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

doktorcz · Příspěvekod **doktorcz** » 26 led 2016 11:10

Systém je celkově pomalejší,hlavně třeba průzkumník velice dlouho načítá adresáře a složky.Stejně tak firefox se občas zasekne ale co hlavně ,při každém otevření prohlížeče se mi otevřou okna z minula(což je OK ale k nim jedno nové okno navíc s tímto vyhledávačem :
http://chedotgame.com/search/
Domovskou stránku mi to nezměnilo ,ale seznam vyhledávačuů ano (v poly hledat).V nastavení v doplňkách to není a ani v rozšíření. Je to i v chromu a opeře.V doplňkách a rozšířeních jsem to ale nenašel.

Stejně tak ovládání myší je takové nepřirozené (nedělá co by měla,občas zatuhne a naopak občas je moc rychlá.
PC jsem skenoval ADAware ,mbam a superantispyware.Všichni tři něco našli a smazali,ale tohodle se nějak nemůžu zbavit.
Díky za pomoc Pavel

*************************************************************************************************************************************************************************************

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:13, on 26.1.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)

FIREFOX: 43.0.4 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
c:\PROGRA~2\mozilla firefox\firefox.exe
C:\Users\Uživatel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:c42f7dc320e4b7dedc8ef4efeb3ead18] "C:\Users\UIVATE~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Uživatel\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Degoo .lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ???? (ZhuDongFangYu) - 360.cn - C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 12352 bytes

Reklama

Příspěvekod **jaro3** » 26 led 2016 15:04

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

doktorcz · Příspěvekod **doktorcz** » 26 led 2016 16:21

# AdwCleaner v5.031 - Logfile created 26/01/2016 at 16:15:43
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Uživatel - UZIVATEL_PC
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_5.031(1).exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

########## EOF - C:\AdwCleaner\AdwCleaner[S20].txt - [737 bytes] ##########

doktorcz · Příspěvekod **doktorcz** » 26 led 2016 16:51

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.1.2016
Čas skenování: 16:23
Protokol:
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.26.04
Databáze rootkitů: v2016.01.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Uživatel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 542075
Uplynulý čas: 25 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jaro3** » 27 led 2016 09:40

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně na pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

doktorcz · Příspěvekod **doktorcz** » 27 led 2016 12:59

# AdwCleaner v5.031 - Logfile created 27/01/2016 at 12:47:24
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Uživatel - UZIVATEL_PC
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_5.031(1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C17].txt - [835 bytes] ##########

*****************************************************************************************************************************************************************************************
JunkwareR Tool
*****************************************************************************************************************************************************************************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Pro x64
Ran by U§ivatel (Administrator) on st 27.01.2016 at 13:02:33,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 4

Successfully deleted: C:\Users\U§ivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\U§ivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod (Folder)
Successfully deleted: C:\Users\U§ivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\U§ivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 27.01.2016 at 13:06:44,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

*****************************************************************************************************************************************************************************************
ROGUEKILLER
*****************************************************************************************************************************************************************************************

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : U?ivatel [Práva správce]
Started from : C:\Users\U?ivatel\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 01/27/2016 13:59:02

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3} | DhcpNameServer : 10.0.0.138 ([X]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3} | DhcpNameServer : 10.0.0.138 ([X]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] pw77fm83.default-1453721257506 : user_pref("browser.startup.homepage", "http://www.centrum.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500KS-00MJB0 ATA Device +++++
--- User ---
[MBR] 0f810d6d774afeae80f162791123e7dd
[BSP] 0b084b90082c0c4afb273d59b724fba9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 237923 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487473152 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WD Elements 10A8 USB Device +++++
--- User ---
[MBR] e8211693fdaf556821dcf8ddaeebac3e
[BSP] 6b6eea367a1052fa3eba95a6db80432b : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Příspěvekod **Orcus** » 27 led 2016 15:10

Odinstaluj 360safe.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Co problémy? + nový log z HJT

doktorcz · Příspěvekod **doktorcz** » 27 led 2016 20:27

PC se chová stále stejně . Při otevření prohlížečů (Opera,Firefox i Chrome) stále www.cooocs.com a Rychlé přesměrování na http://chedotgame.com/search/
Jediný prohlížeč,který to nemá je Edge od MS co je v desítkách.

Jinak rychlost už je OK,snad krom spouštění to trvá bych řekl déle. Ale není to až zas takový problém.
Ještě jedna věc,nevím zda by to mohlo mít souvyslost.Dole na liště mám připnutý ty prohlížeče a při otevření se mi u chromu a firefoxu objevý nová ikona těhle programů (mám je tam tedy dvakrát.Jednu tu původní a jednu jako otevřenou.Jak sem psal,nevím jestli to má souvyslost.Každopádně jsem nic neměnil a nenastavoval.Začalo to samo cca v tu dobu,co problémy s těma stránkama.

Co se týká toho 360safe,ani jsem o něm nevěděl.Větší problém je ale jeho odinstalace.Revo ani CCleaner ho nevidí,jako program ani při hledání.A když chci dát ručně odstranit celou tu složku,tak mi to napíše,že nemám práva nebo něco takovýho.Zkoušel jsem to změnit v nastavení složky,ale taky nic.
Zkusim to ještě s něčim jiným,ale moc šancí tomu nedávám.
Stejný problém mám s,, Seznam lištička ,, Vždycky odinstaluju (používám revo ) a řekne mi to ,že zbytky odstraní po restartu,ale po restartu je vždycky znova nainstalovaná.

HJT log je na konci zprávy.

Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : U?ivatel [Práva správce]
Started from : C:\Users\U?ivatel\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 01/27/2016 18:58:14

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3} | DhcpNameServer : 10.0.0.138 ([X]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3} | DhcpNameServer : 10.0.0.138 ([X]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] pw77fm83.default-1453721257506 : user_pref("browser.startup.homepage", "http://www.centrum.cz/"); -> Nevybráno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500KS-00MJB0 ATA Device +++++
--- User ---
[MBR] 0f810d6d774afeae80f162791123e7dd
[BSP] 0b084b90082c0c4afb273d59b724fba9 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 237923 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487473152 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by U§ivatel on st 27.01.2016 at 19:01:56,62.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\UIVATE~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.1.2016 19:03:45 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\40ea84ae-5fdf-487f-b723-5612bdc177e1 deleted successfully
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Bricsys deleted successfully
C:\PROGRA~2\DLLSuite deleted successfully
C:\PROGRA~2\GRETECH deleted successfully
C:\PROGRA~2\MarkAny deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Rising Research deleted successfully
C:\PROGRA~2\SAM CoDeC Pack deleted successfully
C:\PROGRA~2\Sony Creative Software Inc deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\PROGRA~2\Western Digital Corporation deleted successfully
C:\PROGRA~2\COMMON~1\Apple deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\DAEMON Tools Lite deleted successfully
C:\PROGRA~3\firebird deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\PROGRA~3\Karen's Power Tools deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\wangzhisong\AppData\Local deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39BFCAAA-BF17-41D4-A8F9-1230C286F63B} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CC15570-8722-4535-8529-B0CAC31D4B47} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A177C3E0-7582-4580-8E1C-4146203A20F4} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C82F73D9-826B-48A1-9A31-D956125D0B79} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{00011268-E188-40DF-A514-835FCD78B1BF} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{82A76710-4F98-4957-92BE-99648A4E2475} deleted successfully
HKEY_USERS\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{cb84136f-9c44-433a-9048-c5cd9df1dc16} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\andro\AppData\Roaming\Mozilla\Firefox\Profiles\y10y8zit.default\prefs.js:

Added to C:\Users\andro\AppData\Roaming\Mozilla\Firefox\Profiles\y10y8zit.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\prefs.js:
user_pref("browser.startup.homepage", "http://www.centrum.cz/");

Added to C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\prefs.js:

Added to C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\andro\AppData\Roaming\Mozilla\Firefox\Profiles\y10y8zit.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_27.01.2016_1937_.backup

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_27.01.2016_1937_.backup

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default

---- FireFox user.js and prefs.js backups ----

user_27.01.2016_1937_.backup
prefs_27.01.2016_1937_.backup

==== Batch Command(s) Run By Tool======================

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

==== Deleting Files \ Folders ======================

C:\PROGRA~2\40ea84ae-5fdf-487f-b723-5612bdc177e1 not found
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Bricsys not found
C:\PROGRA~2\DLLSuite not found
C:\PROGRA~2\GRETECH not found
C:\PROGRA~2\MarkAny not found
C:\PROGRA~2\Rising Research not found
C:\PROGRA~2\SAM CoDeC Pack not found
C:\PROGRA~2\Sony Creative Software Inc not found
C:\PROGRA~2\VS Revo Group not found
C:\PROGRA~2\Western Digital Corporation not found
C:\Users\UIVATE~1\AppData\Local\VS Revo Group deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\wangzhisong deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\searchplugins\search.xml deleted
C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\CT1269415 deleted
C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\CT1361345 deleted
C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\CT1434207 deleted
C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\CT2529008 deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\andro\AppData\Roaming\Mozilla\Firefox\Profiles\y10y8zit.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [07.01.2014 11:12]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc2@internetdownloadmanager.com"="C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi" [23.09.2015 10:20]

==== Firefox Extensions ======================

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Mega Button - %ProfilePath%\extensions\jid1-STt04aUU3EuD3A@jetpack.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

ProfilePath: C:\Users\UIVATE~1\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default
- Undetermined - C:\Users\UĹľivatel\AppData\Roaming\Thunderbird\Profiles\zcwmpfw9.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Mail Merge - %ProfilePath%\extensions\mailmerge@example.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bknbnapaddjdnbilpmlacdkjdkjmbjhd - No path found[]
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.07.2015 10:25]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bknbnapaddjdnbilpmlacdkjdkjmbjhd - No path found[]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Docs - andro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ma]
@="http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\6D4FA089415C9FCCAFEDF216C5EDC22C - http://videa.seznam.cz/?q={searchTerms}
HKCU\SearchScopes\73CB03F7C33C318B01EC942CC0EE3B92 - http://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
HKCU\SearchScopes\9B33E58D86F9336F710C1DEF2C2C610F - http://www.firmy.cz/phr/{searchTerms}
HKCU\SearchScopes\B8D479F19C4EDCAB256CB3F3BC86DBFD - http://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AVND_csCZ563

==== Reset Google Chrome ======================

C:\Users\andro\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\andro\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\andro\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\andro\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\andro\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=164 folders=86 190049557 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\UIVATE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 27.01.2016 at 19:54:01,44 ======================

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:42, on 27.1.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)

FIREFOX: 43.0.4 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\Uživatel\AppData\Local\Degoo\Degoo.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Users\Uživatel\AppData\Local\Degoo\DegooHealthCheck.exe
c:\PROGRA~2\mozilla firefox\firefox.exe
C:\Users\Uživatel\Desktop\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Degoo .lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ???? (ZhuDongFangYu) - 360.cn - C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 12553 bytes

Příspěvekod **jaro3** » 28 led 2016 10:14

Avast a zbytky AVg a Ad-Aware.. zkus odinstalovat.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O15 - Trusted Zone: http://*.webcompanion.com

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

doktorcz · Příspěvekod **doktorcz** » 28 led 2016 13:07

# DelFix v1.011 - Logfile created 28/01/2016 at 12:47:32
# Updated 18/08/2015 by Xplode
# Username : Uživatel - UZIVATEL_PC
# Operating System : Windows 10 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\TDSSKiller.3.1.0.9_12.01.2016_15.19.50_log.txt
Deleted : C:\TDSSKiller.3.1.0.9_25.01.2016_22.30.22_log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Uživatel\Desktop\adwcleaner_5.031(1).exe
Deleted : C:\Users\Uživatel\Desktop\JRT_2.exe
Deleted : C:\Users\Uživatel\Desktop\HijackThis.exe
Deleted : C:\Users\Uživatel\Desktop\hijackthis.log
Deleted : C:\Users\Uživatel\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Uživatel\Desktop\zoek.exe
Deleted : C:\Users\Uživatel\Downloads\adwcleaner_5.031.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #23 [Naplánovaný kontrolní bod | 01/21/2016 14:22:41]
Deleted : RP #24 [Kontrolní bod aplikace HitmanPro | 01/23/2016 15:28:49]
Deleted : RP #25 [Revo Uninstaller Pro's restore point - Seznam Software | 01/24/2016 17:43:28]
Deleted : RP #26 [Installed AVG 2016 | 01/25/2016 21:27:34]
Deleted : RP #27 [Installed AVG | 01/25/2016 21:28:51]
Deleted : RP #28 [JRT Pre-Junkware Removal | 01/27/2016 12:02:41]

New restore point created !

########## - EOF - ##########

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-01-28 12:52:30
-----------------------------
12:52:30.343 OS Version: Windows x64 6.2.9200
12:52:30.343 Number of processors: 2 586 0x1706
12:52:30.343 ComputerName: UZIVATEL_PC UserName: Uživatel
12:52:31.031 Initialize success
12:52:31.031 VM: initialized successfully
12:52:31.031 VM: Intel CPU supported
12:52:36.062 VM: disk I/O atapi.sys
12:52:41.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:52:41.656 Disk 0 Vendor: WDC_WD2500KS-00MJB0 02.01C03 Size: 238475MB BusType: 3
12:52:41.812 Disk 0 MBR read successfully
12:52:41.812 Disk 0 MBR scan
12:52:41.812 Disk 0 Windows 7 default MBR code
12:52:41.828 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:52:41.828 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 237923 MB offset 206848
12:52:41.859 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 450 MB offset 487473152
12:52:41.921 Disk 0 scanning C:\WINDOWS\system32\drivers
12:52:50.687 Service scanning
12:52:56.406 Service hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys **LOCKED**
12:53:09.671 Modules scanning
12:53:09.671 Disk 0 trace - called modules:
12:53:09.687 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys hal.dll PCIIDEX.SYS atapi.sys
12:53:09.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00181945060]
12:53:09.687 3 CLASSPNP.SYS[fffff801d50d46c5] -> nt!IofCallDriver -> [0xffffe00180b85ac0]
12:53:09.703 5 ACPI.sys[fffff801d4401361] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xffffe00181d37600]
12:53:09.703 Disk 0 statistics 138811/0/0 @ 7,75 MB/s
12:53:09.703 Scan finished successfully
12:53:23.390 Disk 0 MBR has been saved successfully to "C:\Users\Uživatel\Desktop\MBR.dat"
12:53:23.390 The log file has been saved successfully to "C:\Users\Uživatel\Desktop\aswMBR.txt"

**********************************************************************************************************************************************************************************************************************************************************************************************************************************

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 10240] (x64)
Date : 2016/01/28 12:56:31

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD2500KS-00MJB0 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-S223Q ATA Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 1 - 2921 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
- JMicron JMB36X Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD2500KS-00MJB0 : 250,0 GB [0/1/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD2500KS-00MJB0
----------------------------------------------------------------------------
Model : WDC WD2500KS-00MJB0
Firmware : 02.01C03
Serial Number : WD-WCANKC488440
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 16384 KB
Queue Depth : 1 # of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 35731 hod.
Power On Count : 5566 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 201 184 _21 00000000134D Čas na roztočení ploten
04 _94 _94 __0 0000000018F3 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _52 _52 __0 000000008B93 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000015BE Počet cyklů zapnutí zařízení
BE _62 _36 _45 000000000026 Teplota toku vzduchu
C2 112 _86 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 186 __0 000000004084 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 414E 4B43 3438 3834 3430
020: 0000 8000 0032 3032 2E30 3143 3033 5744 4320 5744
030: 3235 3030 4B53 2D30 304D 4A42 3020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0602 0000 0040 0040
080: 00FE 0000 746B 7F61 4023 7469 3E41 4023 207F 0000
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1663 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 41A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 00 00 00 00 00 00 00 03 03
010: 00 C9 B8 4D 13 00 00 00 00 00 04 32 00 5E 5E F3
020: 18 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 34 34 93 8B 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F BE 15 00 00 00 00 00 BE 22
070: 00 3E 24 26 00 00 00 00 00 00 C2 22 00 70 56 26
080: 00 00 00 00 00 00 C4 32 00 C8 C8 00 00 00 00 00
090: 00 00 C5 12 00 C8 C8 00 00 00 00 00 00 00 C6 10
0A0: 00 C8 C8 00 00 00 00 00 00 00 C7 3E 00 C8 BA 84
0B0: 40 00 00 00 00 00 C8 09 00 C8 C8 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 00 1E 01 7B
170: 03 00 01 00 02 5A 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E2

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BE 2D
070: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0A0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 C8 C8 C8 C8 C8 C8 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77

doktorcz · Příspěvekod **doktorcz** » 28 led 2016 13:10

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Uživatel (administrator) on UZIVATEL_PC (28-01-2016 12:58:45)
Running from C:\Users\Uživatel\Desktop
Loaded Profiles: Uživatel (Available Profiles: Uživatel & andro & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Degoo Backup AB) C:\Users\Uživatel\AppData\Local\Degoo\Degoo.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Degoo Backup AB) C:\Users\Uživatel\AppData\Local\Degoo\DegooHealthCheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Uživatel\Desktop\FRST64_2.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-09-23] (Tonec Inc.)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\MountPoints2: {4419ee4d-522f-11e4-b4c8-74ea3a83a929} - "E:\iStudio.exe"
ShellIconOverlayIdentifiers: [ 360UDiskGuard Icon Overlay] -> {CC00F81D-5262-450A-B1FA-D6BEE3406263} => C:\Program Files (x86)\360\360safe\safemon\360UDiskGuard64.dll [2014-12-09] (360.cn)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\WINDOWS\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk [2016-01-25]
ShortcutTarget: Degoo .lnk -> C:\Users\Uživatel\AppData\Local\Degoo\Degoo.exe (Degoo Backup AB)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{11d222f1-9a0c-4d7e-b2bd-20aa0ccaeea3}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 6D4FA089415C9FCCAFEDF216C5EDC22C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 73CB03F7C33C318B01EC942CC0EE3B92 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> 9B33E58D86F9336F710C1DEF2C2C610F URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> B8D479F19C4EDCAB256CB3F3BC86DBFD URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
SearchScopes: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-346663436-2988962487-3144823818-1001 -> hxxp://www.seznam.cz/?clid=6826

FireFox:
========
FF ProfilePath: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll [2014-04-22] (360.cn)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360safe\mobilemgr\np360MMPlugIn.dll [2015-06-03] (360.cn)
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: SkypePlugin -> C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi.dll [No File]
FF Plugin HKU\S-1-5-21-346663436-2988962487-3144823818-1001: SkypePlugin64 -> C:\Users\Uživatel\AppData\Local\SkypePlugin\7.10.0.93\npGatewayNpapi-x64.dll [No File]
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-09-23]
FF Extension: Google Translator for Firefox - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\extensions\translator@zoli.bod.xpi [2016-01-25]
FF Extension: Mega Button - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\jid1-STt04aUU3EuD3A@jetpack.xpi [2016-01-25]
FF Extension: Seznam lištička - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\pw77fm83.default-1453721257506\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-07] [not signed]
FF HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-346663436-2988962487-3144823818-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Uživatel\AppData\Roaming\IDM\idmmzcc5 [2016-01-28] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-19]
CHR Extension: (Dokumenty Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-20]
CHR Extension: (Disk Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-01-27]
CHR Extension: (MEGA) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-27]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-01-27]
CHR Extension: (YouTube) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Tabulky Google) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-20]
CHR Extension: (Avast Online Security) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-10]
CHR Extension: (Světové Hodiny) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjjpjlfhblplbkoageianfkfbkghphj [2014-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-01-27]
CHR Extension: (Gmail) - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-346663436-2988962487-3144823818-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Přeložit) - C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-11-13]
OPR Extension: (Translate Web Page) - C:\Users\Uživatel\AppData\Roaming\Opera Software\Opera Stable\Extensions\jggobmlojchhlngdhmmdghgganciigof [2016-01-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-01-04] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 ZhuDongFangYu; C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe [237168 2015-12-03] (360.cn)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 1C5AC7CF; C:\Windows\System32\Drivers\1C5AC7CF.sys [478392 2016-01-12] (Kaspersky Lab ZAO)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-12-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [321616 2015-10-16] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-04-18] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [375376 2015-12-11] (360.cn)
S4 360Hvm; C:\Windows\System32\Drivers\360Hvm64.sys [191568 2015-11-25] (360安全中心)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [72776 2014-12-24] (360.cn)
R1 360reskit64; C:\WINDOWS\system32\drivers\360reskit64.sys [65104 2015-09-24] (360.cn)
R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-27] (AVG Technologies)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-01] (360.cn)
S3 DsArk; C:\Windows\System32\drivers\DsArk64.sys [136272 2015-07-02] (360.cn)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-18] (REALiX(tm))
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [15416 2015-03-29] ()
S3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [61656 2015-01-18] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42600 2015-11-16] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 aswMBR; C:\Users\Uživatel\AppData\Local\Temp\aswMBR.sys [62728 2016-01-28] () [File not signed]
U3 aswVmm; C:\Users\Uživatel\AppData\Local\Temp\aswVmm.sys [224896 2016-01-28] ()
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 12:58 - 2016-01-28 12:59 - 00028569 _____ C:\Users\Uživatel\Desktop\FRST.txt
2016-01-28 12:58 - 2016-01-28 12:58 - 00000000 ____D C:\FRST
2016-01-28 12:57 - 2016-01-28 12:57 - 02370560 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64_2.exe
2016-01-28 12:56 - 2016-01-28 12:56 - 00001261 _____ C:\Users\Uživatel\Desktop\CrystalDiskInfo.lnk
2016-01-28 12:56 - 2016-01-28 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-01-28 12:56 - 2016-01-28 12:56 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-01-28 12:56 - 2016-01-28 12:56 - 00000000 _____ C:\Users\Uživatel\Desktop\Nový textový dokument (2).txt
2016-01-28 12:53 - 2016-01-28 12:53 - 00002027 _____ C:\Users\Uživatel\Desktop\aswMBR.txt
2016-01-28 12:53 - 2016-01-28 12:53 - 00000512 _____ C:\Users\Uživatel\Desktop\MBR.dat
2016-01-28 12:50 - 2016-01-28 12:50 - 05200384 _____ (AVAST Software) C:\Users\Uživatel\Desktop\aswmbr.exe
2016-01-28 12:47 - 2016-01-28 12:49 - 00001441 _____ C:\DelFix.txt
2016-01-28 12:42 - 2016-01-28 12:42 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 12:41 - 2016-01-28 12:41 - 00016148 _____ C:\WINDOWS\system32\UZIVATEL_PC_Uživatel_HistoryPrediction.bin
2016-01-28 12:33 - 2016-01-28 12:33 - 00000000 ____D C:\Users\Uživatel\Desktop\backups
2016-01-28 11:53 - 2016-01-28 12:21 - 00000000 ____D C:\AVG_Remover
2016-01-28 11:53 - 2016-01-28 12:20 - 00000000 ____D C:\Users\Uživatel\AppData\Local\Avg
2016-01-27 20:19 - 2016-01-27 20:19 - 00000000 ____D C:\Users\Uživatel\AppData\Local\VS Revo Group
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\ProgramData\IDM
2016-01-27 19:50 - 2016-01-27 19:50 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-27 19:42 - 2016-01-27 19:01 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-01-27 19:00 - 2016-01-27 19:00 - 00000000 _____ C:\Users\Uživatel\Desktop\Nový textový dokument.txt
2016-01-27 18:04 - 2016-01-27 19:03 - 00000000 ____D C:\ProgramData\RogueKiller
2016-01-27 18:04 - 2016-01-27 18:04 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-01-27 17:55 - 2016-01-28 12:22 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2016-01-27 17:18 - 2016-01-27 17:18 - 00000000 ____D C:\Users\Uživatel\Desktop\Nová složka
2016-01-27 17:07 - 2016-01-27 17:07 - 00000000 ____D C:\Users\Uživatel\AppData\LocalLow\360WD
2016-01-27 17:00 - 2015-12-31 03:30 - 00077904 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2016-01-27 16:58 - 2016-01-27 16:58 - 43069048 _____ C:\Users\Uživatel\Downloads\360TS_Setup.exe
2016-01-27 16:57 - 2016-01-27 16:58 - 01371256 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Uživatel\Downloads\360TS_Setup_Mini.exe
2016-01-27 16:44 - 2016-01-27 16:44 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2016-01-26 07:42 - 2016-01-26 07:42 - 31248336 _____ (Adlice Software ) C:\Users\Uživatel\Downloads\setup.exe
2016-01-26 07:02 - 2016-01-26 07:02 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\hxmrkdcb.sys
2016-01-26 07:02 - 2016-01-26 07:02 - 00000262 _____ C:\WINDOWS\system\vsfg
2016-01-25 22:25 - 2016-01-26 10:42 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-25 19:53 - 2016-01-25 19:53 - 00000000 ____D C:\Users\Uživatel\Degoo
2016-01-25 19:50 - 2016-01-25 19:50 - 00000000 ____D C:\Users\Uživatel\.swt
2016-01-25 19:49 - 2016-01-28 12:43 - 00000000 ____D C:\Users\Uživatel\AppData\Local\Degoo
2016-01-25 19:49 - 2016-01-25 19:49 - 01008328 _____ (Degoo Backup AB ) C:\Users\Uživatel\Downloads\DegooInstaller(1).exe
2016-01-25 19:49 - 2016-01-25 19:49 - 00001183 _____ C:\Users\Uživatel\Desktop\Degoo.lnk
2016-01-25 19:49 - 2016-01-25 19:49 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo
2016-01-25 19:38 - 2016-01-25 19:49 - 01008328 _____ (Degoo Backup AB ) C:\Users\Uživatel\Downloads\DegooInstaller.exe
2016-01-25 13:49 - 2016-01-25 14:12 - 524288000 _____ C:\REMOVE_THIS_FILE.livecd.swap
2016-01-25 12:27 - 2016-01-25 12:27 - 00000000 ____D C:\Users\Uživatel\Desktop\Původní data aplikace Firefox
2016-01-25 09:11 - 2016-01-25 09:11 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-01-24 20:03 - 2016-01-24 20:03 - 00000000 ____D C:\Users\Uživatel\Desktop\Fleška
2016-01-24 19:07 - 2016-01-24 19:07 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\360CloudUI
2016-01-22 17:59 - 2016-01-22 17:59 - 00000960 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-22 17:59 - 2016-01-22 17:59 - 00000912 _____ C:\Users\Uživatel\Desktop\Start Tor Browser.lnk
2016-01-21 16:46 - 2016-01-22 13:10 - 00000000 ____D C:\Users\Uživatel\Doctor Web
2016-01-20 11:29 - 2016-01-20 12:01 - 559755264 _____ C:\Users\Uživatel\Downloads\Povstalecká-historie-7- (1).avi
2016-01-20 11:22 - 2016-01-20 11:22 - 00003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1423502777
2016-01-20 11:06 - 2016-01-20 11:13 - 25104785 _____ C:\Users\Uživatel\Downloads\Povstalecká-historie-7-.avi
2016-01-19 15:13 - 2016-01-19 15:13 - 00000000 ____D C:\Users\Uživatel\Documents\Inbox Storage
2016-01-19 14:30 - 2016-01-19 14:30 - 00002332 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2016-01-19 14:30 - 2016-01-19 14:30 - 00002332 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2016-01-19 14:30 - 2016-01-19 14:30 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-19 14:30 - 2016-01-19 14:30 - 00000000 ____D C:\Users\Default\AppData\Roaming\360safe
2016-01-19 14:30 - 2016-01-19 14:30 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-19 14:30 - 2016-01-19 14:30 - 00000000 ____D C:\Users\Default User\AppData\Roaming\360safe
2016-01-19 14:29 - 2016-01-19 14:29 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-01-19 14:15 - 2012-10-23 17:40 - 02280568 _____ (Threat Expert Ltd.) C:\WINDOWS\PCTBDCore.dll
2016-01-19 14:15 - 2012-10-23 17:40 - 01690744 _____ (Threat Expert Ltd.) C:\WINDOWS\PCTBDRes.dll
2016-01-19 14:15 - 2012-10-23 17:40 - 00769144 _____ C:\WINDOWS\BDTSupport.dll
2016-01-19 14:15 - 2012-10-23 17:40 - 00150648 _____ (PC Tools) C:\WINDOWS\SGDetectionTool.dll
2016-01-19 14:15 - 2012-10-23 17:40 - 00077144 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTBD64.sys
2016-01-19 14:15 - 2012-10-23 16:30 - 00003488 _____ C:\WINDOWS\UDB.zip
2016-01-19 14:15 - 2012-10-23 16:30 - 00000882 _____ C:\WINDOWS\RegSDImport.xml
2016-01-19 14:15 - 2012-10-23 16:30 - 00000879 _____ C:\WINDOWS\RegISSImport.xml
2016-01-19 14:15 - 2012-10-23 16:30 - 00000131 _____ C:\WINDOWS\IDB.zip
2016-01-19 12:14 - 2016-01-19 12:14 - 03252349 _____ C:\WINDOWS\system32\Drivers\Cat.DB
2016-01-19 12:14 - 2012-11-01 15:35 - 00253256 _____ (PC Tools) C:\WINDOWS\system32\Drivers\PCTSD64.sys
2016-01-19 12:13 - 2016-01-20 18:11 - 00000000 ____D C:\ProgramData\PC Tools
2016-01-19 12:13 - 2016-01-19 12:13 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\TestApp
2016-01-17 18:43 - 2016-01-20 17:51 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-17 12:48 - 2016-01-26 12:11 - 00019624 _____ C:\Users\Uživatel\Downloads\babis.jpe
2016-01-16 20:06 - 2016-01-16 20:07 - 00000000 ____D C:\Program Files (x86)\Ariva Editor_SATELIT
2016-01-16 19:26 - 2016-01-16 22:39 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Homepager
2016-01-16 00:18 - 2016-01-16 00:18 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\360WeChatClean
2016-01-16 00:16 - 2015-07-02 04:09 - 00136272 _____ (360.cn) C:\WINDOWS\system32\Drivers\DsArk64.sys
2016-01-16 00:03 - 2016-01-19 14:04 - 00000000 _RSHD C:\360SANDBOX
2016-01-16 00:03 - 2016-01-16 00:38 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\360mobilemgr
2016-01-16 00:03 - 2016-01-16 00:03 - 00000001 _____ C:\WINDOWS\system32\Drivers\360Hvm64.dat
2016-01-16 00:03 - 2015-12-21 04:56 - 00137808 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2016-01-16 00:03 - 2015-12-11 04:59 - 00375376 _____ (360.cn) C:\WINDOWS\system32\Drivers\360FsFlt.sys
2016-01-16 00:03 - 2015-12-01 12:05 - 00181328 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2016-01-16 00:03 - 2015-11-25 10:32 - 00191568 _____ (360安全中心) C:\WINDOWS\system32\Drivers\360Hvm64.sys
2016-01-16 00:03 - 2015-10-16 08:35 - 00321616 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2016-01-16 00:03 - 2015-09-24 14:13 - 00065104 _____ (360.cn) C:\WINDOWS\system32\Drivers\360reskit64.sys
2016-01-16 00:03 - 2015-05-08 13:55 - 00180336 _____ (360.cn) C:\WINDOWS\SysWOW64\360SoftMgr.cpl
2016-01-16 00:03 - 2014-12-24 12:18 - 00072776 _____ (360.cn) C:\WINDOWS\system32\Drivers\360netmon.sys
2016-01-16 00:03 - 2014-04-21 07:26 - 00039496 _____ (360.cn) C:\WINDOWS\system32\Drivers\360LanProtect.sys
2016-01-16 00:03 - 2014-04-18 09:30 - 00040520 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys
2016-01-15 23:58 - 2016-01-15 23:58 - 01419392 _____ (360.cn) C:\Users\Uživatel\Downloads\inst.exe
2016-01-15 20:07 - 2016-01-15 20:08 - 06797354 _____ C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12 (1).apk
2016-01-15 20:06 - 2016-01-15 20:09 - 17988176 _____ C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250 (1).exe
2016-01-15 20:06 - 2016-01-15 20:07 - 06797354 _____ C:\Users\Uživatel\Downloads\360yunpan_android_7.0.12.apk
2016-01-15 20:04 - 2016-01-15 20:09 - 17988176 _____ C:\Users\Uživatel\Downloads\360wangpan_setup_6.5.4.1250.exe
2016-01-15 19:40 - 2016-01-15 19:40 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 19:39 - 2016-01-15 19:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 16:38 - 2014-11-04 17:55 - 837642740 _____ C:\Users\Uživatel\Desktop\20141104_175517.mp4
2016-01-14 12:49 - 2016-01-16 19:29 - 00002106 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk
2016-01-13 16:35 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:35 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 16:35 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:35 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 16:35 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:35 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 16:35 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:35 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 16:35 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 16:35 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 16:35 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 16:35 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 16:35 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 16:35 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:35 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 16:35 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 16:35 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 16:35 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 16:35 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:35 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 16:35 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 16:35 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 16:35 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 16:35 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 16:35 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 16:35 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 16:35 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 16:35 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 16:35 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:35 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 16:35 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 16:35 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 16:35 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:35 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 16:35 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-13 16:35 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-13 16:35 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 16:35 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 16:35 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 16:35 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 16:35 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 16:35 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:35 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 16:35 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 16:35 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:35 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:35 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:35 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 16:35 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 16:35 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 16:35 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 16:35 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 16:35 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-13 16:35 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 16:35 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 16:35 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 16:35 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 16:35 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 16:35 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 16:35 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 16:35 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 16:35 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 16:35 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 16:34 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:34 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:34 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:34 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 16:34 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 16:34 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-13 16:34 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:34 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:34 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 16:34 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 16:34 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 16:34 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-13 16:34 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 16:34 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 16:34 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 16:34 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-13 16:34 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:34 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:34 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 16:34 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 16:34 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 16:34 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:34 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:34 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:34 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:34 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 16:34 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 16:34 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 16:34 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 16:34 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:34 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 14:46 - 2016-01-13 14:46 - 00134744 _____ C:\Users\Uživatel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-12 14:31 - 2016-01-12 14:31 - 00478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\1C5AC7CF.sys
2016-01-12 14:31 - 2016-01-12 14:31 - 00085600 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\86425349.sys
2016-01-12 13:51 - 2016-01-28 12:15 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\AVG
2016-01-12 13:49 - 2016-01-28 12:15 - 00000000 ____D C:\ProgramData\Avg
2016-01-11 09:20 - 2016-01-11 09:23 - 380278609 _____ C:\Users\Uživatel\Downloads\pa_gapps-modular-full-4.4.4-20150308-signed.zip
2016-01-11 08:46 - 2016-01-11 08:46 - 03875134 _____ C:\Users\Uživatel\Downloads\download+pa+gapps+4.4.4.zip
2016-01-10 12:08 - 2013-09-30 15:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys
2016-01-10 12:07 - 2016-01-10 12:07 - 00004269 _____ C:\pw-debug.txt
2016-01-10 12:02 - 2015-08-11 12:22 - 03067392 _____ C:\WINDOWS\system32\pwNative.exe
2016-01-10 12:02 - 2013-09-30 15:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys
2016-01-10 12:01 - 2016-01-10 13:36 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-01-10 11:05 - 2016-01-10 13:34 - 00000000 ____D C:\Program Files (x86)\Remo Repair AVI 2.0
2016-01-10 10:47 - 2016-01-10 10:47 - 00000000 ____D C:\Program Files\VIRTUALDUB
2016-01-09 20:08 - 2016-01-09 20:08 - 00000000 ____D C:\Brother's Keeper 7
2016-01-09 20:07 - 2016-01-09 20:07 - 00001136 _____ C:\Users\Uživatel\Desktop\Brother's Keeper 7.lnk
2016-01-09 20:07 - 2016-01-09 20:07 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brother's Keeper 7
2016-01-09 20:07 - 2008-05-16 20:50 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2016-01-09 20:07 - 2008-04-02 14:53 - 00880640 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBox10.ocx
2016-01-09 20:07 - 2004-03-08 23:00 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2016-01-09 20:07 - 2004-03-08 23:00 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RichTx32.ocx
2016-01-09 20:07 - 2001-06-08 17:59 - 01011712 _____ (Janus Systems SA de CV) C:\WINDOWS\SysWOW64\Gridex16.ocx
2016-01-09 20:07 - 2000-09-06 11:15 - 00170496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPNG12N.DLL
2016-01-09 20:07 - 2000-09-06 11:15 - 00027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFWPG12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00121856 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMPG12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00056320 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPSD12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00042496 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFGIF12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00035840 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMA12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00031232 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFEPS12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00027648 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFIMG12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCD12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00026112 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFMSP12N.DLL
2016-01-09 20:07 - 2000-09-06 11:14 - 00024576 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFAVI12N.DLL
2016-01-09 20:07 - 2000-09-06 10:15 - 00153600 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\temp.000
2016-01-09 20:07 - 2000-09-06 10:14 - 00033280 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFPCX12N.DLL
2016-01-09 20:07 - 2000-09-06 10:14 - 00032256 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LFLMB12N.DLL
2016-01-09 20:07 - 2000-09-06 10:13 - 00751104 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTANN12N.DLL
2016-01-09 20:07 - 2000-09-06 10:13 - 00039936 _____ (LEAD Technologies, Inc.) C:\WINDOWS\SysWOW64\LTTWN12N.DLL
2016-01-09 20:07 - 1999-05-28 12:53 - 00122880 _____ (Crescent Division of Progress Software Corporation) C:\WINDOWS\SysWOW64\qpro32.dll
2016-01-09 20:07 - 1998-06-24 06:00 - 00067376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SysInfo.ocx
2016-01-09 20:07 - 1998-06-24 01:00 - 00103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSComm32.ocx
2016-01-09 20:07 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComCt232.ocx
2016-01-09 20:07 - 1998-02-16 13:13 - 00201728 _____ () C:\WINDOWS\SysWOW64\VSVIEW3.OCX
2016-01-09 20:07 - 1997-11-04 13:11 - 00003146 _____ C:\WINDOWS\SysWOW64\vsort.com
2016-01-09 20:07 - 1996-10-07 21:25 - 00320512 _____ C:\WINDOWS\SysWOW64\w32mkde.exe
2016-01-09 20:07 - 1996-07-22 06:04 - 00227328 _____ (MicroHelp, Inc.) C:\WINDOWS\SysWOW64\comppl32.dll
2016-01-09 20:07 - 1995-10-25 22:05 - 00062464 _____ (Btrieve Technologies, Inc.) C:\WINDOWS\SysWOW64\wbtrv32.dll
2016-01-09 20:07 - 1995-10-12 16:03 - 00110080 _____ C:\WINDOWS\SysWOW64\w32mkrc.dll
2016-01-09 19:56 - 2016-01-09 19:56 - 00604160 _____ C:\Users\Uživatel\Downloads\01_abecedni_seznam_obci_cesko_nemecky.xls
2016-01-09 17:01 - 2016-01-24 18:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-07 17:14 - 2016-01-16 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 08:42 - 2016-01-06 08:55 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\MyHeritage
2016-01-06 08:42 - 2016-01-06 08:53 - 00000000 ____D C:\Users\Uživatel\Documents\MyHeritage
2016-01-06 08:42 - 2016-01-06 08:52 - 00000000 ____D C:\ProgramData\MyHeritage
2016-01-06 08:41 - 2016-01-06 08:41 - 00001198 _____ C:\Users\Uživatel\Desktop\MyHeritage Family Tree Builder.lnk
2016-01-06 08:41 - 2016-01-06 08:41 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\The Complete Genealogy Reporter - FTB
2016-01-06 08:41 - 2016-01-06 08:41 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2016-01-06 08:41 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2016-01-06 08:41 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2016-01-06 08:41 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2016-01-06 08:41 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2016-01-06 08:41 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2016-01-06 08:41 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2016-01-06 08:40 - 2016-01-25 23:33 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2016-01-05 19:43 - 2016-01-03 02:40 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-05 19:43 - 2016-01-03 02:40 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 14:44 - 2016-01-02 14:44 - 239725329 _____ C:\Users\Uživatel\Desktop\cm11.0_codina.nova.20141215.zip
2016-01-01 20:18 - 2016-01-16 22:52 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Notepad++
2016-01-01 20:18 - 2016-01-16 00:07 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-01-01 20:18 - 2016-01-01 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-29 11:27 - 2015-12-29 11:27 - 00572218 _____ C:\Users\Uživatel\Documents\IMG_20151229_0002.pdf
2015-12-29 11:24 - 2015-12-29 11:24 - 00475840 _____ C:\Users\Uživatel\Documents\IMG_20151229_0001.pdf

doktorcz · Příspěvekod **doktorcz** » 28 led 2016 13:10

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-28 12:45 - 2015-02-09 21:18 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Copy
2016-01-28 12:44 - 2014-01-19 10:08 - 00000000 ___RD C:\Users\Uživatel\Dropbox
2016-01-28 12:44 - 2014-01-17 11:48 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Dropbox
2016-01-28 12:43 - 2014-09-07 14:25 - 00000000 ___RD C:\Users\Uživatel\Disk Google
2016-01-28 12:42 - 2015-11-13 11:44 - 00000000 ___RD C:\Users\Uživatel\OneDrive
2016-01-28 12:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-28 12:38 - 2015-10-06 16:57 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\DMCache
2016-01-28 12:38 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-28 12:37 - 2015-10-09 16:14 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\IDM
2016-01-28 12:34 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-28 12:23 - 2013-11-22 06:43 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\uTorrent
2016-01-28 12:18 - 2013-11-21 15:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-28 12:07 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-28 12:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-28 12:06 - 2015-11-13 10:55 - 00840798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-28 12:06 - 2015-07-10 17:02 - 00358304 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-28 12:06 - 2015-07-10 17:02 - 00064378 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-28 12:01 - 2013-11-21 15:31 - 00000984 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 11:59 - 2015-01-02 18:14 - 00000000 ___RD C:\VIRUSESKA
2016-01-28 11:51 - 2015-11-14 09:36 - 00000000 ____D C:\Users\Uživatel\Downloads\DOWNLOADER
2016-01-28 11:42 - 2015-12-08 16:12 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{42A2194F-6342-4591-9C6B-654F79D0F881}
2016-01-28 00:18 - 2015-09-28 21:13 - 00000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-27 20:23 - 2013-11-21 15:16 - 00000000 ____D C:\Users\Uživatel\AppData\Local\VirtualStore
2016-01-27 20:07 - 2015-11-13 16:06 - 00000000 ____D C:\Users\Uživatel\AppData\Local\MicrosoftEdge
2016-01-27 19:38 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-27 19:38 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-01-27 18:02 - 2015-02-09 20:52 - 00000000 ____D C:\Program Files (x86)\360
2016-01-26 18:14 - 2015-11-12 19:36 - 00000000 ____D C:\Users\Uživatel\Downloads\mTorrent
2016-01-26 16:23 - 2015-11-10 17:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-26 16:22 - 2015-11-22 15:10 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-26 16:13 - 2015-11-13 15:24 - 00000000 ____D C:\Users\Uživatel\AppData\Local\Comms
2016-01-26 16:00 - 2015-11-13 10:58 - 00000000 ____D C:\Users\Uživatel
2016-01-26 10:39 - 2013-11-26 20:23 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-01-26 10:39 - 2013-11-26 20:23 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-01-26 10:24 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-26 07:10 - 2015-11-14 16:56 - 00000000 ____D C:\Users\Uživatel\Downloads\Compressed
2016-01-26 07:02 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\System
2016-01-25 22:41 - 2014-01-07 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-25 22:32 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-24 18:47 - 2015-11-30 16:56 - 00000000 ____D C:\Users\Uživatel\AppData\Local\SkypePlugin
2016-01-24 18:40 - 2014-12-09 23:49 - 00000000 ____D C:\Users\Uživatel\AppData\Local\CrashDumps
2016-01-22 17:59 - 2015-11-14 18:00 - 00000000 ____D C:\Users\Uživatel\Desktop\Tor Browser
2016-01-20 18:11 - 2013-11-25 20:14 - 00000000 ____D C:\ProgramData\TEMP
2016-01-20 16:13 - 2013-11-27 17:16 - 00000000 ____D C:\Program Files\trend micro
2016-01-20 11:22 - 2015-02-09 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-20 10:26 - 2015-01-02 20:17 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-16 22:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Globalization
2016-01-16 19:29 - 2015-12-08 19:44 - 00002146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mоzillа Firеfох.lnk
2016-01-16 19:29 - 2015-12-08 19:44 - 00002134 _____ C:\Users\Public\Desktop\Mоzillа Firеfох.lnk
2016-01-16 19:29 - 2013-11-21 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-16 19:26 - 2015-11-14 18:01 - 00001872 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Tоr Brоwsеr.lnk
2016-01-16 00:33 - 2015-11-30 16:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-16 00:07 - 2014-01-16 14:07 - 00000000 ____D C:\Program Files (x86)\UltraISO
2016-01-16 00:07 - 2013-12-12 22:41 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Winamp
2016-01-15 15:22 - 2013-12-02 22:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-15 15:16 - 2013-12-02 22:49 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 18:12 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 14:27 - 2015-01-04 19:36 - 00000364 _____ C:\WINDOWS\system32\.crusader
2016-01-12 13:49 - 2014-01-07 15:32 - 00001179 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2016-01-10 18:44 - 2013-11-24 10:32 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\vlc
2016-01-10 14:12 - 2013-11-22 17:41 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\AIMP3
2016-01-10 13:52 - 2015-11-13 11:32 - 00000000 ____D C:\Users\Uživatel\AppData\Local\Packages
2016-01-10 13:38 - 2015-11-22 00:36 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2016-01-10 13:16 - 2013-11-30 14:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 11:28 - 2015-02-04 10:56 - 00000000 ___HD C:\ProgramData\CanonIJMIG

==================== Files in the root of some directories =======

2013-11-27 19:15 - 2013-11-27 19:15 - 0003725 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-03-29 10:19 - 2015-11-13 18:16 - 0099384 _____ () C:\Users\Uživatel\AppData\Roaming\inst.exe
2015-03-29 10:19 - 2015-11-13 18:16 - 0007859 _____ () C:\Users\Uživatel\AppData\Roaming\pcouffin.cat
2015-03-29 10:19 - 2015-11-13 18:16 - 0001167 _____ () C:\Users\Uživatel\AppData\Roaming\pcouffin.inf
2015-11-13 18:16 - 2015-11-13 18:16 - 0000033 _____ () C:\Users\Uživatel\AppData\Roaming\pcouffin.log
2015-03-29 10:19 - 2015-11-13 18:16 - 0082816 _____ (VSO Software) C:\Users\Uživatel\AppData\Roaming\pcouffin.sys
2015-03-29 10:21 - 2015-03-29 18:31 - 0001044 _____ () C:\Users\Uživatel\AppData\Roaming\vso_ts_preview.xml
2013-11-26 20:21 - 2013-11-26 20:21 - 0000001 _____ () C:\Users\Uživatel\AppData\Local\llftool.4.40.agreement
2014-09-23 16:54 - 2014-09-23 16:54 - 0001328 _____ () C:\Users\Uživatel\AppData\Local\MRDownloader(1).nast
2014-06-22 19:59 - 2014-06-22 19:59 - 0001272 _____ () C:\Users\Uživatel\AppData\Local\MRDownloader.nast
2014-01-14 08:39 - 2014-01-21 04:32 - 0001456 _____ () C:\Users\Uživatel\AppData\Local\SRDownloader.nast
2015-11-13 10:52 - 2015-11-13 10:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Uživatel\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-22 14:13

==================== End of FRST.txt ============================

Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search Vyřešeno

Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Re: Při každém otevření prohlížeče se mi otevře okno s vyhledávačem chedotgame.com/search

Kdo je online