Seká se a musím provádět tvrdý restart prosím o kontrolu.

Zpráva

hrdinaj · #1 Příspěvek od **hrdinaj** » 28 zář 2016 07:51

Logfile of random's system information tool 1.10 (written by random/random)
Run by m at 2016-09-28 08:49:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 599 GB (63%) free of 954 GB
Total RAM: 8010 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:15, on 28.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\WinZip\WZUpdateNotifier.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\trend micro\m.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [icq.desktop] "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-437069544-115546471-2938306295-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Aktualizace oznámení.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: SPDriverInstall.lnk = ?
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service2 - Unknown owner - C:\Windows\System32\SUPDSvc2.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10188 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {68CD9D83-65F7-4A70-94EE-4C90EBE5FAE2}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\System32\igfxpers.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Windows\System32\igfxtray.exe"
taskeng.exe {A78D0D85-7AE7-422F-9ABA-D6F84B40B149}
C:\Windows\system32\IRMonitor.exe
"C:\Program Files\Software Informer\softinfo.exe" -service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Windows\system32\svchost.exe -k imgsvc
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WinZip\WZUpdateNotifier.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\WinZip\FAHWindow64.exe" register
/fmw.trayonly
"C:\Program Files\WinZip\WzPreloader.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "-17321995673354815381764124437-1860305351516760303-1399373531-547622942-863327295
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xfYqpK69CUSZpZGG.1
C:\Windows\system32\rundll32.exe C:\Windows\system32\GeneralTel.dll,RunGeneralTelemetry -cV xfYqpK69CUSZpZGG.1.3 -SendFullTelemetry -ThrottleUtc -OnesettingsNotAllowed
"C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe" lng=1029
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe" "/base-dir=C:\Program Files (x86)\ESET\ESET Online Scanner" /lang=1029 /as
\??\C:\Windows\system32\conhost.exe "-2076679133458214473359726005-1279483356-120585041955080665-812299512-797327987
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\m\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for m.job - C:\PROGRA~2\NORTON~2\Engine\431~1.3\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\extensions\
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\
firmy.cz-190921.xml
mapy.cz-190921.xml
seznam.cz-190921.xml
videa.seznam.cz-190921.xml
zbozi.cz-190921.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-08 948792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12 715016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-08 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12 606472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-07 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-07 439576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-07 170264]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-03-07 2821936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"icq.desktop"=C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe [2016-09-06 31057032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-03-25 1284680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto YouTube Downloader]
C:\Users\m\AppData\Local\Flvto\FlvtoYoutubeDownloader.exe [2015-10-26 524800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\m\AppData\Roaming\ICQM\icq.exe -CU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2015-07-11 170280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader]
C:\Program Files\VDownloader\VDownloader4.exe [2015-10-05 2055168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk]
C:\PROGRA~2\FIREFO~1\FIREFO~1.EXE [2005-02-09 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk]
C:\PROGRA~1\HARMAN~1\SOUNDC~1\MULTI-~1\SOUNDC~2.EXE [2015-09-03 315392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk]
C:\PROGRA~1\HARMAN~1\SOUNDC~1\USBAUD~1\SOUNDC~1.EXE [2013-08-29 388800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2015-10-13 246472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-09-13 218896]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2013-02-19 453736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizace oznámení.lnk - C:\Program Files\WinZip\WZUpdateNotifier.exe
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
SPDriverInstall.lnk - C:\Program Files\MediaTek\SP Driver\SPDriverInstall
WinZip Preloader.lnk - C:\Program Files\WinZip\WzPreloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-28 430592]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-28 08:47:01 ----D---- C:\rsit
2016-09-27 11:00:55 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-09-17 12:26:28 ----D---- C:\Program Files (x86)\MediaTek
2016-09-17 12:19:35 ----D---- C:\Program Files\MediaTek
2016-09-17 12:16:53 ----D---- C:\ProgramData\SP_FT_Logs
2016-09-08 20:57:06 ----A---- C:\Windows\system32\aswBoot.exe
2016-09-08 20:56:55 ----A---- C:\Windows\avastSS.scr
2016-09-06 12:01:10 ----D---- C:\Users\m\AppData\Roaming\ICQ

======List of files/folders modified in the last 1 month======

2016-09-28 08:49:15 ----D---- C:\Program Files\trend micro
2016-09-28 08:48:01 ----D---- C:\Windows\Temp
2016-09-28 08:41:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 20:07:32 ----RD---- C:\Program Files (x86)
2016-09-27 20:03:24 ----D---- C:\Windows\system32\drivers
2016-09-27 19:17:18 ----D---- C:\Users\m\AppData\Roaming\Skype
2016-09-27 11:32:39 ----D---- C:\ProgramData\CanonIJPLM
2016-09-24 23:36:12 ----SHD---- C:\Windows\Installer
2016-09-24 23:36:12 ----D---- C:\ProgramData\Skype
2016-09-24 23:36:09 ----D---- C:\Program Files (x86)\Common Files
2016-09-24 23:34:52 ----SHD---- C:\System Volume Information
2016-09-24 23:33:21 ----D---- C:\Windows\system32\Tasks
2016-09-24 23:33:21 ----D---- C:\Program Files (x86)\Opera
2016-09-23 09:53:14 ----HD---- C:\ProgramData
2016-09-22 22:20:34 ----D---- C:\Windows\System32
2016-09-22 22:20:34 ----D---- C:\Windows\inf
2016-09-22 22:20:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-18 09:57:26 ----D---- C:\Windows\Prefetch
2016-09-17 12:26:28 ----D---- C:\Windows\system32\LogFiles
2016-09-17 12:20:41 ----D---- C:\Windows\system32\DriverStore
2016-09-17 12:19:37 ----D---- C:\Windows
2016-09-17 12:19:35 ----D---- C:\Program Files
2016-09-14 09:04:17 ----D---- C:\Windows\SysWOW64
2016-09-14 09:04:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-09-14 09:04:13 ----D---- C:\Windows\system32\Macromed
2016-09-14 09:04:12 ----D---- C:\Windows\SYSWOW64\Macromed
2016-09-09 08:49:46 ----D---- C:\ProgramData\Norton
2016-09-09 08:49:15 ----D---- C:\Program Files (x86)\NortonInstaller
2016-09-08 20:57:11 ----D---- C:\Windows\system32\config
2016-08-30 09:39:42 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-08 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-09-08 292704]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-02-20 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-08 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-08 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-07 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2016-05-04 497392]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-11 26528]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 22040]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-08 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-08 163416]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-11-26 11576]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-20 3538432]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-11-04 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-11-04 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-05-03 81928]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-03-07 238384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-28 14741632]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 168984]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 60952]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-01-19 435240]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2015-06-27 507392]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-08 37656]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2016-01-05 165504]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-13 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys []
S3 SoundcraftUSBAudio;SoundcraftUSBAudio; C:\Windows\system32\DRIVERS\SoundcraftUSBAudio_x64.sys [2015-09-03 269312]
S3 SoundcraftUSBAudioks;SoundcraftUSBAudioks; C:\Windows\system32\DRIVERS\SoundcraftUSBAudioks_x64.sys [2015-09-03 50688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-11-13 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-13 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 WinUsb;Alpha; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-08 82128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-08 197128]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-09-13 1149712]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-03-02 355920]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 InCDSrv;InCD Helper; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-20 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-20 1260320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14 270016]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-07 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-07-11 644904]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-27 172488]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Samsung UPD Service2;Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [2011-12-02 165456]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-05 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 28 zář 2016 16:50

Zdravim

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

hrdinaj · #3 Příspěvek od **hrdinaj** » 28 zář 2016 17:57

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/09/28 18:57:13

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03 [ATA]
+ ATA Channel 0 (0)
- ST1000LM014-1EJ164 ATA Device
+ ATA Channel 2 (2)
- PIONEER DVD-RW DVRTD11RS ATA Device
- Broadcom Memory Stick [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000LM014-1EJ164 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000LM014-1EJ164
----------------------------------------------------------------------------
Model : ST1000LM014-1EJ164
Firmware : SM15
Serial Number : W381EDZX
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 3472 hod.
Power On Count : 6235 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000C319B20 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _94 _94 _20 000000001836 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _70 _60 _30 000B06B08508 Počet chybných hledání
09 _97 _97 __0 000000000D90 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _94 _20 00000000185B Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000008 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _73 _51 _45 00001B19001B Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000002D9 Počet vypnutí disku
C1 _97 _97 __0 000000001EE8 Počet cyklů načítání/vymazání
C2 _27 _49 __0 000C0000001B Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5733 3831 4544 5A58
020: 0000 0000 0004 534D 3135 2020 2020 5354 3130 3030
030: 4C4D 3031 342D 3145 4A31 3634 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 0040
080: 03F0 001F 346B 7D09 6163 3469 BC09 6163 007F 005F
090: 005F 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 73B2 143B 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1081 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 77 63 20 9B 31 0C 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 5E 5E 36
020: 18 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 46 3C 08 85 B0 06 0B 00 00 09 32
040: 00 61 61 90 0D 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 5E 5E 5B 18 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 08
080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 49 33 1B 00 19 1B 00 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 D9
0B0: 02 00 00 00 00 00 C1 32 00 61 61 E8 1E 00 00 00
0C0: 00 00 C2 22 00 1B 31 1B 00 00 00 0C 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 73
170: 03 00 01 00 01 C6 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 27 19 00 00 04 02 02 02 02 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 3B 9C 84 B2 5E 0B 00 00
1B0: 00 00 00 00 01 00 E7 16 08 67 10 3D 03 00 00 00
1C0: 4F 14 8C 6E 03 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 AD 1D 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

hrdinaj · #4 Příspěvek od **hrdinaj** » 28 zář 2016 18:20

# AdwCleaner v6.020 - Logfile created 28/09/2016 at 19:06:32
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-27.2 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : m - M-PC
# Running from : C:\Users\m\Downloads\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

[-] File deleted: C:\Users\m\Desktop\launcher.exe

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Users\m\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4468 Bytes] - [18/04/2016 21:01:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [7825 Bytes] - [15/12/2015 21:41:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [746 Bytes] - [19/12/2015 15:14:10]
C:\AdwCleaner\AdwCleaner[C4].txt - [1134 Bytes] - [28/09/2016 19:06:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [4646 Bytes] - [18/04/2016 20:58:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [7682 Bytes] - [15/12/2015 21:40:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [654 Bytes] - [19/12/2015 15:12:39]
C:\AdwCleaner\AdwCleaner[S4].txt - [1725 Bytes] - [28/09/2016 19:00:40]
C:\AdwCleaner\AdwCleaner[S5].txt - [1798 Bytes] - [28/09/2016 19:06:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1571 Bytes] ##########

#5 Příspěvek od **Márty84** » 29 zář 2016 09:42

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

hrdinaj · #6 Příspěvek od **hrdinaj** » 30 zář 2016 22:19

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29.9.2016
Čas skenování: 21:33
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.29.11
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: m

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 588167
Uplynulý čas: 12 hod, 32 min, 41 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-4332-2D34-00A7-A758B70C2500}, , [ef00beb926743006272f4d71a261ed13],
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [88670b6cd0ca2016b0682f80be454bb5],

Hodnoty registru: 1
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-4332-2D34-00A7-A758B70C2500}|InstallSource, C:\ProgramData\APN\APN-Stub\FF3-C2-4\, , [ef00beb926743006272f4d71a261ed13]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.MindSpark, C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\yu8tadsk.default-1435483951853\VideoDownloadConverter_4z, , [5e9163144d4d7db93db3bfea27dcd927],

Soubory: 10
PUP.Optional.APNToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir, , [97585f18396149edd7e764c525dc1ce4],
PUP.Optional.ASK, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\FF3-C2-4\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir, , [876885f2dac0f93d8cd6218f18ec9769],
PUP.Optional.ASK, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\FF3-C2-4\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir, , [9d52db9ca4f673c374215a8c867b5da3],
PUP.Optional.ASK, C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe.vir, , [23cc37407c1e02347e17e204818012ee],
PUP.Optional.APNToolBar, C:\Program Files (x86)\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe, , [8b646d0aabefe4524c732702857c6a96],
FraudTool.YAC, C:\Users\m\AppData\Local\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\cache2\entries\41B7AFF5ED57B61E95680A74EBE322FC377DEC36, , [7c73057263371125d77b71b242bf7987],
PUP.Optional.OpenCandy, C:\Users\m\Downloads\CDex-1.79-win32.exe, , [01ee4a2ddfbba98dfab3f6931be9c937],
PUP.Optional.Amonetize, C:\Users\m\Downloads\Elan+Smart+Pad+Driver.zip, , [2ec16c0b0a902d099757187925dc4eb2],
Trojan.Downloader, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\Yrrehs.zip.vir, , [40af2f487a20ac8abc5b65ca8f7230d0],
PUP.Optional.MindSpark, C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\yu8tadsk.default-1435483951853\VideoDownloadConverter_4z\F0A3C044-1B4E-436D-B08E-F9EA4D25566C.sqlite, , [5e9163144d4d7db93db3bfea27dcd927],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#7 Příspěvek od **Márty84** » 01 říj 2016 07:49

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (tentokrat uz staci jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

hrdinaj · #8 Příspěvek od **hrdinaj** » 01 říj 2016 11:49

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1.10.2016
Čas skenování: 9:10
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.10.01.02
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: m

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 584263
Uplynulý čas: 3 hod, 30 min, 3 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#9 Příspěvek od **Márty84** » 01 říj 2016 16:15

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

hrdinaj · #10 Příspěvek od **hrdinaj** » 02 říj 2016 08:58

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-09-2015 02
Ran by m (administrator) on M-PC (02-10-2016 09:57:22)
Running from C:\Users\m\Downloads
Loaded Profiles: m & UpdatusUser (Available Profiles: m & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-08] (AVAST Software)
ShellIconOverlayIdentifiers: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
ShellIconOverlayIdentifiers-x32: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => C:\Program Files (x86)\Nero\Tools\InCD\NBHshx.dll [2009-10-16] (Nero AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2016-07-10]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-10]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2016-09-17]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.205.75.22
Tcpip\..\Interfaces\{6F01AEF7-0D77-47A4-B029-C65780083693}: [DhcpNameServer] 109.205.75.22

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930854286339096&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-437069544-115546471-2938306295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 0AD95A27AF13D04D9447BD9B2E2B0761 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 28F55112567F11A7DBADE182EB0E2AFF URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 6561DF71FFA8F9C488FEF0C602C8F88A URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> 8B2130DBC0AEAA85CBFB5E9FEC1C1479 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-437069544-115546471-2938306295-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-08] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-08] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\firmy.cz-190921.xml [2016-03-07]
FF SearchPlugin: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\mapy.cz-190921.xml [2016-03-07]
FF SearchPlugin: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\seznam.cz-190921.xml [2016-03-07]
FF SearchPlugin: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\videa.seznam.cz-190921.xml [2016-03-07]
FF SearchPlugin: C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\searchplugins\zbozi.cz-190921.xml [2016-03-07]
FF Extension: Flash and Video Download - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-09-27]
FF Extension: Firefox Hotfix - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: Google Translator for Firefox - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\Extensions\translator@zoli.bod.xpi [2015-11-21]
FF Extension: Video DownloadHelper - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-21]
FF Extension: Adblock Plus - C:\Users\m\AppData\Roaming\Mozilla\Firefox\Profiles\e2uyydkw.default-1440437105502\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-09-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\m\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (Disk Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-07]
CHR Extension: (YouTube) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-07]
CHR Extension: (Vyhledávání Google) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-07]
CHR Extension: (Avast SafePrice) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-28]
CHR Extension: (Avast Online Security) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR Extension: (Gmail) - C:\Users\m\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-07]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 InCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\InCDSrv.exe [1420592 2009-10-16] (Nero AG)
R2 NeroRegInCDSrv; C:\Program Files (x86)\Nero\Tools\InCD\NBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-08] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-11] (REALiX(tm))
R3 InCDFs; C:\Windows\System32\DRIVERS\InCDFs.sys [168984 2009-10-16] (Nero AG)
R3 InCDPass; C:\Windows\System32\DRIVERS\InCDPass.sys [60952 2009-10-16] (Nero AG)
R1 InCDRec; C:\Windows\System32\DRIVERS\InCDRec.sys [22040 2009-10-16] (Nero AG)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2016-01-05] (ITE )
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
S3 SoundcraftUSBAudio; C:\Windows\System32\DRIVERS\SoundcraftUSBAudio_x64.sys [269312 2015-09-03] ()
S3 SoundcraftUSBAudioks; C:\Windows\System32\DRIVERS\SoundcraftUSBAudioks_x64.sys [50688 2015-09-03] ()
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation)
S3 SmbDrv; system32\DRIVERS\Smb_driver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 09:57 - 2016-10-02 09:57 - 00020210 _____ C:\Users\m\Downloads\FRST.txt
2016-10-02 09:52 - 2016-10-02 09:52 - 00000000 _____ C:\Windows\setuperr.log
2016-10-02 09:52 - 2016-10-02 09:52 - 00000000 _____ C:\Windows\setupact.log
2016-09-29 21:27 - 2016-09-29 21:27 - 22851472 _____ (Malwarebytes ) C:\Users\m\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-28 19:32 - 2016-09-28 19:32 - 39967810 _____ C:\Users\m\Downloads\happysepi2.zip
2016-09-28 19:32 - 2016-09-27 14:34 - 46421187 _____ C:\Users\m\Downloads\happysepi2.mp4
2016-09-28 18:58 - 2016-09-28 18:58 - 03861056 _____ C:\Users\m\Downloads\adwcleaner_6.020.exe
2016-09-28 18:56 - 2016-09-28 18:56 - 11407001 _____ C:\Users\m\Downloads\CrystalDiskInfo7_0_3-en.exe
2016-09-28 10:14 - 2016-09-28 10:14 - 05068134 _____ C:\Users\m\Downloads\prilohy_42485 (1) (1).zip
2016-09-28 08:47 - 2016-09-28 08:47 - 00000000 ____D C:\rsit
2016-09-27 11:00 - 2016-09-28 08:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 22:23 - 2016-09-22 22:30 - 753450773 _____ C:\Users\m\Downloads\Zlaty poklad ceske a moravske dechovky od A-Z.rar
2016-09-22 22:22 - 2016-09-22 22:23 - 64925171 _____ C:\Users\m\Downloads\Budějcká Kapela & Krajanka - 1994 - Nejslavnější dechovky 2.rar
2016-09-21 14:26 - 2016-10-02 09:52 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-09-17 12:26 - 2016-09-17 12:26 - 00000000 ____D C:\Users\m\.android
2016-09-17 12:26 - 2016-09-17 12:26 - 00000000 ____D C:\Program Files (x86)\MediaTek
2016-09-17 12:19 - 2016-09-17 12:19 - 09650799 _____ (MediaTek.Inc. ) C:\Users\m\Downloads\Driver_Auto_Installer_v5.1524.03.exe
2016-09-17 12:19 - 2016-09-17 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SP Driver
2016-09-17 12:19 - 2016-09-17 12:19 - 00000000 ____D C:\Program Files\MediaTek
2016-09-17 12:16 - 2016-09-17 12:16 - 00000000 ____D C:\Users\m\Downloads\SP_Flash_Tool_exe_Windows_v5.1616.00.000
2016-09-17 12:07 - 2016-09-17 12:07 - 45706412 _____ C:\Users\m\Downloads\SP_Flash_Tool_exe_Windows_v5.1616.00.000.zip
2016-09-10 13:23 - 2016-09-10 13:23 - 00001867 _____ C:\Users\m\Desktop\ICQ.lnk
2016-09-09 00:17 - 2016-09-30 23:17 - 00001335 _____ C:\Users\m\Desktop\Norton Installation Files.lnk
2016-09-08 20:57 - 2016-09-08 20:57 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-08 20:56 - 2016-09-08 20:56 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-06 12:01 - 2016-09-12 19:21 - 00000000 ____D C:\Users\m\AppData\Roaming\ICQ
2016-09-05 15:16 - 2016-09-05 15:17 - 20430329 _____ C:\Users\m\Desktop\iveco-daily-elektro-instalace.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 09:57 - 2015-09-14 13:41 - 00000000 ____D C:\FRST
2016-10-02 09:53 - 2016-05-11 08:19 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-02 09:53 - 2015-05-13 20:01 - 00000000 ____D C:\Users\m\AppData\Local\CrashDumps
2016-10-02 09:52 - 2016-05-11 08:19 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-02 09:52 - 2015-12-15 12:34 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-02 09:52 - 2015-05-28 13:27 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-02 09:52 - 2014-11-03 23:11 - 01425383 _____ C:\Windows\WindowsUpdate.log
2016-10-01 14:46 - 2015-06-28 13:24 - 00000000 ____D C:\Windows\pss
2016-10-01 09:15 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-01 09:15 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-01 09:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-01 09:04 - 2015-01-04 20:47 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-10-01 09:04 - 2014-11-07 22:14 - 00000000 ____D C:\Users\m\AppData\Roaming\Skype
2016-09-30 23:18 - 2016-01-08 13:53 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-30 23:18 - 2016-01-08 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-09-30 23:18 - 2015-06-24 11:31 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-30 23:17 - 2016-03-07 20:10 - 00000000 ____D C:\ProgramData\Norton
2016-09-29 10:58 - 2011-04-12 10:34 - 00668792 _____ C:\Windows\system32\perfh005.dat
2016-09-29 10:58 - 2011-04-12 10:34 - 00141420 _____ C:\Windows\system32\perfc005.dat
2016-09-29 10:58 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-29 09:14 - 2016-02-09 19:55 - 00000000 ____D C:\Users\m\scany
2016-09-28 19:06 - 2015-12-15 21:40 - 00000000 ____D C:\AdwCleaner
2016-09-28 08:49 - 2015-12-15 19:37 - 00000000 ____D C:\Program Files\trend micro
2016-09-28 08:42 - 2016-01-05 08:57 - 00000048 _____ C:\monitor.log
2016-09-28 08:41 - 2014-11-07 21:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-24 23:36 - 2014-11-07 22:12 - 00000000 ____D C:\ProgramData\Skype
2016-09-24 23:33 - 2015-12-15 12:33 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1415390993
2016-09-24 23:33 - 2014-11-07 22:09 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-22 22:03 - 2016-04-03 22:50 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-21 14:27 - 2016-04-04 09:15 - 00003882 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1459754108
2016-09-20 08:58 - 2016-04-03 22:50 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-17 14:09 - 2014-11-07 21:53 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 12:26 - 2014-11-03 23:10 - 00000000 ____D C:\Users\m
2016-09-14 09:04 - 2015-05-28 13:27 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 09:04 - 2014-11-07 21:49 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 09:04 - 2014-11-07 21:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 09:04 - 2014-11-07 21:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 09:04 - 2014-11-07 21:49 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 08:32 - 2016-04-03 22:50 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-12 14:10 - 2014-11-07 23:20 - 00000000 ____D C:\Users\m\Documents\Soubory aplikace Outlook
2016-09-10 13:23 - 2015-12-01 10:39 - 00001725 _____ C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2016-09-10 13:23 - 2015-12-01 10:39 - 00000000 ____D C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2016-09-08 20:57 - 2016-04-03 22:50 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-09-08 20:57 - 2016-04-03 22:50 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-08 20:57 - 2016-04-03 22:50 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-08 20:57 - 2016-04-03 22:50 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-08 20:57 - 2016-04-03 22:50 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-08 20:57 - 2016-04-03 22:50 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-08 20:56 - 2016-04-04 09:15 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-09-05 21:32 - 2015-11-25 17:08 - 00262123 _____ C:\Users\m\AppData\Roaming\Error.log

==================== Files in the root of some directories =======

2015-10-21 20:28 - 2015-08-27 16:48 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-11-25 17:08 - 2016-09-05 21:32 - 0262123 _____ () C:\Users\m\AppData\Roaming\Error.log
2016-02-07 20:34 - 2016-02-07 20:34 - 0000017 _____ () C:\Users\m\AppData\Local\resmon.resmoncfg
2016-01-05 09:13 - 2016-03-08 23:15 - 0002548 _____ () C:\ProgramData\LmeUSB.log
2016-01-05 09:13 - 2016-03-08 23:15 - 0002550 _____ () C:\ProgramData\LSDmbTH.log

Some files in TEMP:
====================
C:\Users\m\AppData\Local\Temp\avguirn_081806964490.exe
C:\Users\m\AppData\Local\Temp\avguirn_08940571581.exe
C:\Users\m\AppData\Local\Temp\libeay32.dll
C:\Users\m\AppData\Local\Temp\msvcr120.dll
C:\Users\m\AppData\Local\Temp\sqlite3.dll
C:\Users\m\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS__{545E7462-7F21-46BE-82D3-D50803A2E5C8}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-30 10:22

==================== End of FRST.txt ============================

#11 Příspěvek od **Márty84** » 02 říj 2016 09:28

To moc podle navodu nebylo, ze?

Pouzivate neco od AVG?

hrdinaj · #12 Příspěvek od **hrdinaj** » 02 říj 2016 10:14

K instalaci Lancheru mě to nepustilo ani po vypnutí antiviru a firewalu. Od AVG nc nepoužívám.

hrdinaj · #13 Příspěvek od **hrdinaj** » 02 říj 2016 10:18

K instalaci Lancheru mě to nepustilo ani po vypnutí antiviru a firewalu. Od AVG nc nepoužívám.

hrdinaj · #14 Příspěvek od **hrdinaj** » 02 říj 2016 10:18

tak znovu Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2016
Ran by m (02-10-2016 11:17:05)
Running from C:\Users\m\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-03 21:10:04)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-437069544-115546471-2938306295-500 - Administrator - Disabled)
Guest (S-1-5-21-437069544-115546471-2938306295-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437069544-115546471-2938306295-1003 - Limited - Enabled)
m (S-1-5-21-437069544-115546471-2938306295-1000 - Administrator - Enabled) => C:\Users\m
UpdatusUser (S-1-5-21-437069544-115546471-2938306295-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arta Software version 1.8.5 (HKLM-x32\...\ArtaSoftware_is1) (Version: - ARTALABS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.101.2.40207 - AVG Technologies)
AVG Zen (Version: 1.101.4 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bandizip (HKLM\...\Bandizip) (Version: 5.11 - Bandisoft.com)
BlazeDTV 6.0 (HKLM-x32\...\BlazeDTV 6.0_is1) (Version: - )
Blue Cat's Triple EQ AAX-x64 4.1 (HKLM\...\{366D6311-94B1-45ce-82A4-F582106EEBA4}) (Version: 4.1 - Blue Cat Audio)
Blue Cat's Triple EQ DX-x64 4.1 (HKLM\...\{483187CD-8C96-49A3-966D-E9A27511607B}) (Version: 4.1 - Blue Cat Audio)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CD Ripper a WAV - MP3 Encoder (08.01.2008) (HKLM-x32\...\CD Ripper a WAV - MP3 Encoder_is1) (Version: - Radek Hemelík)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Distortion Control Data (HKLM-x32\...\{B08B4896-886C-4644-8664-BBA4CE99D318}) (Version: 1.00.0000 - Nikon)
DVB Dream version 1.5e (HKLM-x32\...\DVB Dream_is1) (Version: - )
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.3.1185 - Steinberg Media Technologies GmbH)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Free DVD MP3 Ripper 1.12 (HKLM-x32\...\Free DVD MP3 Ripper_is1) (Version: - Jodix Technologies Ltd.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Freemore MP3 Cutter 3.8.1 (HKLM-x32\...\Freemore MP3 Cutter_is1) (Version: - FreeMoreSoft, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
ICQ (verze 10.0.12114) (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\icq.desktop) (Version: 10.0.12114 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Lexicon Alpha Driver (HKLM-x32\...\Lexicon Alpha Driver) (Version: - Lexicon)
Lexicon Alpha Driver (Version: 2.6 - Lexicon) Hidden
Lexicon Pantheon VST Plug-in (remove only) (HKLM-x32\...\LexiconStudio) (Version: - )
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 49.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 cs)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MP3 to WAV Converter 2.85 (HKLM-x32\...\MP3 to WAV Converter_is1) (Version: 2.85 - AbyssMedia.com)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multi-channel USB Audio v3.20.0 (HKLM-x32\...\Software_Soundcraft_SoundcraftUSBAudio_Setup) (Version: 3.20.0 - Soundcraft)
Nero InCD (HKLM\...\{59482AA7-3E30-4B5E-A52F-4101DACC2707}) (Version: 6.6.5100 - Nero AG)
Nokia Care Suite 5.0 (HKLM-x32\...\{A0841FEE-879B-4825-86AE-90B8A44021F8}) (Version: 2012.40.5.8 - Nokia)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NVIDIA Ovladače grafiky 311.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Opera Stable 38.0.2220.31 (HKLM-x32\...\Opera 38.0.2220.31) (Version: 38.0.2220.31 - Opera Software)
Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software)
Ovládací panel NVIDIA 311.30 (Version: 311.30 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PicosmosTools 1.3.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.3.0.0 - Free Time)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
PreSonus Studio One 3 (HKLM-x32\...\PreSonus Studio One 3) (Version: 3.0.0.33329 - PreSonus Audio Electronics)
PreSonus Studio One 3 x64 (HKLM\...\PreSonus Studio One 3) (Version: 3.0.0.33329 - PreSonus Audio Electronics)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.45.00(23.5.2014) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Software Informer 1.4.1273.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Sound Normalizer 6.9 (HKLM-x32\...\Sound Normalizer_is1) (Version: 6.9 - Kanz Software)
Soundcraft USB Audio Driver v6.14.0.0 (HKLM-x32\...\Soundcraft USB Audio Driver v6.14.0.0) (Version: 6.14.0.0 - Soundcraft)
SpeakerManagement V1.3 (HKLM-x32\...\SpeakerManagement V1.3) (Version: - )
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase 8.5 64bit (HKLM\...\{81643F2F-C292-46B7-AFB4-8ED2F1FF8AAA}) (Version: 8.5.10 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE 5 (HKLM-x32\...\{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM-x32\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.0.10 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Transit 64bit (HKLM\...\{FF1A114C-0F88-11E5-A6C0-1697F925EC7B}) (Version: 1.0.12 - Steinberg Media Technologies GmbH)
Tracks Live (HKLM\...\{7CDFC114-1808-4C24-B69C-9EE265F890FC}) (Version: 1.2 - Waves Audio)
VDownloader 4.1.1539 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VirtualDJ LE (N4) (HKLM-x32\...\{70D728E5-253A-4296-8D1E-F37DADA6F3F5}) (Version: 7.0.5 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
WhatsApp (HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\WhatsApp) (Version: 0.2.1455 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
wOBD (HKLM-x32\...\ST6UNST #1) (Version: - )
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
Yamaha USB-MIDI Driver (Version: 3.1.4.1 - Yamaha Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-437069544-115546471-2938306295-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11ADFA52-B4FB-4F70-A387-BAC8CD635106} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: {14C33C95-D60B-4BE2-8664-A39B7EB108A7} - System32\Tasks\Opera scheduled Autoupdate 1415390993 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {287CB1BA-7C34-4DFC-B6A8-99BD24065573} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2AACAAF4-72A6-49B6-8368-741408C50BD4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {564A30B6-AB9B-47AE-8A60-9C553EB8A1F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {56D19ABA-E302-47E2-8D22-DEAD7ECEF08A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {5A1F9590-A9BF-4081-8A48-91C09BC9AE91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {82657D1D-CC01-4678-857C-CB4A7C90376F} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {8EA01773-54AD-4DC1-A0EA-0132543343D8} - System32\Tasks\SafeZone scheduled Autoupdate 1459754108 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {A55D50FC-75D0-4BCB-AC88-7518EAFE1AC3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {AF3B488E-FDBD-4777-88DD-4CD66D915A08} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2015-03-30] (Informer Technologies, Inc.)
Task: {B4A9E5E5-C44F-4152-BD47-DE26A615A8AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-04] (AVAST Software)
Task: {B832EFFE-E7E7-434B-A0D3-6345A9D1EC98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {E95325B3-D2F1-42FD-A267-280973EC75F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/
Shortcut: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/

ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\m\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2015-11-25 14:20 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2014-11-04 22:23 - 2013-02-20 21:24 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-04 20:54 - 2013-05-14 11:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-02-28 10:07 - 2012-02-28 10:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-01-08 13:52 - 2016-04-08 08:50 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-06-30 17:49 - 2016-06-30 17:49 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-08 20:56 - 2016-09-08 20:56 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-08 20:56 - 2016-09-08 20:56 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-02 09:53 - 2016-10-02 09:53 - 03118360 _____ () C:\Program Files\AVAST Software\Avast\defs\16100104\algo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-437069544-115546471-2938306295-1000\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-09-14 14:40 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-437069544-115546471-2938306295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\m\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 109.205.75.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Firefox Preloader.lnk => C:\Windows\pss\Firefox Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Audio Control Panel Autostart.lnk => C:\Windows\pss\Soundcraft USB Audio Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Soundcraft USB Control Panel.lnk => C:\Windows\pss\Soundcraft USB Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^m^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: BlazeServoTool => "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Flvto YouTube Downloader => "C:\Users\m\AppData\Local\Flvto\FlvtoYoutubeDownloader.exe" /minimize
MSCONFIG\startupreg: icq => C:\Users\m\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: icq.desktop => "C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe" /startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader4.exe" /silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1445AB92-FC2D-4D9A-B4B8-4B0F690A836F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B7735037-14F6-4CC4-BC1A-40E93C847C17}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{52D2FBA8-E31E-4E17-82D9-2A0F9890844E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49549868-97C1-49BF-B415-AFBFC373B77A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ADDE7ED4-46E9-4656-9C97-456FBA453A44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A80D5997-4382-48A0-8B83-F4598C2FE99C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3518227-15BA-4E13-AA38-31BD481FFF72}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{47FFF7A7-F96B-4E49-9BBB-CF96369C5DB0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E88AE31C-5FE0-4E92-BCD8-6299B913EA52}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{206325AE-8C1E-48E2-B6EF-F3A4C13FC7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{D0AA8663-AA6E-4E92-A593-F80760D7033A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{957F6428-E58A-472D-BF64-7ABFB3117530}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7D889260-EDAF-4335-85E2-74F7186A2293}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FAF6C809-9CDA-4CDC-AC27-00958FB26445}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2969165D-0CEA-483E-B95B-36F3EE83DCD7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0B9F8651-9E35-4713-BEC2-7544733B8F37}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9718987-A706-4E5E-B197-F06A46C9ADCE}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{E0EF0E0B-773B-427F-8F5D-015BF05B1741}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [TCP Query User{F925D4D7-4FB9-470F-B561-30D4C27084EE}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [UDP Query User{DF37F468-0F30-4483-AD8A-EBF3298C0E1B}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe
FirewallRules: [TCP Query User{DC6D1239-988B-48B1-A6D8-5E4451BB67DE}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{8784F955-8CF5-4600-8911-E98C31689AF3}C:\program files (x86)\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [{2A091988-4C91-4C6D-B804-748E61C46C79}] => (Allow) LPort=51111
FirewallRules: [{6FDDEF15-0DBF-40AD-8199-9B1838A2E08D}] => (Allow) LPort=51112
FirewallRules: [{EFA247ED-742D-4AE7-8A57-E5E454D8C1D8}] => (Allow) LPort=51113
FirewallRules: [{1DA57247-9072-4558-9681-6EF631D7E977}] => (Allow) C:\Program Files\Steinberg\Cubase 8.5\Cubase8.5.exe
FirewallRules: [{2C28C83C-CE44-42B9-BE86-FCE7BFD36AF3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5842C6AB-DC34-4CD7-9DB2-5F1C39E8207C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F1152C46-4681-49D8-940D-FD558204923A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{7B2AD1CA-231F-4BFC-BF47-DDBF5A0B07C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{3BB0E174-CE0C-4934-B89C-826298115763}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{CA1623C8-6835-4127-A9ED-71F213912254}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{E2C9C1C5-005D-4D45-B1AC-1874205DCC6B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{255820FD-7323-4746-994D-ADE21D827566}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{4F8AF6C3-30FE-4B47-8668-ECCB7164BA6A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{C1AE4854-1F07-4FB5-B5B1-612F4495D0D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{89885AB9-CF7F-430E-82C6-52B0592A8550}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{F0ABDE51-B6D7-41D8-B120-7CB58E2EF63D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{766E061C-A817-44D3-9B35-723D42ACB92A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{5C34C3B6-A77A-4229-8331-332D9A491609}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{69569208-7DBF-453C-9995-454C45468075}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{23879F8F-C9F2-4EC0-AE7C-1616030A7DE2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{DE3E7CFE-E1BF-4A95-B2EB-DF8142344201}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{FE1A7505-155B-450F-8EA0-E96C14AAA5A2}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{5D9B9FA3-7AD0-4229-8BE6-48C8E5CB7BF6}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{1ED373B2-C8AF-40B9-B6E4-31FC4A6CDF43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{5450241B-E61F-45D3-BAFA-5C98FD2084C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-07-2016 07:48:02 ASU_MSI_TRAN
07-08-2016 19:23:55 Naplánovaný kontrolní bod
15-08-2016 19:31:38 Naplánovaný kontrolní bod
24-08-2016 12:46:18 Naplánovaný kontrolní bod
30-08-2016 09:38:07 ASU_MSI_TRAN
05-09-2016 21:34:50 Windows Zálohování
17-09-2016 12:19:58 Instalace balíčku ovladače zařízení: MediaTek Inc. Síťové adaptéry
17-09-2016 12:20:27 Instalace balíčku ovladače zařízení: Microsoft Přenosná zařízení
24-09-2016 23:33:40 ASU_MSI_TRAN
01-10-2016 14:41:03 Removed Avolites Personality Builder

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/02/2016 11:08:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 49.0.1.6109, časové razítko: 0x57e44563
Název chybujícího modulu: mozglue.dll, verze: 49.0.1.6109, časové razítko: 0x57e43eea
Kód výjimky: 0x80000003
Posun chyby: 0x0000e846
ID chybujícího procesu: 0x102c
Čas spuštění chybující aplikace: 0x01d21c83ab5d66e3
Cesta k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
ID zprávy: b9f40b78-887f-11e6-aa9e-b888e3a0af7a

Error: (10/02/2016 09:53:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WzBGTools.exe, verze: 20.5.12119.0, časové razítko: 0x57220624
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23392, časové razítko: 0x56eb3604
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x157c
Čas spuštění chybující aplikace: 0x01d21c81e9ef0fa8
Cesta k chybující aplikaci: C:\Program Files\WinZip\WzBGTools.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 403af92d-8875-11e6-aa9e-b888e3a0af7a

Error: (10/02/2016 09:53:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: WzBGTools.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
na System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
na ew.ah(WzBGTool.BGTListRule)
na ew.ah(WzBGTool.BGTListRule)
na ev.ah(WzBGTool.BGTListRule)
na WzBGTool.WzBGToolTemporary.s()
na WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
na WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
na e0.c()
na e1.b()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (10/01/2016 09:39:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WzBGTools.exe, verze: 20.5.12119.0, časové razítko: 0x57220624
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23392, časové razítko: 0x56eb3604
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x161c
Čas spuštění chybující aplikace: 0x01d21bb6c51922e4
Cesta k chybující aplikaci: C:\Program Files\WinZip\WzBGTools.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 3dd418ec-87aa-11e6-aa9e-b888e3a0af7a

Error: (10/01/2016 09:39:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: WzBGTools.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
na System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
na ew.ah(WzBGTool.BGTListRule)
na ew.ah(WzBGTool.BGTListRule)
na ev.ah(WzBGTool.BGTListRule)
na WzBGTool.WzBGToolTemporary.s()
na WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
na WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
na e0.c()
na e1.b()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (10/01/2016 09:08:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: icq.exe, verze: 10.0.12091.0, časové razítko: 0x57611adc
Název chybujícího modulu: corelib.dll, verze: 10.0.12114.0, časové razítko: 0x57d64ffa
Kód výjimky: 0xc0000005
Posun chyby: 0x00007cbd
ID chybujícího procesu: 0xd9c
Čas spuštění chybující aplikace: 0x01d21bb28a03f92c
Cesta k chybující aplikaci: C:\Users\m\AppData\Roaming\ICQ\bin\icq.exe
Cesta k chybujícímu modulu: C:\Users\m\AppData\Roaming\ICQ\bin\corelib.dll
ID zprávy: d9487777-87a5-11e6-aa9e-b888e3a0af7a

Error: (10/01/2016 09:07:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/30/2016 08:06:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WzBGTools.exe, verze: 20.5.12119.0, časové razítko: 0x57220624
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23392, časové razítko: 0x56eb3604
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x1eac
Čas spuštění chybující aplikace: 0x01d21ae0b4610303
Cesta k chybující aplikaci: C:\Program Files\WinZip\WzBGTools.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: fca78bd9-86d3-11e6-bca1-b888e3a0af7a

Error: (09/30/2016 08:06:09 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: WzBGTools.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.UnauthorizedAccessException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
na System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
na System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
na ew.ah(WzBGTool.BGTListRule)
na ew.ah(WzBGTool.BGTListRule)
na ev.ah(WzBGTool.BGTListRule)
na WzBGTool.WzBGToolTemporary.s()
na WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
na WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
na e0.c()
na e1.b()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (09/29/2016 08:10:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WzBGTools.exe, verze: 20.5.12119.0, časové razítko: 0x57220624
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23392, časové razítko: 0x56eb3604
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x1258
Čas spuštění chybující aplikace: 0x01d21a181c81cff1
Cesta k chybující aplikaci: C:\Program Files\WinZip\WzBGTools.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 5c0db8cf-860b-11e6-bca1-b888e3a0af7a

System errors:
=============
Error: (10/02/2016 10:43:07 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (10/02/2016 10:34:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (09/28/2016 08:03:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače LENOVO-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{6F01AEF7-0D77-47A4-B029-C65780083693}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (09/28/2016 07:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/28/2016 07:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/28/2016 07:06:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/28/2016 07:06:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/28/2016 07:06:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/28/2016 07:06:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Registry InCD Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/28/2016 07:06:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek WMI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

CodeIntegrity:
===================================
Date: 2015-10-24 10:45:08.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 10:45:08.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.312
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:02.247
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:01.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:32:01.760
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:31:57.694
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:31:57.628
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 20:31:57.562
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 32%
Total physical RAM: 8010.36 MB
Available physical RAM: 5409 MB
Total Virtual: 16018.9 MB
Available Virtual: 13441.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:585.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F63ECFB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#15 Příspěvek od **Márty84** » 02 říj 2016 10:38

O Launcher neslo, FRST melo byt na plose. Ono to ma svuj vyznam

Ja tam ale neco od AVG vidim, pokud to tam tedy neni zamerne, odinstalujte to.
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
2016-09-21 14:26 - 2016-10-02 09:52 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-09-30 23:18 - 2016-01-08 13:53 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-30 23:18 - 2016-01-08 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
C:\Users\m\AppData\Local\Temp\avguirn_081806964490.exe
C:\Users\m\AppData\Local\Temp\avguirn_08940571581.exe
AVG (HKLM\...\AvgZen) (Version: 1.101.2.40207 - AVG Technologies)
AVG Zen (Version: 1.101.4 - AVG Technologies) Hidden
Task: {A55D50FC-75D0-4BCB-AC88-7518EAFE1AC3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-09-13 1149712]

Napiste mi velikost adresare plochy (C:\Users\m\Plocha)

Presunte FRST na plochu, jinak to nebude fungovat!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\tasks\Norton Security Scan for m.job

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto YouTube Downloader
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

VIRY.CZ

Seká se a musím provádět tvrdý restart prosím o kontrolu.

Seká se a musím provádět tvrdý restart prosím o kontrolu.

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu

Re: Seká se a musím provádět tvrdý restart prosím o kontrolu