PrivDoG - odstranění

Zpráva

petr_2 · #1 Příspěvek od **petr_2** » 14 zář 2017 07:57

Dobrý den,
kaspersky mi začal hlásit posledí dobou problém s PrivDog, který bohužel neumí vyřešit a tak se hlášení objevuje opakovaně, zkoušel jsem odinstalaci jak ve W7 64bit, tak přes CCleaner, ale vybíhá hlášení "There is a problem with this windows installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor" Jinak žádný problém nepozoruju, můžete mi prosím poradit jako se PrivDog zbavit? log přikládám

děkuji

P.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PETR at 2017-09-14 08:49:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 43 GB (25%) free of 172 GB
Total RAM: 8131 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:20, on 14.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18763)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Games\World_of_Warships\WargamingGameUpdater.exe
C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
C:\Program Files\trend micro\PETR.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [World of Warships] "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\PETR\AppData\Roaming\ICQM\icq.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\PETR\AppData\Roaming\ICQM\icq.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{15F0AE59-4EC7-49E9-BDFC-05184C02EBD5}: NameServer = 8.8.8.0,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{15F0AE59-4EC7-49E9-BDFC-05184C02EBD5}: NameServer = 8.8.8.0,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{15F0AE59-4EC7-49E9-BDFC-05184C02EBD5}: NameServer = 8.8.8.0,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe
O23 - Service: Služba Kaspersky Anti-Virus 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Privacy Content Firewall - AdTrustMedia - C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13766 bytes

======Listing Processes======

"taskhost.exe"

taskeng.exe {B5DA9697-0BE0-4F58-AD0C-0DBE3015CEA8}

taskeng.exe {055ECDC5-6F4B-4F7E-A3BE-9DE5F4CF1038}
"C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe"
C:\Windows\SysWOW64\UMonit64.exe

"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe" -hidden
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Games\World_of_Warships\WargamingGameUpdater.exe"
"C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"

"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe" -s

"C:\Program Files\CCleaner\CCleaner.exe" /uac

"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files\Sandboxie\SandboxieRpcSs.exe"
"C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Sandboxie\32\SbieSvc.exe" Sandboxie_ComProxy_S-1-5-21-656962603-3355934871-314002735-1000_DefaultBox_1_1_:

"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe" -hidden

"C:\Windows\system32\wuauclt.exe"
"C:\Users\PETR\Downloads\RSITx64.exe"

"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files\Sandboxie\SbieSvc.exe" Sandboxie_ComProxy_S-1-5-21-656962603-3355934871-314002735-1000_DefaultBox_1_0_:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default

prefs.js - "browser.startup.homepage" - "about:preferences"

"light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\
paulsaintuzb@gmail.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{311BA51F-64F2-439D-9A4A-772373D77312}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-03 210120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-03 1060032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-03 3226824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17 1093800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-03 660168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17 937128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29 1028968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-05 7156296]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-15 2398776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-04-20 2988488]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2017-04-12 799368]
"World of Warships"=C:\Games\World_of_Warships\WargamingGameUpdater.exe [2017-09-11 3136264]
"OneDrive"=C:\Users\PETR\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-08 1674960]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-09-07 9855192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_Plugin.exe -update plugin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"PrivDogService"=C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [2014-06-17 662184]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2015-02-12 5564784]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-09-10 08:37:18 ----D---- C:\Program Files (x86)\4KDownload
2017-08-26 10:00:09 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2017-09-14 08:49:20 ----D---- C:\Program Files\trend micro
2017-09-14 08:49:19 ----D---- C:\Windows\system32\drivers\etc
2017-09-14 08:49:19 ----D---- C:\Windows\system32\drivers
2017-09-14 08:49:19 ----D---- C:\Windows\system32
2017-09-14 08:49:19 ----D---- C:\Windows
2017-09-14 08:49:18 ----D---- C:\Windows\Temp
2017-09-14 08:49:18 ----D---- C:\Program Files
2017-09-14 08:49:17 ----D---- C:\rsit
2017-09-14 08:47:53 ----D---- C:\Windows\system32\config
2017-09-14 08:47:10 ----D---- C:\ProgramData\Kaspersky Lab
2017-09-14 08:46:04 ----SHD---- C:\Windows\Installer
2017-09-14 08:45:01 ----SHD---- C:\System Volume Information
2017-09-14 08:45:01 ----D---- C:\ProgramData\NVIDIA
2017-09-14 08:33:45 ----D---- C:\Users\PETR\AppData\Roaming\AdTrustMedia
2017-09-14 08:06:57 ----D---- C:\Windows\system32\Tasks
2017-09-14 08:01:41 ----D---- C:\Windows\SysWOW64
2017-09-14 08:01:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-09-14 08:01:39 ----D---- C:\Windows\system32\Macromed
2017-09-14 08:01:38 ----D---- C:\Windows\SYSWOW64\Macromed
2017-09-14 07:55:23 ----D---- C:\Windows\inf
2017-09-14 07:55:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-10 15:37:08 ----A---- C:\Windows\Sandboxie.ini
2017-09-10 08:37:19 ----SHD---- C:\Config.Msi
2017-09-10 08:36:46 ----D---- C:\Windows\system32\CatRoot2
2017-09-09 13:13:20 ----D---- C:\Program Files (x86)\Opera
2017-09-09 13:08:41 ----D---- C:\ProgramData\Adtrustmedia
2017-09-03 15:41:45 ----D---- C:\Program Files (x86)\Microsoft Office
2017-09-03 08:47:16 ----D---- C:\Windows\Microsoft.NET
2017-09-03 08:44:57 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-08-26 10:54:17 ----D---- C:\Program Files (x86)
2017-08-26 10:54:14 ----A---- C:\Windows\wininit.ini
2017-08-18 19:50:07 ----D---- C:\Aktuální rodokmen

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2013-01-10 47512]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2016-06-10 238936]
S0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-01-31 652784]
S0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-01-31 28656]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
S0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2016-06-02 554416]
S0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2016-06-07 63920]
S0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
S1 admnfd;admnfd; \??\C:\Windows\system32\Drivers\admnfd.sys [2014-12-04 49496]
S1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-21 15232]
S1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2012-09-14 14464]
S1 browserMon;browserMon; C:\Windows\system32\DRIVERS\browserMon.sys [2015-02-26 20728]
S1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2016-06-15 86352]
S1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2017-07-27 314840]
S1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2017-07-27 1038528]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2017-03-29 57936]
S1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2016-05-31 45488]
S1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2016-05-17 75696]
S1 Klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2017-03-29 135904]
S1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2017-07-27 199640]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-05-31 78216]
S3 AiChargerPlus;AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [2013-01-28 14848]
S3 ASMTFilter;ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [2013-01-28 21400]
S3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2017-04-25 534512]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2016-08-22 215608]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-05 3338952]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
S3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2017-07-27 195264]
S3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2016-05-19 52144]
S3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
S3 kltap;Kaspersky Security Data Escort Adapter; C:\Windows\system32\DRIVERS\kltap.sys [2016-06-07 52152]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2017-01-24 36496]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS); C:\Windows\system32\drivers\LGJoyXlCore.sys [2017-01-24 67736]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2017-01-24 26008]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-03-12 64624]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-10-20 212936]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-15 28216]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2017-04-12 206984]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbser;DJI USB Virtual COM Driver; C:\Windows\system32\DRIVERS\usbser.sys [2015-08-02 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
S2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2013-05-07 945152]
S2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe [2013-05-09 1639424]
S2 AVP17.0.0;Služba Kaspersky Anti-Virus 17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [2016-06-28 241544]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2015-05-08 345376]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-08-28 4424384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-01-03 183200]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
S2 KSDE1.0.0;Služba Kaspersky Secure Connection 1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [2016-06-28 241544]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-18 459832]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-15 1881144]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-15 2522680]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-03-04 922968]
S2 Privacy Content Firewall;Privacy Content Firewall; C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe [2015-02-26 2059392]
S2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2017-04-12 197768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2015-02-12 302968]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-14 272384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-07-14 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [2016-06-28 77328]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-05 175568]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-15 3634232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-08-28 213696]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Kodlz · #2 Příspěvek od **Kodlz** » 14 zář 2017 09:55

Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit jako text rovnou sem do vlakna.

petr_2 · #3 Příspěvek od **petr_2** » 14 zář 2017 10:23

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2017 02
Ran by PETR (administrator) on PETR-PC (14-09-2017 11:21:07)
Running from C:\Users\PETR\Desktop
Loaded Profiles: PETR (Available Profiles: PETR)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Wargaming.net) C:\Games\World_of_Warships\WargamingGameUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AdTrustMedia) C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Sandbox\PETR\DefaultBox\drive\C\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\PETR\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2988488 2011-04-20] (SUPERAntiSpyware.com)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799368 2017-04-12] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-09-11] (Wargaming.net)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9855192 2017-09-07] (Piriform Ltd)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\MountPoints2: {536bc210-061d-11e3-856d-806e6f6e6963} - F:\.\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{15F0AE59-4EC7-49E9-BDFC-05184C02EBD5}: [NameServer] 8.8.8.0,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: No Name -> {311BA51F-64F2-439D-9A4A-772373D77312} -> No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-03] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-03] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-03] (Microsoft Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-03] (Microsoft Corporation)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile:
FF ProfilePath: C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default [2017-09-14]
FF Homepage: Mozilla\Firefox\Profiles\quf2dmar.default -> about:preferences
FF Extension: (Youtube Mp3 Downloader) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi [2016-01-26]
FF Extension: (Youtube Downloader - 4K Download) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\paulsaintuzb@gmail.com [2016-10-15]
FF Extension: (PrivDog) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-06-21] [not signed]
FF Extension: (No Name) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2017-09-03]
FF Extension: (Adblock Plus) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-24]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-27]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Firefox\Extensions: [PrivDog@AdTrustMedia.com] - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions
FF Extension: (No Name) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions [2017-09-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default [2017-09-14]
CHR Extension: (Dokumenty Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-22]
CHR Extension: (Disk Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Ochrana Kaspersky) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (DjVu Viewer Extension) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghccooedabolhnplggblcggcbplekbk [2016-12-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10]
CHR Extension: (Gmail) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-10]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe [1639424 2013-05-09] (ASUSTeK Computer Inc.) [File not signed]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-10-18] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S2 Privacy Content Firewall; C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe [2059392 2015-02-26] (AdTrustMedia)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197768 2017-04-12] (Sandboxie Holdings, LLC)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 admnfd; C:\Windows\system32\Drivers\admnfd.sys [49496 2014-12-04] (Windows (R) Win 7 DDK provider)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 browserMon; C:\Windows\System32\DRIVERS\browserMon.sys [20728 2015-02-26] (Windows (R) Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [534512 2017-04-25] (Intel Corporation)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GenesysLogic)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195264 2017-07-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [314840 2017-07-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1038528 2017-07-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-29] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199640 2017-07-27] (AO Kaspersky Lab)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [206984 2017-04-12] (Sandboxie Holdings, LLC)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-14 11:21 - 2017-09-14 11:21 - 000023880 _____ C:\Users\PETR\Desktop\FRST.txt
2017-09-14 11:20 - 2017-09-14 11:21 - 000000000 ____D C:\FRST
2017-09-14 11:20 - 2017-09-14 11:19 - 000112640 _____ (forum.viry.cz) C:\Users\PETR\Desktop\FRSTLauncher.exe
2017-09-14 11:19 - 2017-09-14 11:19 - 000112640 _____ (forum.viry.cz) C:\Users\PETR\Downloads\Nepotvrzeno 71049.crdownload
2017-09-14 11:19 - 2017-09-14 11:19 - 000112640 _____ (forum.viry.cz) C:\Users\PETR\Downloads\FRSTLauncher.exe
2017-09-14 11:04 - 2017-09-14 11:04 - 002398208 _____ (Farbar) C:\Users\PETR\Desktop\FRST64.exe
2017-09-14 08:48 - 2017-09-14 08:48 - 001222144 _____ C:\Users\PETR\Downloads\RSITx64.exe
2017-09-14 08:16 - 2017-09-14 08:16 - 000128094 _____ C:\Users\PETR\Desktop\cc_20170914_081612.reg
2017-09-14 08:10 - 2017-09-14 08:10 - 009826968 _____ (Piriform Ltd) C:\Users\PETR\Downloads\ccsetup534.exe
2017-09-10 15:37 - 2017-09-10 15:36 - 000014882 _____ C:\Users\PETR\Desktop\Oprava_Oscadal_Lenoch.xlsx
2017-09-10 08:37 - 2017-09-10 08:37 - 000000986 _____ C:\Users\PETR\Desktop\4K Video Downloader.lnk
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Users\PETR\AppData\Local\4kdownload.com
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Program Files (x86)\4KDownload
2017-09-10 08:36 - 2017-09-10 08:36 - 028614656 _____ C:\Users\PETR\Desktop\4kvideodownloader_4.3.msi
2017-09-09 13:11 - 2017-09-09 13:11 - 000262144 _____ C:\Windows\system32\config\elam
2017-08-27 11:51 - 2017-09-02 19:17 - 000261048 _____ C:\Users\PETR\Desktop\Rodokmen_Precechtelu finální.xlsx
2017-08-25 21:22 - 2017-08-25 21:22 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-25 21:22 - 2017-08-25 21:22 - 000002172 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-19 17:08 - 2017-08-19 17:08 - 000574861 _____ C:\Users\PETR\Desktop\Františka Přecechtělová.zip
2017-08-19 17:07 - 2017-08-19 17:07 - 000162062 _____ C:\Users\PETR\Desktop\Františka Přecechtělová.bmp
2017-08-19 17:02 - 2017-08-19 17:02 - 001265590 _____ C:\Users\PETR\Desktop\MZA Olšany u Prostějova 9420_52.bmp
2017-08-18 17:10 - 2017-08-18 17:33 - 433936258 _____ C:\Users\PETR\Desktop\Kraus Ivan - Má rodina a jiná zemětřesení.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-14 11:18 - 2014-01-06 20:15 - 000004456 _____ C:\Windows\Sandboxie.ini
2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-14 11:16 - 2009-07-14 17:18 - 000759262 _____ C:\Windows\system32\perfh005.dat
2017-09-14 11:16 - 2009-07-14 17:18 - 000195338 _____ C:\Windows\system32\perfc005.dat
2017-09-14 11:16 - 2009-07-14 07:13 - 001732774 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 11:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-14 11:12 - 2017-05-13 10:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-14 11:10 - 2013-08-16 06:13 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-14 11:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-14 11:01 - 2017-04-21 18:38 - 000000283 _____ C:\Users\PETR\Desktop\Nový textový dokument.txt
2017-09-14 09:49 - 2017-08-11 16:51 - 000000000 ____D C:\Users\PETR\Desktop\aaa111
2017-09-14 09:01 - 2017-05-13 10:43 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-09-14 08:33 - 2015-02-13 18:17 - 000000000 ____D C:\Users\PETR\AppData\Roaming\AdTrustMedia
2017-09-14 08:14 - 2015-05-05 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-14 08:14 - 2013-08-24 11:17 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-14 08:01 - 2013-08-24 15:00 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-14 08:01 - 2013-08-24 15:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-14 08:01 - 2013-08-24 15:00 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-14 08:01 - 2013-08-24 15:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-14 08:01 - 2013-08-24 15:00 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-14 07:57 - 2014-07-07 15:14 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{382F0AF8-9C3B-4ECF-B383-B4394BD7CC52}
2017-09-09 13:13 - 2015-12-19 10:56 - 000000000 ____D C:\Program Files (x86)\Opera
2017-09-09 13:08 - 2013-11-19 18:19 - 000000000 ____D C:\ProgramData\Adtrustmedia
2017-09-08 21:10 - 2017-07-27 18:09 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-656962603-3355934871-314002735-1000
2017-09-08 21:10 - 2017-02-08 18:20 - 000002139 _____ C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 19:06 - 2017-01-06 19:29 - 000000000 ____D C:\Aktuální rodokmen
2017-09-05 10:44 - 2017-07-01 15:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-05 10:44 - 2013-08-16 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-03 15:41 - 2013-08-16 06:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-03 08:44 - 2017-02-08 18:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-29 19:12 - 2015-12-23 09:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 18:44 - 2013-08-16 05:46 - 000000000 ____D C:\Users\PETR
2017-08-29 18:31 - 2014-06-26 22:19 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 18:31 - 2014-06-26 22:19 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-25 21:54 - 2013-08-16 06:46 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-25 21:54 - 2013-08-16 06:46 - 000001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-25 21:22 - 2017-01-07 11:39 - 000003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1483781997
2017-08-25 21:22 - 2014-03-29 12:37 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-19 00:20 - 2016-12-26 11:11 - 000000000 ____D C:\Users\PETR\AppData\LocalLow\Mozilla

==================== Files in the root of some directories =======

2014-06-26 22:18 - 2014-06-26 22:21 - 006010880 _____ () C:\Program Files (x86)\GUT57E0.tmp
2017-02-03 18:38 - 2017-02-03 18:38 - 000007597 _____ () C:\Users\PETR\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-03 09:03

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:167.58 GB) (Free:41.28 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:49 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:179.36 GB) NTFS

Available physical RAM: 5337.5 MB
Total physical RAM: 8130.59 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 10C9FCFF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCEC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCE0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility(65).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\browserMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\ari_va.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\posledni-aristokratka.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SANDRA-GREATEST-HITS--'92.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\Vydedenec.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Adobe:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Macromedia:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Microsoft:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\vlc:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Local\Google:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow\Microsoft:BZ-VIRTUAL-LINK [0]

==================== Security Center ==================

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PETR\Desktop" je 3086 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"9000:TCP"="9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)"
"9001:TCP"="9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)"
"9002:TCP"="9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)"
"9003:TCP"="9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)"
"9004:TCP"="9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)"
"9005:TCP"="9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)"
"9006:TCP"="9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)"
"9007:TCP"="9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)"
"9008:TCP"="9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)"
"9009:TCP"="9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)"
"9010:TCP"="9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)"
"9100:TCP"="9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)"
"8000:TCP"="8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)"
"10000:TCP"="10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)"
"9090:TCP"="9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)"
"3483:UDP"="3483:UDP:*:Enabled:Logitech Media Server 3483 udp"
"3483:TCP"="3483:TCP:*:Enabled:Logitech Media Server 3483 tcp"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9000:TCP"="9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)"
"9001:TCP"="9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)"
"9002:TCP"="9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)"
"9003:TCP"="9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)"
"9004:TCP"="9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)"
"9005:TCP"="9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)"
"9006:TCP"="9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)"
"9007:TCP"="9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)"
"9008:TCP"="9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)"
"9009:TCP"="9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)"
"9010:TCP"="9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)"
"9100:TCP"="9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)"
"8000:TCP"="8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)"
"10000:TCP"="10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)"
"9090:TCP"="9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)"
"3483:UDP"="3483:UDP:*:Enabled:Logitech Media Server 3483 udp"
"3483:TCP"="3483:TCP:*:Enabled:Logitech Media Server 3483 tcp"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2017 02
Ran by PETR (14-09-2017 11:21:30)
Running from C:\Users\PETR\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-16 03:46:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-656962603-3355934871-314002735-500 - Administrator - Disabled)
Guest (S-1-5-21-656962603-3355934871-314002735-501 - Limited - Disabled)
PETR (S-1-5-21-656962603-3355934871-314002735-1000 - Administrator - Enabled) => C:\Users\PETR

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AI Suite III (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.44 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.57 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.09 - ASUSTeK Computer Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Balíček ovladače systému Windows - dji-innovations inc. (usbser) Ports (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Bontia Studio (HKLM-x32\...\{7e7f65e9-341a-44cf-bba9-c1ef10efc42e}) (Version: 5.1.4274.14945 - Bontia a.s.)
Bontia Studio 5.1 (HKLM-x32\...\{31B21DC3-71EA-4D87-BCF4-20C8A2CF5AA3}) (Version: 5.1.4274.1 - Bontia, a.s.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI)
DJI Phantom 2 Vision Assistant version 3.8 (HKLM-x32\...\{EDCE7221-F31F-407A-B348-30D011ED3126}_is1) (Version: 3.8 - DJI)
DJI RC System Assistant version 1.2 (HKLM-x32\...\{2849F48E-8A08-4C43-AC8D-97A367F0DCB6}_is1) (Version: 1.2 - DJI)
Document Express DjVu Plug-in (HKLM\...\{F4E8060A-33ED-4C50-8808-2AB1EDF29251}) (Version: 6.1.35472 - Cuminas Corporation)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.18) (Version: 9.18 - Artifex Software Inc.)
ICQ (verze 10.0.12156) (HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\icq.desktop) (Version: 10.0.12156 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visio Standard 2016 - cs-cz (HKLM\...\VisioStdRetail - cs-cz) (Version: 16.0.8326.2096 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 cs)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
Mp3tag v2.79 (HKLM-x32\...\Mp3tag) (Version: v2.79 - Florian Heidenreich)
My Net View (HKLM-x32\...\{7F9C9908-69E3-4474-A081-256F27995A18}) (Version: 1.0.12.0 - Western Digital)
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Opera Stable 47.0.2631.71 (HKLM-x32\...\Opera 47.0.2631.71) (Version: 47.0.2631.71 - Opera Software)
Ovládací panel NVIDIA 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 335.23 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.1 - Frank Heindörfer, Philip Chinery)
PrivDog (HKLM\...\{C01D249F-23DA-45B1-A5FF-12ECD647D5C6}) (Version: 3.0.108.0 - PrivDog.com)
PrivDog 2 Legacy Browser Plug-ins (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6853 - Realtek Semiconductor Corp.)
Sandboxie 5.18 (64-bit) (HKLM\...\Sandboxie) (Version: 5.18 - Sandboxie Holdings, LLC)
Scribus 1.4.5 (HKLM-x32\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.51.1000 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD My Cloud (HKLM\...\{68E25871-B2E9-4353-9DF3-72165918F1A6}) (Version: 1.0.4.34 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4ABD918F-CD70-40FD-87AC-A72AA8B19240}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
WOL Magic Packet Sender (HKLM-x32\...\{E268ADBD-A002-4684-AEDF-EA0F83F7E00B}) (Version: 1.5.0 - Zwalisoft)
World of Warships (HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
xrecode II 1.0.0.225 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-656962603-3355934871-314002735-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\PETR\AppData\Local\Microsoft\OneDrive\17.3.6966.0824\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0_sxBZOverlayIcon] -> {6457FB0A-5C02-4393-909C-2139A5D5571F} => -> No File
ShellIconOverlayIdentifiers: [0_sxConfidentialOIcon] -> {871FE18B-B68D-4437-BC76-6634996CDB97} => -> No File
ShellIconOverlayIdentifiers: [0_sxForbiddenOIcon] -> {1F03249C-6AB2-4E31-8C10-86F7E31E3B4E} => -> No File
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-03-04] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-29] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012B5C9E-F766-4E38-AF06-934B00BACD12} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-28] (Microsoft Corporation)
Task: {10D6593A-939E-48CA-8533-275148B60A0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-03] (Microsoft Corporation)
Task: {27DF5508-038F-4D6D-AF52-7CC474AE1C5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2AF3E4B8-7E4B-4590-B335-AA7200D5BDC2} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {3A013310-128A-425D-A6A2-E30051FA4F0E} - System32\Tasks\Opera scheduled Autoupdate 1483781997 => C:\Program Files (x86)\Opera\launcher.exe [2017-08-25] (Opera Software)
Task: {3A4F511F-4B82-4EC9-808C-83D342E8EB9E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-03] ()
Task: {3F8C6264-39ED-40F7-A50D-F24F820FA984} - System32\Tasks\Microsoft\Windows\Připojení NAS => explorer \\10.0.0.43\petr
Task: {54A8DFE2-9B33-417A-9038-FD610F124AE5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {6BDA75B7-5C50-41C3-89E5-4F6465CCD492} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7C5B2040-3DE7-4006-B644-04196555D1E1} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-05-07] (ASUSTeK Computer Inc.)
Task: {7C5CB9F4-3443-4734-91C7-FBC3EBB08F7D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated)
Task: {85784460-529B-443A-A28A-7AF33B806103} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-28] (Microsoft Corporation)
Task: {A4215A2B-DB6A-45B9-8AC9-53D41DF3042F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-07] (Piriform Ltd)
Task: {A47217E4-D11B-4BB6-9F5C-A8C83EDEC2C1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-03] ()
Task: {AD5C1EC0-B793-4970-940E-B50C9A4B8088} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-05-09] ()
Task: {C3242AF8-6DB9-48DA-9AB4-94306B9CA3F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-03] (Microsoft Corporation)
Task: {F3F97E5B-74E1-4DE5-9BAF-9A51FA61CD03} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2015-10-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Loaded Modules (Whitelisted) ==============

2017-02-13 20:01 - 2005-03-12 02:07 - 000087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-05-07 09:45 - 2013-05-07 09:45 - 000936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-10-22 09:08 - 2016-06-15 03:14 - 000369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 003613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 000289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 001990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 001842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 000208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 002667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 001218360 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-11-13 17:30 - 2015-10-21 08:55 - 000061744 _____ () C:\Windows\SysWOW64\UMonit64.exe
2013-10-20 16:32 - 2005-06-07 12:26 - 000043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2017-09-07 18:12 - 2017-09-07 18:12 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 000035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-10-22 09:08 - 2016-06-15 03:14 - 000921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 001221432 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
2013-08-16 05:53 - 2017-09-14 11:10 - 000028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2013-08-16 05:53 - 2013-05-07 09:45 - 000104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2013-08-16 05:53 - 2013-05-07 15:45 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2013-08-16 05:54 - 2013-05-09 11:13 - 002686464 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2013-08-16 05:53 - 2013-05-07 09:45 - 000662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2013-08-16 05:53 - 2013-05-07 15:45 - 000053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000497664 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\vvc2.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000784384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000769024 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2013-08-16 05:54 - 2013-05-09 11:08 - 000904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2015-12-09 11:41 - 2016-06-15 03:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility(65).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\browserMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\ari_va.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\posledni-aristokratka.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SANDRA-GREATEST-HITS--'92.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\Vydedenec.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Adobe:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Macromedia:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Microsoft:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\vlc:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Local\Google:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow\Microsoft:BZ-VIRTUAL-LINK [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-656962603-3355934871-314002735-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.0 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Spotify => "C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EFA6A6BA-56C8-4AE7-A7EB-79D0DD6A9170}] => (Allow) LPort=2869
FirewallRules: [{2244E050-9545-43E7-8DE2-E0E4C24391F5}] => (Allow) LPort=1900
FirewallRules: [{1D65F902-7C16-432C-9BD0-472D334D6E32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1A1977FD-BCED-44FD-A618-44EB097BE30D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61AC551D-4836-497F-BEE8-1CAEBE0F6738}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA023460-09D1-47C6-BA01-05C2B6470453}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F01D9A1B-4FE9-47A3-9DC8-4AB404C405F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26BD305D-ED2F-4419-8D36-FF87BF7C5D57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{96D1C8A2-52DD-4089-BA30-6EB7C833D0DB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8B778615-3394-4A88-8C60-A419488CF568}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4E88CFF0-4B0F-46AD-BEA8-913FB76BE55E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FF4D214B-CDBB-4BF0-94A0-31ABE99D6BA1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F1764EAB-5171-4893-BF5C-05CD46A22262}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{4CB79045-7B8D-4550-9266-28A39256CE83}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{039F88E5-26FD-4350-99A3-4FE2B7EE3089}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{09FAF559-CCDB-4AFF-98BC-F2E6664E3C58}] => (Allow) C:\Program Files (x86)\SmartView2\Smart View 2.0.exe
FirewallRules: [{BDEE6F2B-3E9C-45E5-9CE8-E9493F77B816}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{43F76E97-9055-412C-9CD6-5D4EC53FBDBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1C15BEF-5C5E-4551-8F3F-98FA8AFA3F71}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A08038AD-7668-4455-ABBA-ED0161468AC7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{31F4E6B8-7B35-4801-9B06-76BDB00DB1E3}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{28AD76C1-9FA3-468B-BAD6-CC7A5BAEDB8B}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{4EA69E9B-F9B3-4C6B-98D2-3A0339843713}C:\program files (x86)\western digital\my net view\mynetview.exe] => (Allow) C:\program files (x86)\western digital\my net view\mynetview.exe
FirewallRules: [UDP Query User{DB1C0BE1-2D1D-4F32-9ABB-0ACCD85FF66F}C:\program files (x86)\western digital\my net view\mynetview.exe] => (Allow) C:\program files (x86)\western digital\my net view\mynetview.exe
FirewallRules: [{316FF77F-B544-4E0D-8286-C77D30CA3CD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{74501A88-4DA2-47A4-A3CF-31239091525D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E47731C1-D91C-4CA6-9054-355AFA3A85C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9EB3E864-FD46-4170-880C-0DFFAA8B2DA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E446B6FE-EBB2-49A5-B66C-3648536FD6A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24BC2B95-555F-4617-815E-1FFC0D3EF498}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DB39072-7698-4978-865F-58C292F9D512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B6B47213-4CD1-426F-A825-6A538599FBC3}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{C9F00613-2049-437E-B30D-909302A9C7C1}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{97884B25-DD68-4751-B03D-7081F5A94BB0}C:\program files (x86)\western digital\wd quick view\wddmstatus.exe] => (Allow) C:\program files (x86)\western digital\wd quick view\wddmstatus.exe
FirewallRules: [UDP Query User{3717A01D-1142-4ED6-8EC5-4D35C6932647}C:\program files (x86)\western digital\wd quick view\wddmstatus.exe] => (Allow) C:\program files (x86)\western digital\wd quick view\wddmstatus.exe
FirewallRules: [TCP Query User{DE4D8021-DF47-4620-A551-60ACD2F9645A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{433E8381-6B05-48E2-BFB9-1DF4C57224D8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{5A50B818-EA75-43DF-973D-3F1D9846F7D1}] => (Allow) C:\Program Files (x86)\Opera\47.0.2631.55\opera.exe
FirewallRules: [{C4E2AB88-0D10-4EBD-9D35-E8E0712F42AE}] => (Allow) C:\Program Files (x86)\Opera\47.0.2631.71\opera.exe
FirewallRules: [{6DD9B570-B7CD-4059-B67F-64318EE39D78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)
DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)
DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)
DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)
DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)
DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)
DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)
DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)
DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)
DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)
DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)
DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)
DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)
DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp
DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp
StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)
StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)
StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)
StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)
StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)
StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)
StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)
StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)
StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)
StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)
StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)
StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)
StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)
StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp
StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

==================== Restore Points =========================

03-09-2017 09:10:34 Naplánovaný kontrolní bod
03-09-2017 19:00:04 Windows Zálohování
08-09-2017 21:12:21 Windows Update
10-09-2017 08:37:10 Installed 4K Video Downloader 4.3
10-09-2017 21:54:16 Windows Zálohování
14-09-2017 07:59:09 Removed PrivDog
14-09-2017 08:15:14 Removed PrivDog
14-09-2017 08:29:06 Removed PrivDog
14-09-2017 08:36:56 Removed PrivDog
14-09-2017 08:53:10 Removed PrivDog

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2017 11:10:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23864, časové razítko: 0x595fa942
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004da56
ID chybujícího procesu: 0x1010
Čas spuštění chybující aplikace: 0x01d32d3958e72856
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 97c46359-992c-11e7-93f8-74d02b92e8f3

Error: (09/14/2017 08:56:49 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSIB4BF.tmp

Error: (09/14/2017 08:46:07 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSI2599.tmp

Error: (09/14/2017 08:44:12 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSI5FBD.tmp

Error: (09/14/2017 08:29:21 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSI2FE6.tmp

Error: (09/14/2017 08:15:29 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSI8268.tmp

Error: (09/14/2017 07:59:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\DjVuViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/14/2017 07:59:24 AM) (Source: MsiInstaller) (EventID: 11723) (User: PETR-PC)
Description: Product: PrivDog -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action IsUpgradeRemove, entry: IsUpgradeRemove, library: C:\Windows\Installer\MSIC734.tmp

Error: (09/14/2017 07:58:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (09/10/2017 09:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23864, časové razítko: 0x595fa942
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004da56
ID chybujícího procesu: 0x161c
Čas spuštění chybující aplikace: 0x01d32a6e8f027377
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: cf2390b0-9661-11e7-ae97-74d02b92e8f3

System errors:
=============
Error: (09/14/2017 11:14:51 AM) (Source: LsaSrv) (EventID: 6033) (User: NT AUTHORITY)
Description: Anonymní relace připojená z: PETR-PC se pokusila v tomto počítači otevřít popisovač zásad místní autority zabezpečení. Pokus byl odmítnut s hodnotou STATUS_ACCESS_DENIED, aby se zabránilo úniku informací citlivých z hlediska zabezpečení k anonymnímu volajícímu.
Aplikaci, která provedla tento pokus, je třeba opravit. Obraťte se na dodavatele této aplikace. Toto bezpečnostní opatření lze dočasně obejít tím, že v registru nastavíte parametr \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD na hodnotu 1.
Tato zpráva bude zapsána do protokolu maximálně jednou denně.

Error: (09/14/2017 11:10:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Privacy Content Firewall neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/14/2017 11:10:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Privacy Content Firewall bylo dosaženo časového limitu (30000 ms).

Error: (09/14/2017 11:07:18 AM) (Source: LsaSrv) (EventID: 6033) (User: NT AUTHORITY)
Description: Anonymní relace připojená z: PETR-PC se pokusila v tomto počítači otevřít popisovač zásad místní autority zabezpečení. Pokus byl odmítnut s hodnotou STATUS_ACCESS_DENIED, aby se zabránilo úniku informací citlivých z hlediska zabezpečení k anonymnímu volajícímu.
Aplikaci, která provedla tento pokus, je třeba opravit. Obraťte se na dodavatele této aplikace. Toto bezpečnostní opatření lze dočasně obejít tím, že v registru nastavíte parametr \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD na hodnotu 1.
Tato zpráva bude zapsána do protokolu maximálně jednou denně.

Error: (09/14/2017 08:45:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Privacy Content Firewall neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/14/2017 08:45:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Privacy Content Firewall bylo dosaženo časového limitu (30000 ms).

Error: (09/14/2017 08:14:41 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (09/14/2017 08:14:41 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/14/2017 07:50:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Privacy Content Firewall neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/14/2017 07:50:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Privacy Content Firewall bylo dosaženo časového limitu (30000 ms).

CodeIntegrity:
===================================
Date: 2015-10-24 15:53:25.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 15:44:57.771
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-24 15:30:12.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-23 17:02:19.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-22 18:13:36.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-22 18:05:40.576
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 21:39:36.685
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 17:52:15.123
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-21 17:38:05.716
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-10-20 20:34:40.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8130.59 MB
Available physical RAM: 5337.5 MB
Total Virtual: 16259.36 MB
Available Virtual: 13130.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.58 GB) (Free:41.28 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:49 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:179.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 10C9FCFF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCEC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCE0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Kodlz · #4 Příspěvek od **Kodlz** » 14 zář 2017 12:32

Pomoci CCleaner odinstaluj:
PrivDog
PrivDog 2 Legacy Browser Plug-ins

Ve FireFoxu mas docela dost pluginu..pokud nejake nepouzivas tak je odstran

Velikost souboru na plose je 10x vetsi nez je doporuceno... zkus si to trochu pomazat.

A ted k samotnemu cisteni

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\MountPoints2: {536bc210-061d-11e3-856d-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
BHO: No Name -> {311BA51F-64F2-439D-9A4A-772373D77312} -> No File
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
FF Extension: (PrivDog) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-06-21] [not signed]
FF HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Firefox\Extensions: [PrivDog@AdTrustMedia.com] - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 Privacy Content Firewall; C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe [2059392 2015-02-26] (AdTrustMedia)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-09-14 08:33 - 2015-02-13 18:17 - 000000000 ____D C:\Users\PETR\AppData\Roaming\AdTrustMedia
2017-09-09 13:08 - 2013-11-19 18:19 - 000000000 ____D C:\ProgramData\Adtrustmedia

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility(65).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\browserMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\ari_va.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\posledni-aristokratka.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SANDRA-GREATEST-HITS--'92.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\Vydedenec.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Adobe:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Macromedia:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Microsoft:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\vlc:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Local\Google:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow\Microsoft:BZ-VIRTUAL-LINK [0]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [x]

ShellIconOverlayIdentifiers: [0_sxBZOverlayIcon] -> {6457FB0A-5C02-4393-909C-2139A5D5571F} => -> No File
ShellIconOverlayIdentifiers: [0_sxConfidentialOIcon] -> {871FE18B-B68D-4437-BC76-6634996CDB97} => -> No File
ShellIconOverlayIdentifiers: [0_sxForbiddenOIcon] -> {1F03249C-6AB2-4E31-8C10-86F7E31E3B4E} => -> No File
ontextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
Task: {27DF5508-038F-4D6D-AF52-7CC474AE1C5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6BDA75B7-5C50-41C3-89E5-4F6465CCD492} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

end

petr_2 · #5 Příspěvek od **petr_2** » 14 zář 2017 12:55

teď nevím jestli jsme si rozuměli dobře, ale CCleaner privdog odinstalovat neumí, viz má první zpráva, udělal jsem zbytek a tady je log

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-09-2017 02
Ran by PETR (14-09-2017 13:49:19) Run:1
Running from C:\Users\PETR\Desktop
Loaded Profiles: PETR (Available Profiles: PETR)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\MountPoints2: {536bc210-061d-11e3-856d-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
BHO: No Name -> {311BA51F-64F2-439D-9A4A-772373D77312} -> No File
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll [2014-06-17] (AdTrustMedia)
FF Extension: (PrivDog) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-06-21] [not signed]
FF HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Firefox\Extensions: [PrivDog@AdTrustMedia.com] - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 Privacy Content Firewall; C:\Program Files\AdTrustMedia\PrivDog\3.0.108.0\PrivDogService.exe [2059392 2015-02-26] (AdTrustMedia)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-14 11:18 - 2009-07-14 06:45 - 000022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-09-14 08:33 - 2015-02-13 18:17 - 000000000 ____D C:\Users\PETR\AppData\Roaming\AdTrustMedia
2017-09-09 13:08 - 2013-11-19 18:19 - 000000000 ____D C:\ProgramData\Adtrustmedia

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ExplorerFrame(64).dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility(65).exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\browserMon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\ari_va.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\BufferZoneProFree.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\posledni-aristokratka.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\SandboxieInstall.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\SANDRA-GREATEST-HITS--'92.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\Vydedenec.mp3:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\PETR\Downloads\WoWS_internet_install_eu.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Adobe:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Macromedia:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\Microsoft:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Roaming\vlc:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\Local\Google:BZ-VIRTUAL-LINK [0]
AlternateDataStreams: C:\Users\PETR\AppData\LocalLow\Microsoft:BZ-VIRTUAL-LINK [0]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [x]

ShellIconOverlayIdentifiers: [0_sxBZOverlayIcon] -> {6457FB0A-5C02-4393-909C-2139A5D5571F} => -> No File
ShellIconOverlayIdentifiers: [0_sxConfidentialOIcon] -> {871FE18B-B68D-4437-BC76-6634996CDB97} => -> No File
ShellIconOverlayIdentifiers: [0_sxForbiddenOIcon] -> {1F03249C-6AB2-4E31-8C10-86F7E31E3B4E} => -> No File
ontextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
Task: {27DF5508-038F-4D6D-AF52-7CC474AE1C5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6BDA75B7-5C50-41C3-89E5-4F6465CCD492} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\S-1-5-21-656962603-3355934871-314002735-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{536bc210-061d-11e3-856d-806e6f6e6963} => key removed successfully
HKLM\Software\Classes\CLSID\{536bc210-061d-11e3-856d-806e6f6e6963} => key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PrivDogService => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{311BA51F-64F2-439D-9A4A-772373D77312} => key removed successfully
HKLM\Software\Classes\CLSID\{311BA51F-64F2-439D-9A4A-772373D77312} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => key removed successfully
HKLM\Software\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} => key removed successfully
C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\PrivDog@AdTrustMedia.com.xpi => not found.
HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\Mozilla\Firefox\Extensions\\PrivDog@AdTrustMedia.com => value removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\System\CurrentControlSet\Services\Privacy Content Firewall => key removed successfully
Privacy Content Firewall => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => key removed successfully
MBAMSwissArmy => service removed successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => moved successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => moved successfully
C:\Users\PETR\AppData\Roaming\AdTrustMedia => moved successfully
C:\ProgramData\Adtrustmedia => moved successfully
C:\Windows\notepad.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\basesrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\cewmdm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ci.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\clfsw32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\comctl32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\d3d10warp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\diskperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\dns-sd.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\dwmapi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\dwmcore.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ExplorerFrame(64).dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\logman.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\mcupdate_GenuineIntel.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\MsSpellCheckingFacility(65).exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msxml6.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msxml6r.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\nlasvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\notepad.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\perftrack.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\powertracker.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\profsvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\relog.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\scesrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\schedsvc.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\sechost.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\services.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\sysmain.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\tdh.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\tracerpt.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\typeperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\ubpm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wdi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\winresume.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\WMPhoto.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\wpdshext.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\cewmdm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\clfsw32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\comctl32.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\d3d10warp.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\diskperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\dns-sd.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\dwmapi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\dwmcore.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\logman.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msxml6.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\msxml6r.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\ncsi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\nlaapi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\notepad.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\relog.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\scesrv.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\sechost.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\tdh.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\tracerpt.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\typeperf.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\ubpm.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wdi.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\WMPhoto.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\wpdshext.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\browserMon.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\stream.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\usbser.sys => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\ari_va.zip => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\BufferZoneProFree.msi => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\BufferZoneProFree.msi => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\posledni-aristokratka.zip => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\SandboxieInstall.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\SandboxieInstall.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\SANDRA-GREATEST-HITS--'92.rar => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\Vydedenec.mp3 => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\WoWS_internet_install_eu(1).exe => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\Downloads\WoWS_internet_install_eu(2).exe => ":$CmdZnID" ADS removed successfully.
C:\Users\PETR\Downloads\WoWS_internet_install_eu.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\PETR\AppData\LocalLow => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\Roaming\Adobe => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\Roaming\Macromedia => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\Roaming\Microsoft => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\Roaming\vlc => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\Local\Google => ":BZ-VIRTUAL-LINK" ADS removed successfully.
C:\Users\PETR\AppData\LocalLow\Microsoft => ":BZ-VIRTUAL-LINK" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify => Error: No automatic fix found for this entry.
"C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized [x]" => not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper => Error: No automatic fix found for this entry.
"C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe [x]" => not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0_sxBZOverlayIcon => key removed successfully
HKLM\Software\Classes\CLSID\{6457FB0A-5C02-4393-909C-2139A5D5571F} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0_sxConfidentialOIcon => key removed successfully
HKLM\Software\Classes\CLSID\{871FE18B-B68D-4437-BC76-6634996CDB97} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0_sxForbiddenOIcon => key removed successfully
HKLM\Software\Classes\CLSID\{1F03249C-6AB2-4E31-8C10-86F7E31E3B4E} => key not found.
ontextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27DF5508-038F-4D6D-AF52-7CC474AE1C5B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27DF5508-038F-4D6D-AF52-7CC474AE1C5B} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BDA75B7-5C50-41C3-89E5-4F6465CCD492} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BDA75B7-5C50-41C3-89E5-4F6465CCD492} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 147069105 B
Java, Flash, Steam htmlcache => 3702 B
Windows/system/drivers => 10393863 B
Edge => 0 B
Chrome => 373123236 B
Firefox => 357676870 B
Opera => 394737680 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 73916209 B
systemprofile32 => 37149075 B
LocalService => 66228 B
NetworkService => 29036732 B
PETR => 41189666 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 7972565 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:49:53 ====

petr_2 · #6 Příspěvek od **petr_2** » 14 zář 2017 12:57

A navíc mi Win začaly hlásit, že tato kopie systému není pravá

Kodlz · #7 Příspěvek od **Kodlz** » 14 zář 2017 13:02

promin, pri psani posledniho psotu jsem pozapomnel to co jsi psal o odinstalovani....

Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken
-zatim nic nemaz
-Log zkopíruj sem.

petr_2 · #8 Příspěvek od **petr_2** » 14 zář 2017 13:18

takže tady jsou logy Adwc po skenu a po mazání

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 14 12:08:20 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-13-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdTrustMedia
PUP.Optional.Legacy, C:\Program Files\AdTrustMedia
PUP.Optional.Legacy, C:\Program Files (x86)\AdTrustMedia
PUP.Optional.Legacy, C:\Users\PETR\AppData\Local\AdTrustMedia

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1985 B] - [2014/7/13 8:48:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [1072 B] - [2014/7/13 8:50:33]
C:/AdwCleaner/AdwCleaner[S2].txt - [1416 B] - [2014/7/13 8:59:47]
C:/AdwCleaner/AdwCleaner[S3].txt - [2688 B] - [2017/9/14 12:5:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 14 12:08:53 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdTrustMedia
Deleted: C:\Program Files\AdTrustMedia
Deleted: C:\Program Files (x86)\AdTrustMedia
Deleted: C:\Users\PETR\AppData\Local\AdTrustMedia

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1985 B] - [2014/7/13 8:48:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [1072 B] - [2014/7/13 8:50:33]
C:/AdwCleaner/AdwCleaner[S2].txt - [1416 B] - [2014/7/13 8:59:47]
C:/AdwCleaner/AdwCleaner[S3].txt - [2688 B] - [2017/9/14 12:5:35]
C:/AdwCleaner/AdwCleaner[S4].txt - [2755 B] - [2017/9/14 12:8:20]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

A tady je export po skenu Malwarebytes

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 14.09.17
Čas skenování: 14:13
Logovací soubor: 1b59046e-9946-11e7-a336-00fffdfe44a0.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2018
Verze komponentů: 1.0.188
Aktualizovat verzi balíku komponent: 1.0.2803
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: PETR-PC\PETR

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 312919
Zjištěné hrozby: 280
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 34 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 26
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\bindings, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\settings, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\player, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\defaults\preferences, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\macos, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\defaults, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\META-INF, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\USERS\PETR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QUF2DMAR.DEFAULT\EXTENSIONS\PAULSAINTUZB@GMAIL.COM, Žádná uživatelská akce, [819], [306569],1.0.2803

Soubor: 254
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\bindings\fvd_single.xml, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data\ad_mac.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data\ad_mac_buttonmenu.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data\ad_signs.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data\ad_win.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\data\ad_win_buttonmenu.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs\offer_downloader.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs\offer_downloader.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs\offer_downloader.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs\sad.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\dialogs\sign_petition.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\dm_button.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\ext_api.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\fb_button.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\rkmMessage.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\vk_button.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\include\yt_button.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\settings\fvd_settings.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\settings\fvd_settings.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\settings\settings_content.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_settings.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\browser_fennec.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\browser_fennec.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\donate.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\donate.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fennec_content.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fennec_streams_list.html, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\ff_3_status_bar_button.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_download.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_download.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_download_info.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_short_urls.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_short_urls.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_single.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_single.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_suggestion.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_suggestion.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_fennec_settings.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_input_window.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_input_window.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_install.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_install.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_license.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_license.xul, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\content\fvd_settings.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\arrow_down.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_3gp.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_4k.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_flv.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_hd1080.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_mp3.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_mp4.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_pdf.gif, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_swf.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\file_webm.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_AD.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_better.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_fvd.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_like.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_nimbus.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_not.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_set.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\images\icons_wallpapers.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ar\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\en-US\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\hy-AM\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ko-KR\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\lt\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.offer_downloader.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.donate.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.download.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.download.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.input_window.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.license.adult.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.license.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.license.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.license.usage.txt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.settings.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.settings.label, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.settings.properties, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\locale\ru\fvd.single.short_urls.dtd, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.input_window.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.update.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\alt_download_feature.jpg, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\betterfox.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\breakcom.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\button.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\copy_icon.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\dd_button.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\donate.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\dropmarker.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\facebook.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_3gp.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_4k.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_flv.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_hd1080.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_mp3.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_mp4.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_pdf.gif, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_swf.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\file_webm.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\like_icons.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\metacafe.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\nimbus.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\note_taking.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\paypal_donate.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\periscope.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\stars.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\stream.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\twitch.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\vimeo.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\wallpapers.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\yt.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.youtube.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.short_urls.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.toolbar.main_buttons_part.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvdsd.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvdsd_big.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd_mp3.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd_suite.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.install.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.license.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.main_button.large.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.main_button.recording_small.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.main_button.small.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.main_button_downloading_small.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.new.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.new.small.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.notification.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.question.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.general.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.settings.showfiles.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.buttons.small.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.donate.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.download.ad_showing.gif, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.download.css, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.download.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.exclamation.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.icon.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome\skin\fvd.single.icon_24.png, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\detector.idl, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_media_page.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_media_sniffer.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_site_detector.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_site_detector.xpt, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_youtube_parser.idl, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\components\fvd_single_youtube_parser.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\defaults\preferences\fvd_single_setup.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\META-INF\manifest.mf, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\META-INF\mozilla.rsa, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\META-INF\mozilla.sf, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\macos\ffmpeg, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\avcodec-55.dll, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\avfilter-3.dll, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\avformat-55.dll, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\avutil-52.dll, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\ffmpeg.exe, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ffmpeg\swresample-0.dll, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdBreakCom.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdDailyMotion.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdFaceBook.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdFormats.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdInit.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdMediaStream.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdTwitch.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdUtils.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdVKontakte.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\lib\fvdYouTube.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\ad.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\async.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\config.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\downloads.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\download_streams.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\misc.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\records.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\settings.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\modules\welcome.js, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\chrome.manifest, Žádná uživatelská akce, [819], [306569],1.0.2803
PUP.Optional.4kYouTubeDownloader, C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\extensions\paulsaintuzb@gmail.com\install.rdf, Žádná uživatelská akce, [819], [306569],1.0.2803

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Kodlz · #9 Příspěvek od **Kodlz** » 14 zář 2017 13:28

ok...muzes znovu spustit a dat vse odstranit... zaskrtni i moznost" hledat rootkity"
vysledny log mi tu prosim vloz.

petr_2 · #10 Příspěvek od **petr_2** » 14 zář 2017 13:38

Pokud se bavíme o Malwarebytes, tak mi nabízí jen karanténu je to ok? navíc nevidím nikde možnost zaškrtnutí pro rootkit

Kodlz · #11 Příspěvek od **Kodlz** » 14 zář 2017 13:41

ano, karantenu.
delal jsi to podle navodu co jsem psal?

Obrázek

petr_2 · #12 Příspěvek od **petr_2** » 14 zář 2017 15:42

nemůžu najít ten log, nechal jsem ho odstranit co našel a potvrdil restart

Kodlz · #13 Příspěvek od **Kodlz** » 14 zář 2017 15:49

hmmmm...snad to nebude vadit.

posles mi novy vypis z FRST prosim

petr_2 · #14 Příspěvek od **petr_2** » 14 zář 2017 16:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2017 02
Ran by PETR (administrator) on PETR-PC (14-09-2017 16:59:00)
Running from C:\Users\PETR\Desktop
Loaded Profiles: PETR (Available Profiles: PETR)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Windows\SysWOW64\UMonit64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Wargaming.net) C:\Games\World_of_Warships\WargamingGameUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Sandbox\PETR\DefaultBox\drive\C\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(forum.viry.cz) C:\Users\PETR\Desktop\FRSTLauncher.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\PETR\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2988488 2011-04-20] (SUPERAntiSpyware.com)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799368 2017-04-12] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-09-11] (Wargaming.net)
HKU\S-1-5-21-656962603-3355934871-314002735-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9855192 2017-09-07] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{15F0AE59-4EC7-49E9-BDFC-05184C02EBD5}: [NameServer] 8.8.8.0,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-656962603-3355934871-314002735-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-03] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-03] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-03] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-03] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-03-29] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile:
FF ProfilePath: C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default [2017-09-14]
FF Homepage: Mozilla\Firefox\Profiles\quf2dmar.default -> about:preferences
FF Extension: (Adblock Plus) - C:\Users\PETR\AppData\Roaming\Mozilla\Firefox\Profiles\quf2dmar.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-24]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-07-27]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default [2017-09-14]
CHR Extension: (Dokumenty Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-22]
CHR Extension: (Disk Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Ochrana Kaspersky) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-05-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (DjVu Viewer Extension) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghccooedabolhnplggblcggcbplekbk [2016-12-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-10]
CHR Extension: (Gmail) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\PETR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-10]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945152 2013-05-07] (ASUSTeK Computer Inc.) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.22\AsusFanControlService.exe [1639424 2013-05-09] (ASUSTeK Computer Inc.) [File not signed]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-10-18] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197768 2017-04-12] (Sandboxie Holdings, LLC)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 admnfd; C:\Windows\system32\Drivers\admnfd.sys [49496 2014-12-04] (Windows (R) Win 7 DDK provider)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (hxxp://www.asmedia.com.tw) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 browserMon; C:\Windows\System32\DRIVERS\browserMon.sys [20728 2015-02-26] (Windows (R) Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [534512 2017-04-25] (Intel Corporation)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GenesysLogic)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195264 2017-07-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [314840 2017-07-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1038528 2017-07-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2017-03-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-29] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199640 2017-07-27] (AO Kaspersky Lab)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-09-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [206984 2017-04-12] (Sandboxie Holdings, LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-14 16:56 - 2017-09-14 16:56 - 000112640 _____ (forum.viry.cz) C:\Users\PETR\Desktop\FRSTLauncher.exe
2017-09-14 14:53 - 2017-09-14 16:38 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-14 14:53 - 2017-09-14 14:53 - 000001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-09-14 14:53 - 2017-09-14 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-09-14 14:53 - 2017-09-14 14:53 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-09-14 14:53 - 2016-03-10 14:09 - 000064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-09-14 14:53 - 2016-03-10 14:08 - 000140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-09-14 14:53 - 2016-03-10 14:08 - 000027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-14 14:52 - 2017-09-14 14:52 - 022851472 _____ (Malwarebytes ) C:\Users\PETR\Desktop\mbam-setup-bc.1878-2.2.1.1043.exe
2017-09-14 14:12 - 2017-09-14 14:12 - 066347240 _____ (Malwarebytes ) C:\Users\PETR\Desktop\mb3-setup-consumer-3.2.2.2018.exe
2017-09-14 14:10 - 2017-09-14 14:15 - 000000000 ____D C:\Users\PETR\Desktop\Adv Clner
2017-09-14 14:04 - 2017-09-14 14:04 - 008182736 _____ (Malwarebytes) C:\Users\PETR\Desktop\adwcleaner_7.0.2.1.exe
2017-09-14 13:52 - 2017-09-14 16:44 - 000006400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-14 13:52 - 2017-09-14 16:44 - 000006400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-14 13:49 - 2017-09-14 13:49 - 000021075 _____ C:\Users\PETR\Desktop\Fixlog.txt
2017-09-14 13:46 - 2017-09-14 13:46 - 000000000 ____D C:\Users\PETR\Desktop\fixlist
2017-09-14 11:21 - 2017-09-14 16:59 - 000022721 _____ C:\Users\PETR\Desktop\FRST.txt
2017-09-14 11:20 - 2017-09-14 16:59 - 000000000 ____D C:\FRST
2017-09-14 11:04 - 2017-09-14 11:04 - 002398208 _____ (Farbar) C:\Users\PETR\Desktop\FRST64.exe
2017-09-14 08:48 - 2017-09-14 08:48 - 001222144 _____ C:\Users\PETR\Downloads\RSITx64.exe
2017-09-14 08:16 - 2017-09-14 08:16 - 000128094 _____ C:\Users\PETR\Desktop\cc_20170914_081612.reg
2017-09-14 08:10 - 2017-09-14 08:10 - 009826968 _____ (Piriform Ltd) C:\Users\PETR\Downloads\ccsetup534.exe
2017-09-10 15:37 - 2017-09-10 15:36 - 000014882 _____ C:\Users\PETR\Desktop\Oprava_Oscadal_Lenoch.xlsx
2017-09-10 08:37 - 2017-09-10 08:37 - 000000986 _____ C:\Users\PETR\Desktop\4K Video Downloader.lnk
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Users\PETR\AppData\Local\4kdownload.com
2017-09-10 08:37 - 2017-09-10 08:37 - 000000000 ____D C:\Program Files (x86)\4KDownload
2017-09-09 13:11 - 2017-09-09 13:11 - 000262144 _____ C:\Windows\system32\config\elam
2017-08-27 11:51 - 2017-09-02 19:17 - 000261048 _____ C:\Users\PETR\Desktop\Rodokmen_Precechtelu finální.xlsx
2017-08-25 21:22 - 2017-08-25 21:22 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-25 21:22 - 2017-08-25 21:22 - 000002172 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-19 17:08 - 2017-08-19 17:08 - 000574861 _____ C:\Users\PETR\Desktop\Františka Přecechtělová.zip
2017-08-19 17:07 - 2017-08-19 17:07 - 000162062 _____ C:\Users\PETR\Desktop\Františka Přecechtělová.bmp
2017-08-19 17:02 - 2017-08-19 17:02 - 001265590 _____ C:\Users\PETR\Desktop\MZA Olšany u Prostějova 9420_52.bmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-14 16:56 - 2014-01-06 20:15 - 000004456 _____ C:\Windows\Sandboxie.ini
2017-09-14 16:52 - 2017-05-13 10:43 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-09-14 16:52 - 2017-05-13 10:42 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-09-14 16:43 - 2009-07-14 17:18 - 000759262 _____ C:\Windows\system32\perfh005.dat
2017-09-14 16:43 - 2009-07-14 17:18 - 000195338 _____ C:\Windows\system32\perfc005.dat
2017-09-14 16:43 - 2009-07-14 07:13 - 001732774 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 16:43 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-14 16:36 - 2013-08-16 06:13 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-14 16:36 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-14 14:50 - 2014-07-13 11:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-14 14:08 - 2014-07-13 10:46 - 000000000 ____D C:\AdwCleaner
2017-09-14 13:49 - 2014-01-15 18:21 - 000000000 ____D C:\Users\PETR\AppData\LocalLow\Temp
2017-09-14 11:01 - 2017-04-21 18:38 - 000000283 _____ C:\Users\PETR\Desktop\Nový textový dokument.txt
2017-09-14 09:49 - 2017-08-11 16:51 - 000000000 ____D C:\Users\PETR\Desktop\aaa111
2017-09-14 08:14 - 2015-05-05 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-14 08:14 - 2013-08-24 11:17 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-14 08:01 - 2013-08-24 15:00 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-14 08:01 - 2013-08-24 15:00 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-14 08:01 - 2013-08-24 15:00 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-14 08:01 - 2013-08-24 15:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-14 08:01 - 2013-08-24 15:00 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-14 07:57 - 2014-07-07 15:14 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{382F0AF8-9C3B-4ECF-B383-B4394BD7CC52}
2017-09-09 13:13 - 2015-12-19 10:56 - 000000000 ____D C:\Program Files (x86)\Opera
2017-09-08 21:10 - 2017-07-27 18:09 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-656962603-3355934871-314002735-1000
2017-09-08 21:10 - 2017-02-08 18:20 - 000002139 _____ C:\Users\PETR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-05 19:06 - 2017-01-06 19:29 - 000000000 ____D C:\Aktuální rodokmen
2017-09-05 10:44 - 2017-07-01 15:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-05 10:44 - 2013-08-16 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-03 15:41 - 2013-08-16 06:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-03 08:44 - 2017-02-08 18:15 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-29 19:12 - 2015-12-23 09:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 18:44 - 2013-08-16 05:46 - 000000000 ____D C:\Users\PETR
2017-08-29 18:31 - 2014-06-26 22:19 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 18:31 - 2014-06-26 22:19 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-25 21:54 - 2013-08-16 06:46 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-08-25 21:54 - 2013-08-16 06:46 - 000001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-08-25 21:22 - 2017-01-07 11:39 - 000003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1483781997
2017-08-25 21:22 - 2014-03-29 12:37 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-19 00:20 - 2016-12-26 11:11 - 000000000 ____D C:\Users\PETR\AppData\LocalLow\Mozilla

==================== Files in the root of some directories =======

2014-06-26 22:18 - 2014-06-26 22:21 - 006010880 _____ () C:\Program Files (x86)\GUT57E0.tmp
2017-02-03 18:38 - 2017-02-03 18:38 - 000007597 _____ () C:\Users\PETR\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-03 09:03

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:167.58 GB) (Free:43.26 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:46.78 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:179.36 GB) NTFS

Available physical RAM: 5198.29 MB
Total physical RAM: 8130.59 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 10C9FCFF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCEC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10C9FCE0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PETR\Desktop" je 498 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\PETR\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\PETR\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"9000:TCP"="9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)"
"9001:TCP"="9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)"
"9002:TCP"="9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)"
"9003:TCP"="9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)"
"9004:TCP"="9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)"
"9005:TCP"="9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)"
"9006:TCP"="9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)"
"9007:TCP"="9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)"
"9008:TCP"="9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)"
"9009:TCP"="9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)"
"9010:TCP"="9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)"
"9100:TCP"="9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)"
"8000:TCP"="8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)"
"10000:TCP"="10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)"
"9090:TCP"="9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)"
"3483:UDP"="3483:UDP:*:Enabled:Logitech Media Server 3483 udp"
"3483:TCP"="3483:TCP:*:Enabled:Logitech Media Server 3483 tcp"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9000:TCP"="9000:TCP:*:Enabled:Logitech Media Server 9000 tcp (UI)"
"9001:TCP"="9001:TCP:*:Enabled:Logitech Media Server 9001 tcp (UI)"
"9002:TCP"="9002:TCP:*:Enabled:Logitech Media Server 9002 tcp (UI)"
"9003:TCP"="9003:TCP:*:Enabled:Logitech Media Server 9003 tcp (UI)"
"9004:TCP"="9004:TCP:*:Enabled:Logitech Media Server 9004 tcp (UI)"
"9005:TCP"="9005:TCP:*:Enabled:Logitech Media Server 9005 tcp (UI)"
"9006:TCP"="9006:TCP:*:Enabled:Logitech Media Server 9006 tcp (UI)"
"9007:TCP"="9007:TCP:*:Enabled:Logitech Media Server 9007 tcp (UI)"
"9008:TCP"="9008:TCP:*:Enabled:Logitech Media Server 9008 tcp (UI)"
"9009:TCP"="9009:TCP:*:Enabled:Logitech Media Server 9009 tcp (UI)"
"9010:TCP"="9010:TCP:*:Enabled:Logitech Media Server 9010 tcp (UI)"
"9100:TCP"="9100:TCP:*:Enabled:Logitech Media Server 9100 tcp (UI)"
"8000:TCP"="8000:TCP:*:Enabled:Logitech Media Server 8000 tcp (UI)"
"10000:TCP"="10000:TCP:*:Enabled:Logitech Media Server 10000 tcp (UI)"
"9090:TCP"="9090:TCP:*:Enabled:Logitech Media Server 9090 tcp (UI)"
"3483:UDP"="3483:UDP:*:Enabled:Logitech Media Server 3483 udp"
"3483:TCP"="3483:TCP:*:Enabled:Logitech Media Server 3483 tcp"

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Kodlz · #15 Příspěvek od **Kodlz** » 14 zář 2017 18:27

jeste Addition.txt poprosim

VIRY.CZ

PrivDoG - odstranění

PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění

Re: PrivDoG - odstranění