VIRY.CZ

Zdravím, prosím o pomoc s vyskakujícími okny ve Firefoxu. Posílám log. Díky:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2017
Ran by MP (administrator) on VOSTRO3300 (15-10-2017 15:29:34)
Running from C:\Users\MP\Desktop
Loaded Profiles: MP (Available Profiles: MP)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4119920 2010-01-15] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2017-01-26] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-04-07] (IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-13] (AVAST Software)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Run: [GoogleChromeAutoLaunch_0FC48612D073CC3AE3A43772191499FC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {88a25bbe-2c66-11e5-a103-c44619f5f11c} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c70e80-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c710a4-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-01-31]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-10-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-396868361-688022378-94426774-1003] => Proxy is enabled.
ProxyServer: [S-1-5-21-396868361-688022378-94426774-1003] => 127.0.0.1:8118
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{A488031A-29ED-4374-AAD7-FDD9B492A019}: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{A64A954F-C3E5-4BF0-A0D1-FC7C4594DD0A}: [DhcpNameServer] 192.168.1.20
ManualProxies: 1127.0.0.1:8118

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.mystartsearch.com/?type=hp&ts=14290 ... XXS3P41LCL
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14290 ... XXS3P41LCL
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {101E40D3-36CD-469B-BB2C-B3E93838B61A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {22CFC445-5C64-4271-8666-71B702F364C5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {3968F399-C533-49D0-A5F2-B788FC4941FA} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6205ABEE-EC35-4F64-81E9-A0E2BCF373C9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6B4292E2-8092-4AB8-81FA-71749316EBF5} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6F67336C-ACE5-420B-84A2-149BC29925CD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {7EBC9ADC-CB69-425F-AE02-15D96A24D891} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {84F94D52-D701-41BB-8505-C3AB8798782B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {A9AF84F5-134E-425C-A250-54DA9E064A8B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-13] (AVAST Software)

FireFox:
========
FF DefaultProfile: qzkskuyi.default
FF ProfilePath: C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default [2017-10-15]
FF Homepage: Mozilla\Firefox\Profiles\qzkskuyi.default -> hxxps://www.seznam.cz/
FF Extension: (OmniSidebar) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\osb@quicksaver.xpi [2017-02-10]
FF Extension: (Avast SafePrice) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\sp@avast.com.xpi [2017-10-13]
FF Extension: (Avast Online Security) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\wrc@avast.com.xpi [2017-10-14]
FF Extension: (Adblock Plus) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-14]
FF Extension: (Seznam lištička) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-13] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default [2017-10-15]
CHR Extension: (Prezentace Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Seznam Lištička - Email) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-18]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-24]
CHR Extension: (YouTube) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Facebook Image Zoom and Downloader) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edefbbbcggajdncnoingicdckbhngpcj [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Avast SafePrice) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-23]
CHR Extension: (Tabulky Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28]
CHR Extension: (AdBlock) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-14]
CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-09-23]
CHR Extension: (Peněženka Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-05-13]
CHR Extension: (Gmail) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-14]
CHR Extension: (SalePluuS) - C:\ProgramData\opicaggdjjckpfncaafdhbkikgahkeli\ []
CHR Extension: (SaleaPluss) - C:\ProgramData\pimjeekgjbnbkgahjioebbilbjhamonn\ []
CHR Extension: (SaleePiLus) - C:\ProgramData\plidakoicbnceaakdookndoaddfkmgaf\ []
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-13] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
R2 PrivoxyService; C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe [371200 2015-09-16] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-23] (Nokia.) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe [247808 2010-04-07] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2017-01-26] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-13] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1020536 2017-10-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-13] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-16] (Disc Soft Ltd)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2001-08-03] () [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-15 15:29 - 2017-10-15 15:30 - 000022988 _____ C:\Users\MP\Desktop\FRST.txt
2017-10-15 15:29 - 2017-10-15 15:29 - 000000000 ____D C:\FRST
2017-10-15 15:28 - 2017-10-15 15:28 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-15 15:26 - 2017-10-15 15:26 - 002401792 _____ (Farbar) C:\Users\MP\Desktop\FRST64.exe
2017-10-13 20:02 - 2017-10-13 20:02 - 000000000 ____D C:\Users\MP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-13 19:56 - 2017-10-13 19:56 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-13 19:53 - 2017-10-13 19:53 - 006273024 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-09-23 08:27 - 2017-09-23 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-09-23 08:26 - 2017-09-23 08:26 - 000000000 ____D C:\ProgramData\McAfee Security Scan

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-15 15:28 - 2017-02-10 20:50 - 000000000 ____D C:\Users\MP\AppData\LocalLow\Mozilla
2017-10-15 14:11 - 2015-05-17 14:10 - 000000460 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2017-10-14 19:36 - 2009-07-14 06:45 - 000022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-14 19:36 - 2009-07-14 06:45 - 000022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-14 19:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 20:02 - 2015-05-10 12:20 - 000000000 ____D C:\Users\MP\AppData\Roaming\Dropbox
2017-10-13 19:56 - 2017-02-10 20:55 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-10-13 19:56 - 2017-02-10 20:55 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-10-13 19:56 - 2017-02-10 20:55 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-10-13 19:56 - 2017-02-10 20:55 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-10-13 19:56 - 2017-02-10 20:55 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-10-13 19:56 - 2015-04-21 13:43 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000201352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-10-13 19:56 - 2015-04-21 13:43 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-10-13 19:56 - 2015-04-21 13:39 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-13 19:53 - 2015-09-22 20:16 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-13 19:53 - 2015-09-22 20:16 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-13 19:53 - 2015-09-22 20:16 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-13 19:53 - 2015-09-22 20:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-13 19:53 - 2015-09-22 20:16 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-13 19:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-30 21:02 - 2011-04-12 10:34 - 002245042 _____ C:\Windows\system32\perfh005.dat
2017-09-30 21:02 - 2011-04-12 10:34 - 000690920 _____ C:\Windows\system32\perfc005.dat
2017-09-30 21:02 - 2009-07-14 07:13 - 000006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-30 10:28 - 2015-04-19 20:46 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-30 10:28 - 2015-04-19 20:46 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-24 15:51 - 2017-01-27 00:14 - 000000000 ____D C:\Windows\Minidump
2017-09-24 14:08 - 2015-06-18 10:57 - 000000000 ____D C:\Users\MP\AppData\Local\Dropbox
2017-09-23 08:50 - 2017-08-27 15:13 - 000000000 ____D C:\Users\MP\Desktop\Foto Huawei
2017-09-23 08:40 - 2015-05-10 12:22 - 000000000 ___RD C:\Users\MP\Dropbox
2017-09-23 08:27 - 2015-11-10 09:02 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-09-23 08:27 - 2015-09-29 21:11 - 000001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

==================== Files in the root of some directories =======

2015-12-16 23:08 - 2015-12-16 23:08 - 006420480 _____ () C:\Program Files (x86)\GUT6892.tmp
2016-08-29 12:46 - 2016-08-29 12:46 - 007065600 _____ () C:\Program Files (x86)\GUTC23F.tmp
2015-05-27 23:53 - 2015-05-27 23:53 - 000054482 _____ () C:\Users\MP\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-14 09:42

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Log zde:

# AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 15 14:59:29 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-13-2017.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, PrivoxyService


***** [ Folders ] *****

PUP.Optional.Legacy, C:\Program Files (x86)\IncludeEdit
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network
PUP.Optional.PragmaModulator, C:\Program Files (x86)\PragmaModulator
PUP.Optional.EZDownloader, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
PUP.Optional.EZDownloader, C:\Program Files (x86)\EZDownloader
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Application Hosting
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Application Data\Application Hosting
PUP.Optional.Linkury.ACMB1, C:\Users\All Users\Application Hosting


***** [ Files ] *****

PUP.Optional.PCFixer, C:\Users\MP\Downloads\WRCFree.exe


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, amiupdaterExi
PUP.Optional.Legacy, amiupdaterExd


***** [ Registry ] *****

PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [http:\\www.mystartsearch.com\web\?type=ds&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [http:\\www.mystartsearch.com\web\?type=ds&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\www.mystartsearch.com\?type=hp&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Page_URL [http:\\www.mystartsearch.com\?type=hp&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Start Page [http:\\go.microsoft.com\fwlink\?LinkId=56626&homepage=http:\\www.mystartsearch.com\?type=hp&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Start Page [http:\\go.microsoft.com\fwlink\?LinkId=56626&homepage=http:\\www.mystartsearch.com\?type=hp&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [http:\\www.mystartsearch.com\web\?type=ds&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL&q={searchTerms}]
PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [http:\\www.mystartsearch.com\web\?type=ds&ts=1429096293&from=wpc&uid=ST320LT012-1DG14C_S3P41LCLXXXXS3P41LCL&q={searchTerms}]
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SecureWebChannel
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Application Hosting.exe
PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Conduit
PUP.Optional.Conduit, [Key] - HKCU\Software\Conduit
PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.MultiPlug, [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
PUP.Optional.MultiPlug, [Key] - HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
PUP.Optional.MyStartSearch.ShrtCln, [Key] - HKLM\SOFTWARE\mystartsearchSoftware


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

V ADW ještě klikněte na mazání, restartujte a dejte nový log FRST.

Omlouvám se za zpoždění, log zde:
# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 19:01:46 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [5062 B] - [2017/10/15 15:0:15]
C:/AdwCleaner/AdwCleaner[S0].txt - [5488 B] - [2017/10/15 14:59:29]
C:/AdwCleaner/AdwCleaner[S1].txt - [1089 B] - [2017/10/27 19:0:55]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Teď bych potřeboval vidět nový log FRST.

LOG ZDE:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by MP (28-10-2017 23:52:21)
Running from C:\Users\MP\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-03-19 11:48:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-396868361-688022378-94426774-500 - Administrator - Disabled)
Guest (S-1-5-21-396868361-688022378-94426774-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-396868361-688022378-94426774-1002 - Limited - Enabled)
MP (S-1-5-21-396868361-688022378-94426774-1003 - Administrator - Enabled) => C:\Users\MP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire v10.1 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.17 - STMicroelectronics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1479, 06.02.2015 - AIMP DevTeam)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
BitTorrent (HKU\S-1-5-21-396868361-688022378-94426774-1003\...\BitTorrent) (Version: 7.9.5.41163 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.69.1079 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dropbox (HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
FLAC to MP3 Converter 1.0.3 (HKLM-x32\...\FLAC to MP3 Converter) (Version: 1.0.3 - 1Flac)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6277.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
LibreOffice 4.4 Help Pack (Czech) (HKLM-x32\...\{680F9EF4-F1B8-4F1A-8D81-A867677C63C2}) (Version: 4.4.3.2 - The Document Foundation)
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 cs)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MP3 Skype recorder (HKLM-x32\...\{9D33E74E-3799-4343-9F16-13AFF983366C}) (Version: 4.11.1.0 - Alexander Nikiforov)
Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia)
Nokia PC Internet Access (HKLM-x32\...\{EE60BB9B-E721-454C-9B61-34EE8B36B8A7}) (Version: 2.0.2.1 - Nokia) Hidden
Nokia PC Internet Access (HKLM-x32\...\Nokia PC Internet Access) (Version: 2.0.2.1 - Nokia)
OmmWriter (HKLM-x32\...\{804002A3-ACF2-4DF4-9BD2-092A4F738C73}) (Version: 0.1.0.15 - Herraiz & Soto)
PC Connectivity Solution Lite (HKLM-x32\...\{CC1ACF58-CD2D-4F36-9195-F13D13962E15}) (Version: 5.8.33.7 - Nokia)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 1.3.3 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 3.55.2393.527 (HKLM-x32\...\SafeZone 3.55.2393.527) (Version: 3.55.2393.527 - Avast Software) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-396868361-688022378-94426774-1003\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SliderClamp (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f063af40}) (Version: - SliderClamp) <==== ATTENTION
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom)
SolSuite 2014 v14.3 (HKLM-x32\...\SolSuite_is1) (Version: 14.3 - TreeCardGames)
Spotify (HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Validity Sensors DDK (HKLM\...\{661DD62F-D0F2-4573-902B-DBCAAD8229AF}) (Version: 3.1.379 - Validity Sensors, Inc.)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/01/2009 6.2.0.9411) (HKLM\...\26DF6674D7C1C08AE6A9F0AB0F04558F369FF15F) (Version: 12/01/2009 6.2.0.9411 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Registry Cleaner 8.52 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.52 - WiseCleaner.com, Inc.)
Zoner Photo Studio 16 - Obálky a šablony (HKLM\...\ZonerPhotoStudio16_Templates_CZ_is1) (Version: 16.0.1.2 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.3 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-396868361-688022378-94426774-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-04-19] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2015-04-19] (AIMP DevTeam)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-26] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-396868361-688022378-94426774-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-396868361-688022378-94426774-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-396868361-688022378-94426774-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MP\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {072E1D90-0863-479E-AC05-847FAE3B9D63} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2017-10-27] (AVAST Software)
Task: {078EC67A-4215-43B0-AEB3-353DCDD8C0FA} - System32\Tasks\{6BC99C47-B7C4-4B02-9D54-F88E09D6D0B4} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.7.0.102/cs/abandoninstall?source=lightinstaller&page=tsBing
Task: {2497FE12-5049-4C15-B36D-4A0A1E789679} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-26] (Adobe Systems Incorporated)
Task: {2E9A29F9-47E3-453F-BE21-D1098FBA39FD} - System32\Tasks\{9BCC0F09-403C-45CF-8EE0-BAE994BDE5EF} => C:\Windows\system32\pcalua.exe -a E:\INSTALLER.EXE -d E:\
Task: {41774614-0ECF-4565-B51A-406CAED6FC4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {515B39BB-A297-4066-B8EA-87E637BEAA70} - System32\Tasks\{0A8477F0-4BFC-49F6-A3C1-C4F26B8569C6} => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24] (Creative Technology Ltd)
Task: {812591E4-BA57-4394-A359-0AFE5BFA7636} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-13] (AVAST Software)
Task: {937027B5-E78C-4750-BDC3-C5A96204B3E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {B4480A04-1DA0-4D4A-B3F2-421092564B8F} - System32\Tasks\{EA3359C2-5425-4B09-8418-92DF054F9D51} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Microsoft Games\Age of Empires II\UNINSTALX.EXE" -d "C:\Program Files (x86)\Microsoft Games\Age of Empires II" -c /runtemp
Task: {B5DDFE3B-6C09-4B54-8B8E-6D641248A035} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BAB8093D-E473-49BB-86BB-28D5F9E72756} - System32\Tasks\SafeZone scheduled Autoupdate 1485375271 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {C177CCEF-19F0-4E40-ABCD-8A9C01C250E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)
Task: {CA474D3C-5222-405F-B4A6-465246505282} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-05-08] (WiseCleaner.com)
Task: {EDFC02E4-E13C-4135-9B3B-5686F47239C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)
Task: {EE499000-5713-47F9-A17D-0015AE07BD3B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {F7432DB2-1456-41C3-A8BE-F16D560E94C0} - System32\Tasks\{8A285ECF-3C68-4B54-A148-B74D1F903C53} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.8.0.102/cs/abandoninstall?page=tsProgressBar

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-396868361-688022378-94426774-1003Core1d2773c7336a7e.job => C:\Users\MP\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-08-03 03:53 - 2009-08-03 03:53 - 000027648 _____ () C:\Windows\System32\sso2ml6.dll
2015-09-07 15:22 - 2005-04-22 06:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-03-19 13:53 - 2010-10-01 10:48 - 000727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2017-10-13 19:56 - 2017-10-13 19:56 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-10-26 05:15 - 2017-10-26 05:15 - 000851928 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000286712 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2009-10-20 11:02 - 2009-10-20 11:02 - 000173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-10-27 20:46 - 2017-10-27 20:46 - 005882552 _____ () C:\Program Files\AVAST Software\Avast\defs\17102702\algo.dll
2017-10-26 05:15 - 2017-10-26 05:15 - 000703336 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-10-28 23:49 - 2017-10-28 23:49 - 005882552 _____ () C:\Program Files\AVAST Software\Avast\defs\17102800\algo.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 001044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-01 08:59 - 2017-07-01 08:59 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-13 19:56 - 2017-10-13 19:56 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-26 05:10 - 2017-10-17 17:48 - 000771904 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-10-26 05:10 - 2017-10-17 17:48 - 001804608 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2017-10-13 20:02 - 2017-10-17 17:47 - 000100296 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000018888 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\select.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000020800 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000035792 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000694224 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000021848 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000130512 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 001856848 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000022864 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-10-26 05:10 - 2017-10-17 17:47 - 000145864 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-10-26 05:10 - 2017-10-17 17:48 - 000116688 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-10-13 20:02 - 2017-10-17 17:47 - 000105928 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000022864 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000062784 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000024528 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000040248 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-10-26 05:10 - 2017-10-17 17:47 - 000020936 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000124880 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000116176 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-10-26 05:10 - 2017-10-17 17:48 - 000392656 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-10-13 20:02 - 2017-10-17 17:50 - 000392512 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000026456 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000024016 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000175560 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000030160 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000043472 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000026056 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32job.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000048592 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000057808 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000021824 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000023368 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000022856 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000066392 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 001796920 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000084424 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\sip.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 001956152 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 003859264 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000154440 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000521024 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000045888 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000042304 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000131384 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000218944 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000204096 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000025432 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000060880 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000054608 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000024016 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000022864 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000028616 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000022360 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000021848 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000022360 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000027488 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-10-13 20:02 - 2017-10-17 17:47 - 000349128 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-10-13 20:02 - 2017-10-17 17:50 - 000023896 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000025424 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-10-26 05:10 - 2017-10-17 17:48 - 000036296 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\librsync.dll
2017-10-26 05:10 - 2017-10-17 17:49 - 000181056 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-10-13 20:02 - 2017-10-17 17:50 - 000030536 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000024368 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\libEGL.DLL
2017-10-26 05:10 - 2017-10-17 17:49 - 001638200 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-10-13 20:02 - 2017-10-17 17:50 - 000026456 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000545080 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000359224 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-10-26 05:10 - 2017-10-17 17:49 - 000038208 _____ () C:\Users\MP\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-09-23 08:27 - 000000879 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-396868361-688022378-94426774-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\MP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\MP\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\MP\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: Dropbox Update => "C:\Users\MP\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_0FC48612D073CC3AE3A43772191499FC => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\MP\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
MSCONFIG\startupreg: NokiaPCInternetAccess => "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\MP\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
MSCONFIG\startupreg: Zoner Photo Studio Service 16 => "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{417A4690-8CD0-4F40-B4B6-91950A693135}] => (Allow) C:\Users\MP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2FD4E1CD-757E-45E8-915A-256D497E0FD3}] => (Allow) C:\Users\MP\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{9B11F742-B29E-4A4A-B43A-3C6406B392C7}C:\users\mp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CF3DBE0A-701F-4FE9-9791-3CB76F9E8A3D}C:\users\mp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{500A9C9C-2F37-4A2A-9294-90EF74DEF88A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{197C00E5-D103-4B45-BC1A-2F64BA8B09D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F317B08-AC47-4D81-9C9A-0FB0AC2A999C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F17D42E7-3CF9-4B2D-A59E-D02FE3FB5B29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C781575-9CCC-47E6-9D37-566ED05E92B4}] => (Allow) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DBCAD83A-AA10-43D8-B70C-AB513044CE60}] => (Allow) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{CA58A2C8-51C3-45EF-9DD1-513649D1CC8D}C:\users\mp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DE92A2F8-0D62-4F0A-8D07-864C1B823364}C:\users\mp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{8C6F740A-4708-4440-80C8-4758A9DAE561}C:\users\mp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C12A75DB-A8A0-49CF-9FE1-5C69DE566DAA}C:\users\mp\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\mp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6107CC6F-7D27-417C-9802-FCDDC792A1B9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{952BE7BF-53CA-499E-ACC4-98880352C74E}] => (Allow) LPort=54925
FirewallRules: [{37A0919F-3E4C-4970-95B7-0544FB176B49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7685FBB7-E752-4DB0-ABF2-A9EFF79F7E88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DC792FA6-6F80-4B50-9C96-8F75702E8EEB}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{442B7B80-125C-4450-8ECD-F95D79188146}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{EA204A04-C8F4-4DBC-AFC0-96A55D79C4B1}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EDEC5FCE-61DB-457D-85B9-EF8CC7D8A9D2}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{A1EE44FF-6E1E-4F45-A3C1-500373DDB5D4}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{F4C42991-872F-45DB-9D0A-B8AFC4187A57}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{19ACBD00-420F-42CC-B2E1-B43C9DEFD514}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

15-10-2017 12:21:04 Naplánovaný kontrolní bod
27-10-2017 21:54:37 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2017 09:03:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/27/2017 08:46:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/26/2017 05:17:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 55.0.3.6445, časové razítko: 0x599ed78a
Název chybujícího modulu: xul.dll, verze: 55.0.3.6445, časové razítko: 0x599edbdd
Kód výjimky: 0x80000003
Posun chyby: 0x0076a5cf
ID chybujícího procesu: 0x15f8
Čas spuštění chybující aplikace: 0x01d34e07df206097
Cesta k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll
ID zprávy: 4413ad71-b9fc-11e7-850b-a4badbd616ba

Error: (10/26/2017 05:17:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 55.0.3.6445 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 17a4

Čas spuštění: 01d34e07d7ca1bce

Čas ukončení: 15

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: 4024c75e-b9fc-11e7-850b-a4badbd616ba

Error: (10/26/2017 05:07:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/15/2017 05:28:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/15/2017 05:02:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/14/2017 07:27:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/14/2017 07:27:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/14/2017 07:27:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/28/2017 11:48:16 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (10/27/2017 09:01:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/27/2017 09:01:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/27/2017 09:01:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (10/27/2017 09:01:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/27/2017 09:01:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/27/2017 09:01:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/27/2017 09:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/27/2017 09:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/27/2017 09:01:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 51%
Total physical RAM: 3894.68 MB
Available physical RAM: 1883.34 MB
Total Virtual: 7787.54 MB
Available Virtual: 5723.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:203.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0C998788)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

To je jen Additional. Ještě poprosím o samotný FRST.

OK:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by MP (administrator) on VOSTRO3300 (29-10-2017 14:59:49)
Running from C:\Users\MP\Desktop
Loaded Profiles: MP (Available Profiles: MP)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_27_0_0_183.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_27_0_0_183.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-10-01] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4119920 2010-01-15] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2017-01-26] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-04-07] (IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-13] (AVAST Software)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {88a25bbe-2c66-11e5-a103-c44619f5f11c} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c70e80-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c710a4-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-01-31]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-10-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\MP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-396868361-688022378-94426774-1003] => 127.0.0.1:8118
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{A488031A-29ED-4374-AAD7-FDD9B492A019}: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{A64A954F-C3E5-4BF0-A0D1-FC7C4594DD0A}: [DhcpNameServer] 192.168.1.20

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {101E40D3-36CD-469B-BB2C-B3E93838B61A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {22CFC445-5C64-4271-8666-71B702F364C5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {3968F399-C533-49D0-A5F2-B788FC4941FA} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6205ABEE-EC35-4F64-81E9-A0E2BCF373C9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6B4292E2-8092-4AB8-81FA-71749316EBF5} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {6F67336C-ACE5-420B-84A2-149BC29925CD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {7EBC9ADC-CB69-425F-AE02-15D96A24D891} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {84F94D52-D701-41BB-8505-C3AB8798782B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {A9AF84F5-134E-425C-A250-54DA9E064A8B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-13] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-13] (AVAST Software)

FireFox:
========
FF DefaultProfile: qzkskuyi.default
FF ProfilePath: C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default [2017-10-29]
FF Homepage: Mozilla\Firefox\Profiles\qzkskuyi.default -> hxxps://www.seznam.cz/
FF Extension: (OmniSidebar) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\osb@quicksaver.xpi [2017-02-10]
FF Extension: (Avast SafePrice) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\sp@avast.com.xpi [2017-10-13]
FF Extension: (Avast Online Security) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\wrc@avast.com.xpi [2017-10-14]
FF Extension: (Adblock Plus) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-10-14]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\MP\AppData\Roaming\Mozilla\Firefox\Profiles\qzkskuyi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-26] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-26] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default [2017-10-27]
CHR Extension: (Prezentace Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Seznam Lištička - Email) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-24]
CHR Extension: (YouTube) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Facebook Image Zoom and Downloader) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edefbbbcggajdncnoingicdckbhngpcj [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Avast SafePrice) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-23]
CHR Extension: (Tabulky Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-28]
CHR Extension: (AdBlock) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-14]
CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2017-09-23]
CHR Extension: (Peněženka Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-05-13]
CHR Extension: (Gmail) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-14]
CHR Extension: (SalePluuS) - C:\ProgramData\opicaggdjjckpfncaafdhbkikgahkeli\ []
CHR Extension: (SaleaPluss) - C:\ProgramData\pimjeekgjbnbkgahjioebbilbjhamonn\ []
CHR Extension: (SaleePiLus) - C:\ProgramData\plidakoicbnceaakdookndoaddfkmgaf\ []
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-13] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-23] (Nokia.) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe [247808 2010-04-07] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2017-01-26] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-13] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1029872 2017-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-13] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-16] (Disc Soft Ltd)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2001-08-03] () [File not signed]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-29 10:39 - 2017-10-29 10:39 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-29 10:33 - 2017-10-29 10:40 - 000000000 ____D C:\Users\MP\Desktop\FOTO
2017-10-28 22:50 - 2017-10-28 22:50 - 000000000 ____D C:\Users\MP\Desktop\FRST-OlderVersion
2017-10-26 04:15 - 2017-10-26 04:15 - 000000000 ____D C:\Program Files\Common Files\avast software
2017-10-26 04:10 - 2017-10-26 04:10 - 000000000 ____D C:\Users\MP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-15 15:57 - 2017-10-27 20:01 - 000000000 ____D C:\AdwCleaner
2017-10-15 15:56 - 2017-10-15 15:56 - 008250832 _____ (Malwarebytes) C:\Users\MP\Desktop\adwcleaner_7.0.3.1.exe
2017-10-15 14:29 - 2017-10-29 15:00 - 000021568 _____ C:\Users\MP\Desktop\FRST.txt
2017-10-15 14:29 - 2017-10-29 14:59 - 000000000 ____D C:\FRST
2017-10-15 14:26 - 2017-10-28 22:50 - 002403328 _____ (Farbar) C:\Users\MP\Desktop\FRST64.exe
2017-10-13 18:56 - 2017-10-13 18:56 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-29 14:11 - 2015-05-17 13:10 - 000000460 _____ C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job
2017-10-29 10:07 - 2009-07-14 05:45 - 000022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-29 10:07 - 2009-07-14 05:45 - 000022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-29 09:57 - 2017-02-10 19:50 - 000000000 ____D C:\Users\MP\AppData\LocalLow\Mozilla
2017-10-29 09:56 - 2011-04-12 09:34 - 002270262 _____ C:\Windows\system32\perfh005.dat
2017-10-29 09:56 - 2011-04-12 09:34 - 000699712 _____ C:\Windows\system32\perfc005.dat
2017-10-29 09:56 - 2009-07-14 06:13 - 000006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-29 09:52 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-29 06:57 - 2017-02-10 19:55 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-10-27 19:52 - 2015-04-21 12:43 - 001029872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-10-26 04:18 - 2015-04-20 22:08 - 000000000 ____D C:\Users\MP\AppData\Local\CrashDumps
2017-10-26 04:17 - 2015-09-22 19:16 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-26 04:17 - 2015-09-22 19:16 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-26 04:17 - 2015-09-22 19:16 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-26 04:17 - 2015-09-22 19:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-26 04:17 - 2015-09-22 19:16 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-26 04:15 - 2016-01-02 18:49 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-10-26 04:10 - 2015-05-10 11:20 - 000000000 ____D C:\Users\MP\AppData\Roaming\Dropbox
2017-10-15 16:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-10-13 18:56 - 2017-02-10 19:55 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-10-13 18:56 - 2017-02-10 19:55 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-10-13 18:56 - 2017-02-10 19:55 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-10-13 18:56 - 2017-02-10 19:55 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000201352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-10-13 18:56 - 2015-04-21 12:43 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-10-13 18:56 - 2015-04-21 12:39 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-13 18:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-09-30 09:28 - 2015-04-19 19:46 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-30 09:28 - 2015-04-19 19:46 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-12-16 22:08 - 2015-12-16 22:08 - 006420480 _____ () C:\Program Files (x86)\GUT6892.tmp
2016-08-29 11:46 - 2016-08-29 11:46 - 007065600 _____ () C:\Program Files (x86)\GUTC23F.tmp
2015-05-27 22:53 - 2015-05-27 22:53 - 000054482 _____ () C:\Users\MP\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-27 20:47

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Program Files\McAfee Security Scan
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {88a25bbe-2c66-11e5-a103-c44619f5f11c} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c70e80-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c710a4-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 3P41LCL&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Prezentace Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Facebook Image Zoom and Downloader) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edefbbbcggajdncnoingicdckbhngpcj [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Tabulky Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Peněženka Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (SalePluuS) - C:\ProgramData\opicaggdjjckpfncaafdhbkikgahkeli\ []
CHR Extension: (SaleaPluss) - C:\ProgramData\pimjeekgjbnbkgahjioebbilbjhamonn\ []
CHR Extension: (SaleePiLus) - C:\ProgramData\plidakoicbnceaakdookndoaddfkmgaf\ []
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
C:\Program Files (x86)\GUT6892.tmp
C:\Program Files (x86)\GUTC23F.tmp
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {2E9A29F9-47E3-453F-BE21-D1098FBA39FD} - System32\Tasks\{9BCC0F09-403C-45CF-8EE0-BAE994BDE5EF} => C:\Windows\system32\pcalua.exe -a E:\INSTALLER.EXE -d E:\
Task: {C177CCEF-19F0-4E40-ABCD-8A9C01C250E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)
C:\Program Files (x86)\Bonjour


EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zkoušel jsem to udělat ale když dám fix píše mi to: No fixlist.txt. found. The fixlist.txt should be in the same folder/directory the tool is located.

Buď máte chybu v názvu souboru (fixlist) a nebo nemáte fixlist ve stejném adresáři, jak FRST (plocha).

Log zde: Fix result of Farbar Recovery Scan Tool (x64) Version: 11-11-2017
Ran by MP (11-11-2017 17:18:38) Run:1
Running from C:\Users\MP\Desktop
Loaded Profiles: MP (Available Profiles: MP)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Program Files\McAfee Security Scan
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {88a25bbe-2c66-11e5-a103-c44619f5f11c} - E:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c70e80-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
HKU\S-1-5-21-396868361-688022378-94426774-1003\...\MountPoints2: {f6c710a4-fbcf-11e4-8359-a4badbd616ba} - E:\SETUP.EXE
ShellExecuteHooks: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type= ... 3P41LCL&q={searchTerms}
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.goodforsearch.info/?l=1&q={searchTerms}&pid=24378&r=2015/04/21&hid=9280228650392394312&lg=EN&cc=CZ&unqvl=86
SearchScopes: HKU\S-1-5-21-396868361-688022378-94426774-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (Prezentace Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Facebook Image Zoom and Downloader) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edefbbbcggajdncnoingicdckbhngpcj [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Tabulky Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Pen�enka Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (SalePluuS) - C:\ProgramData\opicaggdjjckpfncaafdhbkikgahkeli\ []
CHR Extension: (SaleaPluss) - C:\ProgramData\pimjeekgjbnbkgahjioebbilbjhamonn\ []
CHR Extension: (SaleePiLus) - C:\ProgramData\plidakoicbnceaakdookndoaddfkmgaf\ []
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
C:\Program Files (x86)\GUT6892.tmp
C:\Program Files (x86)\GUTC23F.tmp
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {2E9A29F9-47E3-453F-BE21-D1098FBA39FD} - System32\Tasks\{9BCC0F09-403C-45CF-8EE0-BAE994BDE5EF} => C:\Windows\system32\pcalua.exe -a E:\INSTALLER.EXE -d E:\
Task: {C177CCEF-19F0-4E40-ABCD-8A9C01C250E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-19] (Google Inc.)
C:\Program Files (x86)\Bonjour


EmptyTemp:
End
*****************


"C:\Program Files\McAfee Security Scan" folder move:

Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88a25bbe-2c66-11e5-a103-c44619f5f11c} => key removed successfully
HKLM\Software\Classes\CLSID\{88a25bbe-2c66-11e5-a103-c44619f5f11c} => key not found.
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6c70e80-fbcf-11e4-8359-a4badbd616ba} => key removed successfully
HKLM\Software\Classes\CLSID\{f6c70e80-fbcf-11e4-8359-a4badbd616ba} => key not found.
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6c710a4-fbcf-11e4-8359-a4badbd616ba} => key removed successfully
HKLM\Software\Classes\CLSID\{f6c710a4-fbcf-11e4-8359-a4badbd616ba} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value removed successfully
HKLM\Software\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-396868361-688022378-94426774-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => key removed successfully
HKLM\Software\Classes\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKU\S-1-5-21-396868361-688022378-94426774-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key removed successfully
HKLM\Software\Classes\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key removed successfully
HKLM\Software\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
CHR Extension: (Prezentace Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Dokumenty Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Disk Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Facebook Image Zoom and Downloader) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edefbbbcggajdncnoingicdckbhngpcj [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Tabulky Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Pen�enka Google) - C:\Users\MP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (SalePluuS) - C:\ProgramData\opicaggdjjckpfncaafdhbkikgahkeli\ [] => Error: No automatic fix found for this entry.
CHR Extension: (SaleaPluss) - C:\ProgramData\pimjeekgjbnbkgahjioebbilbjhamonn\ [] => Error: No automatic fix found for this entry.
CHR Extension: (SaleePiLus) - C:\ProgramData\plidakoicbnceaakdookndoaddfkmgaf\ [] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\McComponentHostService => key removed successfully
McComponentHostService => service removed successfully
C:\Program Files (x86)\GUT6892.tmp => moved successfully
C:\Program Files (x86)\GUTC23F.tmp => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub) => key removed successfully
HKLM\Software\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub) => key removed successfully
HKLM\Software\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) => key removed successfully
HKLM\Software\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder) => key removed successfully
HKLM\Software\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark) => key removed successfully
HKLM\Software\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => key not found.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => key removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E9A29F9-47E3-453F-BE21-D1098FBA39FD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E9A29F9-47E3-453F-BE21-D1098FBA39FD} => key removed successfully
C:\Windows\System32\Tasks\{9BCC0F09-403C-45CF-8EE0-BAE994BDE5EF} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9BCC0F09-403C-45CF-8EE0-BAE994BDE5EF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C177CCEF-19F0-4E40-ABCD-8A9C01C250E0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C177CCEF-19F0-4E40-ABCD-8A9C01C250E0} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
C:\Program Files (x86)\Bonjour => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9474981 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 2343022 B
Edge => 0 B
Chrome => 12418823 B
Firefox => 224886446 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 9214 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58504039 B
systemprofile32 => 69808 B
LocalService => 66228 B
NetworkService => 66228 B
MP => 26355917 B
Šmáček => 70915 B

RecycleBin => 0 B
EmptyTemp: => 326.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-11-2017 17:21:02)

C:\Program Files\McAfee Security Scan => moved successfully

==== End of Fixlog 17:21:04 ====

OK. Nastala nějaká změna?

Nastala, okna už nevyskakují a vyřešilo se i několik dalších problémů, Moc děkuji za pomoc.