Video z FB

[honzikuh]

http://i0e5vok1p.6v915dbk6xbp4sh.ga/NaNFo16G.html
Dobrý den na FB lítají " videa"podobných adres co to dělá ?

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[honzikuh]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Honza (administrator) on HONZA-PC (12-09-2016 20:38:45)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Mega Limited) C:\Users\Honza\AppData\Local\MEGAsync\MEGAsync.exe
(Skillbrains) C:\Users\Honza\AppData\Local\Skillbrains\lightshot\5.1.4.41\Lightshot.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> explorer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7167.40721.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\Music.UI.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6625672 2016-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2014208 2014-08-05] (iSkySoft)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [103936 2014-03-04] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-23] (Raptr, Inc)
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [EPSON Stylus DX6000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIBIE.EXE [213504 2007-10-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2916352 2013-01-09] (Leadtek Research Inc.)
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [LightShot] => C:\Users\Honza\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Honza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1255607191-696459066-793434616-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-04-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Honza\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{98adec1b-9fd8-4762-8e5d-f85cde3bfd9d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {07FABE2F-8128-42B0-9AAE-8865F8ADF0DC} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {0C358692-663E-495E-8764-FAB97474E7A4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {0CDA4DCF-CCB8-4B47-9D6B-04E1783A5388} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {25786223-E8D7-4CA2-8332-68E350141D57} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {39952EFE-9E27-4ED5-B9D0-7E0163CCDB7B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {5CE25775-92B7-477d-9603-852F0B34D8B0} URL = hxxp://www.sogou.com/sogou?query={searchTerms} ... e1e39af286
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {A741EFC5-A683-4FD2-B00A-F8D952CF40BA} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {ABA18D5D-DA5F-4742-B96D-828D63944C54} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {E256CCE6-B36C-492E-A237-52287AFDD4DF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1255607191-696459066-793434616-1001 -> {F74F50F3-FEAB-41B1-8024-6E543D45A102} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-12] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lbre7z8q.default-1470848245978
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1255607191-696459066-793434616-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}&i ... utf-8&aq=t
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-04]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-09]
CHR Extension: (Pinky) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eijmklfnehnnkbfcoabieogaomookbna [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Lightshot (Nástroje snímků)) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2016-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01]
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-17]
CHR Extension: (Google Docs) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-17]
CHR Extension: (Google Drive) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-17]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-17]
CHR Extension: (Google Search) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-17]
CHR Extension: (Google Sheets) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-17]
CHR Extension: (Google Wallet) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-17]
CHR Extension: (CinemaPlus-3.2cV29.07) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-08-06]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-17]
CHR HKU\S-1-5-21-1255607191-696459066-793434616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Honza\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-11]
CHR HKU\S-1-5-21-1255607191-696459066-793434616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1255607191-696459066-793434616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>
CHR HKU\S-1-5-21-1255607191-696459066-793434616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=14388782 ... XX5QE1ZRYB

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S4 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
R2 ssinstall; C:\WINDOWS\SysWOW64\ssins.exe [2324216 2014-12-12] (PS Media s.r.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S4 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.)
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118848 2016-07-28] (Advanced Micro Devices)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) [File not signed]
R3 CX88VID; C:\Windows\system32\drivers\cxavsvid.sys [469248 2007-09-19] (Leadtek Research Inc.)
S3 RSUSBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [50176 2009-08-10] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [11304 2015-12-05] (wisecleaner.com) [File not signed]
R1 WiseTDIFw; C:\WINDOWS\WiseTDIFw64.sys [39464 2015-12-05] (WiseCleaner.com) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 20:38 - 2016-09-12 20:38 - 00020215 _____ C:\Users\Honza\Desktop\FRST.txt
2016-09-12 20:38 - 2016-09-12 20:38 - 00000000 ____D C:\FRST
2016-09-12 20:36 - 2016-09-12 20:38 - 02397696 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2016-09-12 20:15 - 2016-09-12 20:19 - 00029696 _____ C:\Users\Honza\AppData\Local\MSGBOX.EXE
2016-09-12 20:14 - 2016-09-12 20:14 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Downloads\Nepotvrzeno 607272.crdownload
2016-09-11 17:05 - 2016-09-11 17:07 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-11 16:53 - 2016-09-11 16:53 - 02889161 _____ C:\Users\Honza\Desktop\LG_G4_(H815)_popis_nastaveni.pdf
2016-09-11 10:01 - 2016-09-11 10:01 - 03735432 _____ (Informer Technologies, Inc. ) C:\Users\Honza\Downloads\siinst.exe
2016-09-01 05:12 - 2016-09-01 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-08-31 20:40 - 2016-08-31 20:40 - 32550032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 26633872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 15721104 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 14312080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 08864688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-08-31 20:40 - 2016-08-31 20:40 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-08-31 20:40 - 2016-08-31 20:40 - 02139792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 01321104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00732336 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-08-31 20:40 - 2016-08-31 20:40 - 00732336 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-08-31 20:40 - 2016-08-31 20:40 - 00513680 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00451720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00394896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00342152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00284296 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00279696 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00279184 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00267920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00262288 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00260752 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00233104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00226448 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00223368 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00201360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00194704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00161432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00151696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00129168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00127120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00122512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00115856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00110736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00103056 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00101520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00071816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00065168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00061576 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00060560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00058512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00052880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 48811152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 38258312 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 27481232 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 21633168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08828560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08653760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08620176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 07085712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 07045344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 06947984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 02370704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 02281104 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 01829520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00743568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00619152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00314392 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-08-31 20:39 - 2016-08-31 20:39 - 00241296 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00214160 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00193680 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00173712 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00105616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00096400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00075920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00060040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00059536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00047760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-31 17:53 - 2016-08-31 17:53 - 00002262 _____ C:\Users\Honza\Desktop\Skenovat dokument nebo obrázek – zástupce.lnk
2016-08-31 17:17 - 2016-09-01 19:19 - 00000000 ____D C:\Users\Honza\Desktop\Nové Údolí 1968-1970
2016-08-29 16:58 - 2016-08-29 16:58 - 00501433 _____ C:\Users\Honza\Downloads\fraxiparine-forte-pil.pdf
2016-08-25 17:10 - 2016-08-25 17:11 - 182291680 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Honza\Downloads\ashampoo_burning_studio_12_e12.0.5_sm.exe
2016-08-24 20:08 - 2016-08-24 20:08 - 12926461 _____ C:\Users\Honza\Desktop\rmv41-1976-OPK-pod-bPS.pdf
2016-08-24 20:08 - 2016-08-24 20:08 - 01971340 _____ C:\Users\Honza\Desktop\Nestandartní-jevy-rok-1968-PS.pdf
2016-08-24 20:08 - 2016-08-24 20:08 - 00949660 _____ C:\Users\Honza\Desktop\ochrana-statni-hranice-u-15.pdf
2016-08-24 20:06 - 2016-08-24 20:07 - 04029767 _____ C:\Users\Honza\Desktop\rozkaz-12-1985-režim-služeb-HS-PS.pdf
2016-08-24 20:06 - 2016-08-24 20:06 - 02553181 _____ C:\Users\Honza\Desktop\PS-na-Liberecku.pdf
2016-08-24 20:06 - 2016-08-24 20:06 - 01586920 _____ C:\Users\Honza\Desktop\rozkaz-0090-1953-EZOH.pdf
2016-08-23 05:42 - 2016-08-23 05:42 - 06332736 _____ C:\Users\Honza\Downloads\Kom kindertjes we gaan naar huis.mp4
2016-08-21 10:17 - 2016-08-21 10:18 - 00014394 _____ C:\Users\Honza\Downloads\H_4096984316 (1).pdf
2016-08-20 07:30 - 2016-03-02 17:10 - 00037376 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys
2016-08-20 07:30 - 2016-03-02 17:10 - 00030720 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys
2016-08-20 07:30 - 2016-03-02 17:10 - 00029696 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetbus64.sys
2016-08-20 06:57 - 2016-08-20 06:57 - 00001083 _____ C:\Users\Public\Desktop\CamStudio.lnk
2016-08-20 06:57 - 2016-08-20 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
2016-08-20 06:57 - 2016-08-20 06:57 - 00000000 ____D C:\Program Files (x86)\CamStudio
2016-08-20 06:56 - 2016-08-20 06:57 - 08810655 _____ C:\Users\Honza\Downloads\camstudio_2.0.exe
2016-08-13 08:35 - 2016-08-13 08:35 - 00122951 _____ C:\Users\Honza\Downloads\Horni_Becva-Bumbalka-Bila,st.hr.__okres_Frydek-Mistek.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-12 20:38 - 2014-08-17 14:03 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5AD7F4A8-644C-4377-8365-4BD99777193E}
2016-09-12 20:31 - 2015-08-29 17:52 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-12 20:29 - 2015-12-24 16:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-12 20:29 - 2015-12-24 15:46 - 00000000 ____D C:\Users\Honza
2016-09-12 20:29 - 2015-12-05 09:03 - 00000440 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2016-09-12 20:23 - 2015-08-29 17:52 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-12 20:20 - 2016-07-30 18:12 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-12 20:20 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-09-12 16:26 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-12 16:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-12 05:10 - 2015-10-30 20:31 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-12 05:10 - 2015-10-30 20:31 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-12 05:10 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-12 05:10 - 2015-09-26 21:20 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 18:23 - 2014-08-31 11:39 - 00000000 ____D C:\Users\Honza\AppData\Roaming\TeamViewer
2016-09-11 18:23 - 2014-08-31 11:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-11 17:15 - 2015-10-20 20:28 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-11 17:08 - 2014-11-11 18:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-11 17:07 - 2016-01-12 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-11 17:07 - 2016-01-12 18:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-11 08:00 - 2015-12-05 09:03 - 00000420 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2016-09-10 20:15 - 2015-10-20 20:28 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-02 06:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-02 06:20 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 05:14 - 2016-06-05 17:46 - 00002092 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-09-01 05:14 - 2016-06-05 17:43 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Raptr
2016-09-01 05:09 - 2015-12-24 15:41 - 00000000 ____D C:\Program Files\AMD
2016-09-01 05:07 - 2012-11-26 12:13 - 00000000 ____D C:\AMD
2016-08-31 20:40 - 2016-07-25 22:53 - 00875152 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-31 20:40 - 2016-04-29 21:48 - 09110856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-31 20:40 - 2016-04-29 21:48 - 00149984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-31 20:40 - 2015-12-16 21:45 - 09311368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-31 20:40 - 2015-12-16 21:45 - 07234888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-31 20:40 - 2015-12-16 21:45 - 00134448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-31 20:40 - 2015-10-08 06:21 - 26719376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-31 20:40 - 2015-10-08 06:21 - 10970120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-31 20:40 - 2015-10-08 06:21 - 10285464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-31 20:40 - 2015-10-08 06:21 - 01548512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-31 20:40 - 2015-10-08 06:21 - 01273584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-31 20:40 - 2015-10-08 06:21 - 00510096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-31 20:40 - 2015-10-08 06:21 - 00181064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-31 20:39 - 2016-04-29 21:49 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-31 13:59 - 2015-04-12 14:54 - 00000000 ___RD C:\Users\Honza\Documents\MEGA
2016-08-27 17:37 - 2016-01-14 18:25 - 00000000 ____D C:\Users\Honza\AppData\Local\The Settlers Online
2016-08-20 07:30 - 2014-09-01 20:10 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-08-20 07:30 - 2012-11-25 20:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-19 15:00 - 2015-04-12 14:53 - 00000000 ____D C:\Users\Honza\AppData\Local\MEGAsync
2016-08-19 05:22 - 2012-12-16 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-08-15 07:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Honza\AppData\Roaming\3ITIvptArw
2015-03-14 12:20 - 2015-03-14 12:20 - 0000561 _____ () C:\Users\Honza\AppData\Roaming\AutoGK.ini
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Honza\AppData\Roaming\JaxnO0pi8PWQ
2015-10-09 15:51 - 2015-12-20 08:06 - 0001287 _____ () C:\Users\Honza\AppData\Local\MRDownloader.err
2015-03-14 15:22 - 2015-12-20 08:06 - 0001160 _____ () C:\Users\Honza\AppData\Local\MRDownloader.nast
2016-09-12 20:15 - 2016-09-12 20:19 - 0029696 _____ () C:\Users\Honza\AppData\Local\MSGBOX.EXE
2015-03-25 19:14 - 2015-03-25 19:15 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Honza\AppData\Local\pcc.exe
2014-12-30 16:03 - 2014-12-30 16:03 - 0000843 _____ () C:\Users\Honza\AppData\Local\recently-used.xbel
2012-12-02 14:30 - 2012-12-02 14:31 - 0007605 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2012-12-30 18:03 - 2015-03-14 15:15 - 0002437 _____ () C:\Users\Honza\AppData\Local\SRDownloader.err
2012-12-16 18:09 - 2015-03-14 15:20 - 0001120 _____ () C:\Users\Honza\AppData\Local\SRDownloader.nast
2013-11-03 17:17 - 2013-11-03 17:17 - 0000003 _____ () C:\Users\Honza\AppData\Local\updater.log
2013-11-03 17:17 - 2014-10-08 18:07 - 0000437 _____ () C:\Users\Honza\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\raptrpatch.exe
C:\Users\Honza\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-11 08:22

==================== End of FRST.txt ============================

[honzikuh]

Příloha

FRST.rar

(29.98 KiB) Staženo 168 x

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... XX5QE1ZRYB
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Honza\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[honzikuh]

Provedeno
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2016
Ran by Honza (13-09-2016 05:13:19) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSuggestURL: Default -> hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... XX5QE1ZRYB
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Honza\AppData\Local\Temp
End
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
Chrome DefaultSuggestURL => removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command\\Default => value restored successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

"C:\Users\Honza\AppData\Local\Temp" folder move:

Could not move "C:\Users\Honza\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-09-2016 05:15:42)

C:\Users\Honza\AppData\Local\Temp => moved successfully

==== End of Fixlog 05:15:47 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[honzikuh]

Nikdo si nestěžuje na rozesílání celý den tak určitě ano moc děkuju

[Rudy]

Rádo se stalo!