Prosím o kontrolu ntb od sestry

[Ladix]

Zdravím Vás,
minulý týden jsem se chtěl na sestřiném noťasu podívat na email, ovšem ntb vůbec nespolupracoval, weby nechtěly najíždět, celkově to bylo zasekané, prosím tedy o kontrolu.

Zde je log z FRST:



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-03-2017
Ran by euronics (administrator) on EURONICS-PC (11-03-2017 12:43:17)
Running from C:\Users\euronics\Desktop
Loaded Profiles: euronics (Available Profiles: euronics)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-11-14] (Lenovo)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-11-14] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-11-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-11-14] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-11-14] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-22] (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-11-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-11-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{38C24768-FB26-4AC1-A5E3-CE58805C4953}: [NameServer] 212.111.1.10,212.111.0.10
Tcpip\..\Interfaces\{C31D5D05-62F4-4269-8A44-6A8D1D0D7139}: [DhcpNameServer] 10.10.10.1

Internet Explorer:
==================
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-14] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\euronics\AppData\Roaming\Mozilla\Firefox\Profiles\1u64g045.default [2017-03-11]
FF NewTab: Mozilla\Firefox\Profiles\1u64g045.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\1u64g045.default -> Amazon
FF Homepage: Mozilla\Firefox\Profiles\1u64g045.default -> hxxp://www.seznam.cz/
FF SearchPlugin: C:\Users\euronics\AppData\Roaming\Mozilla\Firefox\Profiles\1u64g045.default\searchplugins\avg-secure-search.xml [2014-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-07]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-09-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default [2016-10-09]
CHR Extension: (Dokumenty Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Disk Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-03]
CHR Extension: (YouTube) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-03]
CHR Extension: (Vyhledávání Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR Extension: (Chrome Media Router) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-22] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-01-13] (Broadcom Corporation.)
R2 RaMediaServer; C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [454656 2010-05-19] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [37656 2016-09-22] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [37144 2016-09-22] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [108816 2016-09-22] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [103064 2016-09-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-22] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [969184 2016-09-22] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [163416 2016-09-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 SPUVCbv; C:\windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
U3 SQLWriter; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 12:43 - 2017-03-11 12:44 - 00018581 _____ C:\Users\euronics\Desktop\FRST.txt
2017-03-11 12:42 - 2017-03-11 12:43 - 00000000 ____D C:\FRST
2017-03-11 12:40 - 2017-03-11 12:40 - 02424832 _____ (Farbar) C:\Users\euronics\Desktop\FRST64.exe
2017-03-07 18:45 - 2017-03-11 12:28 - 00004618 _____ C:\windows\System32\Tasks\DistromaticSearchProtect-hourly
2017-03-07 13:11 - 2017-03-07 13:52 - 727037318 _____ C:\Users\euronics\Downloads\umlceni-cz-dabing-horor-thriller-velka-britanie-2009-OD-SOUČKA-TOMÁŠE.avi
2017-03-07 12:11 - 2017-03-07 12:58 - 848584258 _____ C:\Users\euronics\Downloads\Grace-The-Possession-2014-(horor)-cz-dabing.avi
2017-03-06 13:58 - 2017-03-06 14:20 - 381942766 _____ C:\Users\euronics\Downloads\Podstata-strachu-E08.Kost-a-kůže-CZ-Dabing-Horor-_-Povídkový,-USA-_-Kanada,-2008-...http___ulozto.cz__partner=154291.avi
2017-03-06 13:02 - 2017-03-06 13:43 - 734296064 _____ C:\Users\euronics\Downloads\Kukuřičné-děti-4-Zjevení-CZ-Dabing-Horor,-USA,-1996-Stephen-King.avi
2017-03-06 12:18 - 2017-03-06 13:00 - 734029825 _____ C:\Users\euronics\Downloads\Territories.2010.novinka.horor-cz-dabing(1).avi
2017-03-05 13:05 - 2017-03-05 13:46 - 734486331 _____ C:\Users\euronics\Downloads\Ďábel-v-těle-CZ-Dabing-Horor-_-Mysteriózní,-USA,-2012.OD-SOUČKA-TOMÁŠE.avi
2017-03-05 12:16 - 2017-03-05 12:57 - 733483008 _____ C:\Users\euronics\Downloads\Rudý-písek-(2009)-CZ-dabing---Akční--Horor,USA.avi
2017-03-05 11:25 - 2017-03-05 12:08 - 737400390 _____ C:\Users\euronics\Downloads\temne-nebe-cz-dabing-psychologicky-sci-fi-usa-Horor-2013-OD-SOUČKA-TOMÁŠE.avi
2017-03-05 10:22 - 2017-03-05 11:17 - 983495514 _____ C:\Users\euronics\Downloads\Man-Thing--Horor-scifi-cz.dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-05 08:53 - 2017-03-05 10:21 - 1594013650 _____ C:\Users\euronics\Downloads\Útok-trojhlavého-žraloka-(2015)-Novinka-CZ-dabing-Sci-Fi-Horor-Ak-ní.avi
2017-03-05 07:56 - 2017-03-05 08:37 - 733929472 _____ C:\Users\euronics\Downloads\Bratrstvo-(2001)-horor-CZ-dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-03 11:49 - 2017-03-03 11:49 - 00000000 ____D C:\Users\euronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2017-03-02 18:47 - 2017-03-02 19:31 - 778133504 _____ C:\Users\euronics\Downloads\Chata-v-horách-horor-CZ-dabing-(2011).avi
2017-03-02 17:42 - 2017-03-02 18:29 - 853090234 _____ C:\Users\euronics\Downloads\3_15---Zemřeš!-horor-(CZ-dabing).avi
2017-03-02 16:59 - 2017-03-02 17:41 - 735003946 _____ C:\Users\euronics\Downloads\Ostrov-smrti-CZ-Dabing-Drama-_-Thriller,-USA,-2003...ID_-154291.avi
2017-03-02 15:21 - 2017-03-02 16:48 - 1564805120 _____ C:\Users\euronics\Downloads\Smrtelne-lzi-2012-CZ-dabing-Drama-Thriller.avi
2017-03-02 09:35 - 2017-03-02 10:17 - 758927338 _____ C:\Users\euronics\Downloads\Podstata-strachu-horor-cz-dabing-sony1708.avi
2017-03-02 08:09 - 2017-03-02 09:29 - 1427295515 _____ C:\Users\euronics\Downloads\The-Pact.2012.novy-horor.cz-dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-01 15:46 - 2017-03-01 16:27 - 734029825 _____ C:\Users\euronics\Downloads\Territories.2010.novinka.horor-cz-dabing.avi
2017-03-01 15:05 - 2017-03-01 15:46 - 727769088 _____ C:\Users\euronics\Downloads\Drtič-horor,-CZ-dabing.avi
2017-03-01 13:38 - 2017-03-01 15:05 - 1558731674 _____ C:\Users\euronics\Downloads\Pravidla-vášn--(2002)-Novinka-CZ-dabing-Komedie-Drama-Romantický-Thriller.avi
2017-03-01 10:57 - 2017-03-01 12:43 - 1908080640 _____ C:\Users\euronics\Downloads\Provinění-2016-Cz-Avi-Drama-Thriller=Cz-Dabing-SUPER-KVALITA!!!-(1).avi
2017-02-28 14:11 - 2017-02-28 16:03 - 2008017274 _____ C:\Users\euronics\Downloads\Bod-zlomu-(2015)-CZ-Dabing,akční,drama,thriller,,novinka.fico.avi
2017-02-28 10:59 - 2017-02-28 11:30 - 555148338 _____ C:\Users\euronics\Downloads\Karmenin-polibek---Drama-Romantický-Thriller-CZ-Dabing-novinka-na-Ulož-to_xvid(1).avi
2017-02-28 09:45 - 2017-02-28 10:55 - 1262439454 _____ C:\Users\euronics\Downloads\Dead-Set-CZ-Dabing-Drama,Thriller,-Velká-Británie,-2008.avi
2017-02-28 08:50 - 2017-02-28 09:41 - 907085102 _____ C:\Users\euronics\Downloads\Prokletý-ostrov---2010,-drama,-thriller,-mysteriózní,-CZ-dabing,-(Angel).avi
2017-02-28 08:28 - 2017-02-28 08:44 - 277483207 _____ C:\Users\euronics\Downloads\Posedlá-láskou-(-Lethal-Seduction)-Drama-Thriller-2015-celý-film-CZ-Dabing.mp4
2017-02-26 21:31 - 2017-02-26 21:31 - 01682584 _____ C:\windows\Minidump\022617-22807-01.dmp
2017-02-23 22:26 - 2017-03-05 07:43 - 00000000 _____ C:\windows\SysWOW64\last.dump
2017-02-16 14:25 - 2017-02-16 15:18 - 930500548 _____ C:\Users\euronics\Downloads\ocista-volebni-rok-2016-horor-CZ.avi
2017-02-12 10:55 - 2017-02-12 11:39 - 795711550 _____ C:\Users\euronics\Downloads\novinky-smrtiaci-priliv-melcin-y-the-shallow-s-melcina-zralok-utok-smrtici-novinka-2016-cz-cesky-dabing-dab-skvely-film-dobra-kvalita-top-drama-horor-thriller-blake-lively-oscar-jaenada-brett-cu-destro-mkv.htm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-11 12:40 - 2009-07-14 05:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-11 12:40 - 2009-07-14 05:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-11 12:32 - 2011-11-14 23:38 - 00669132 _____ C:\windows\system32\perfh005.dat
2017-03-11 12:32 - 2011-11-14 23:38 - 00141760 _____ C:\windows\system32\perfc005.dat
2017-03-11 12:32 - 2009-07-14 06:13 - 00833938 _____ C:\windows\system32\PerfStringBackup.INI
2017-03-11 12:32 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2017-03-11 12:31 - 2016-11-21 14:22 - 00000000 ____D C:\Users\euronics\AppData\LocalLow\Mozilla
2017-03-11 12:29 - 2011-11-14 16:45 - 00000000 ____D C:\ProgramData\VeriFace
2017-03-11 12:28 - 2011-11-14 16:46 - 00132365 _____ C:\windows\system32\fastboot.set
2017-03-11 12:28 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-03-11 09:03 - 2015-03-12 10:44 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-03-09 19:03 - 2013-12-25 12:50 - 00000000 ____D C:\Users\euronics\AppData\Roaming\vlc
2017-03-06 06:39 - 2009-07-14 06:08 - 00032546 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-03-05 07:43 - 2016-09-22 20:48 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2017-02-26 21:31 - 2016-12-19 15:05 - 507264150 _____ C:\windows\MEMORY.DMP
2017-02-26 21:31 - 2013-04-14 16:39 - 00000000 ____D C:\windows\Minidump
2017-02-24 07:51 - 2013-08-14 10:58 - 00000000 ____D C:\windows\system32\MRT
2017-02-24 07:50 - 2012-09-21 18:01 - 138020592 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-02-22 22:41 - 2012-01-24 16:46 - 00000000 ____D C:\ProgramData\Skype
2017-02-15 12:48 - 2015-03-12 10:44 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 12:48 - 2013-03-24 18:30 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-02-15 12:48 - 2012-01-24 15:15 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-15 12:47 - 2013-03-24 18:30 - 00000000 ____D C:\windows\system32\Macromed
2017-02-15 09:17 - 2012-01-24 15:15 - 00000000 ____D C:\windows\SysWOW64\Macromed

==================== Files in the root of some directories =======

2012-01-30 10:41 - 2012-01-30 10:42 - 0000000 _____ () C:\Users\euronics\AppData\Local\{5FFC2F76-E8E0-4961-AAAC-3712983142B8}
2016-09-09 14:23 - 2016-09-09 14:23 - 0000016 _____ () C:\ProgramData\mntemp

Some files in TEMP:
====================
2016-09-22 20:20 - 2010-02-26 09:45 - 0080896 _____ (Microsoft Corporation) C:\Users\euronics\AppData\Local\Temp\devcon.exe
2017-01-20 14:23 - 2017-01-20 14:23 - 0739904 _____ (Oracle Corporation) C:\Users\euronics\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-25 05:29 - 2016-09-25 05:29 - 47038840 _____ (Google Inc.) C:\Users\euronics\AppData\Local\Temp\{5F97580F-41FA-468F-A064-5E3267C558EA}-53.0.2785.143_chrome_installer.exe
2016-09-25 06:00 - 2016-09-25 06:00 - 1246584 _____ (Google Inc.) C:\Users\euronics\AppData\Local\Temp\{E8452597-C50D-4458-B122-346E45B58649}-53.0.2785.143_53.0.2785.116_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-05 17:01

==================== End of FRST.txt ============================

[Márty84]

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Ladix]

Log z AdwCleaneru:




# AdwCleaner v6.044 - Log vytvořen 12/03/2017 v 12:27:52
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-12.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : euronics - EURONICS-PC
# Spuštěno z : C:\Users\euronics\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\euronics\AppData\Local\Amazon Browser Settings
[-] Složka smazána: C:\Users\euronics\AppData\LocalLow\avg web tuneup
[-] Složka smazána: C:\ProgramData\Partner
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Partner
[-] Složka smazána: C:\Program Files (x86)\Amazon Browser Settings
[-] Složka smazána: C:\windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\euronics\AppData\Roaming\Mozilla\Firefox\Profiles\1u64g045.default\searchplugins\avg-secure-search.xml
[-] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] Soubor smazán: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: DistromaticSearchProtect-logon
[-] Úloha smazána: DistromaticUpdater-periodic
[-] Úloha smazána: DistromaticSearchProtect-hourly
[-] Úloha smazána: DistromaticUpdater-logon


***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klíč smazán: HKU\.DEFAULT\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\distromatic
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Auslogics
[#] Klíč smazán po restartu: HKCU\Software\distromatic
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Assistant
[#] Klíč smazán po restartu: [x64] HKCU\Software\distromatic


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2829 Bajty] - [12/03/2017 12:27:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [3126 Bajty] - [12/03/2017 12:27:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2975 Bajty] ##########

[Ladix]

Log z Malwarebytes:




Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 12.03.17
Čas skenování: 12:52
Logovací soubor: LogMalwarebytes.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1482
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: euronics-PC\euronics

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 248040
Uplynulý čas: 3 hod, 50 min, 48 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
PUP.Optional.OpenCandy, C:\USERS\EURONICS\DOWNLOADS\KMPLAYER_EN_3.1.0.0_R2.EXE, Žádná uživatelská akce, [646], [297667],1.0.1482

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Márty84]

Log z Malwarebytes:

Nalez muzete smazat, MBAM odinstalujte.


Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[Ladix]

Launcher jsem 3x uložil na plochu a když jsem ho spustil, tak mi házel hlášku, že není na ploše, tak že ho tam mám přesunout a akci opakovat. Čili jsem použil na sken samotný FRST.


Zde jsou logy:




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by euronics (administrator) on EURONICS-PC (13-03-2017 18:13:56)
Running from C:\Users\euronics\Desktop
Loaded Profiles: euronics (Available Profiles: euronics)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
() C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-11-14] (Lenovo)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-11-14] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-11-14] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-11-14] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-11-14] (Lenovo)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-22] (AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-11-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-11-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{38C24768-FB26-4AC1-A5E3-CE58805C4953}: [NameServer] 212.111.1.10,212.111.0.10
Tcpip\..\Interfaces\{C31D5D05-62F4-4269-8A44-6A8D1D0D7139}: [DhcpNameServer] 10.10.10.1

Internet Explorer:
==================
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-14] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\euronics\AppData\Roaming\Mozilla\Firefox\Profiles\1u64g045.default [2017-03-13]
FF NewTab: Mozilla\Firefox\Profiles\1u64g045.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 4_CZ_ff_nt_
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\1u64g045.default -> Amazon
FF Homepage: Mozilla\Firefox\Profiles\1u64g045.default -> hxxp://www.seznam.cz/
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-07]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-07]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default [2016-10-09]
CHR Extension: (Dokumenty Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Disk Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-03]
CHR Extension: (YouTube) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-03]
CHR Extension: (Vyhledávání Google) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Gmail) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR Extension: (Chrome Media Router) - C:\Users\euronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-22] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [956192 2011-01-13] (Broadcom Corporation.)
R2 RaMediaServer; C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [454656 2010-05-19] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [37656 2016-09-22] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [37144 2016-09-22] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [108816 2016-09-22] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [103064 2016-09-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-22] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [969184 2016-09-22] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [163416 2016-09-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 SPUVCbv; C:\windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
U3 SQLWriter; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 18:13 - 2017-03-13 18:14 - 00018638 _____ C:\Users\euronics\Desktop\FRST.txt
2017-03-13 18:12 - 2017-03-13 18:12 - 02424832 _____ (Farbar) C:\Users\euronics\Desktop\FRST64.exe
2017-03-13 18:10 - 2017-03-13 18:11 - 00029696 _____ C:\Users\euronics\AppData\Local\MSGBOX.EXE
2017-03-13 16:02 - 2017-03-13 16:03 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-13 16:02 - 2017-03-13 16:02 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-03-13 16:02 - 2017-03-13 16:02 - 00000995 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-03-13 16:02 - 2017-03-13 16:02 - 00000000 ____D C:\Users\euronics\AppData\Roaming\TeamViewer
2017-03-12 12:48 - 2017-03-13 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-12 12:48 - 2017-03-13 17:56 - 00186304 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-03-12 12:48 - 2017-03-13 17:55 - 00082208 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-03-12 12:48 - 2017-03-13 17:54 - 00251840 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 12:48 - 2017-03-13 17:54 - 00111544 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-03-12 12:48 - 2017-03-13 17:54 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-03-12 12:48 - 2017-03-12 12:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 12:48 - 2017-03-12 12:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-12 12:48 - 2017-02-24 06:23 - 00077408 _____ C:\windows\system32\Drivers\mbae64.sys
2017-03-12 12:24 - 2017-03-12 12:27 - 00000000 ____D C:\AdwCleaner
2017-03-11 12:42 - 2017-03-13 18:13 - 00000000 ____D C:\FRST
2017-03-07 13:11 - 2017-03-07 13:52 - 727037318 _____ C:\Users\euronics\Downloads\umlceni-cz-dabing-horor-thriller-velka-britanie-2009-OD-SOUČKA-TOMÁŠE.avi
2017-03-07 12:11 - 2017-03-07 12:58 - 848584258 _____ C:\Users\euronics\Downloads\Grace-The-Possession-2014-(horor)-cz-dabing.avi
2017-03-06 13:58 - 2017-03-06 14:20 - 381942766 _____ C:\Users\euronics\Downloads\Podstata-strachu-E08.Kost-a-kůže-CZ-Dabing-Horor-_-Povídkový,-USA-_-Kanada,-2008-...http___ulozto.cz__partner=154291.avi
2017-03-06 13:02 - 2017-03-06 13:43 - 734296064 _____ C:\Users\euronics\Downloads\Kukuřičné-děti-4-Zjevení-CZ-Dabing-Horor,-USA,-1996-Stephen-King.avi
2017-03-06 12:18 - 2017-03-06 13:00 - 734029825 _____ C:\Users\euronics\Downloads\Territories.2010.novinka.horor-cz-dabing(1).avi
2017-03-05 13:05 - 2017-03-05 13:46 - 734486331 _____ C:\Users\euronics\Downloads\Ďábel-v-těle-CZ-Dabing-Horor-_-Mysteriózní,-USA,-2012.OD-SOUČKA-TOMÁŠE.avi
2017-03-05 12:16 - 2017-03-05 12:57 - 733483008 _____ C:\Users\euronics\Downloads\Rudý-písek-(2009)-CZ-dabing---Akční--Horor,USA.avi
2017-03-05 11:25 - 2017-03-05 12:08 - 737400390 _____ C:\Users\euronics\Downloads\temne-nebe-cz-dabing-psychologicky-sci-fi-usa-Horor-2013-OD-SOUČKA-TOMÁŠE.avi
2017-03-05 10:22 - 2017-03-05 11:17 - 983495514 _____ C:\Users\euronics\Downloads\Man-Thing--Horor-scifi-cz.dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-05 08:53 - 2017-03-05 10:21 - 1594013650 _____ C:\Users\euronics\Downloads\Útok-trojhlavého-žraloka-(2015)-Novinka-CZ-dabing-Sci-Fi-Horor-Ak-ní.avi
2017-03-05 07:56 - 2017-03-05 08:37 - 733929472 _____ C:\Users\euronics\Downloads\Bratrstvo-(2001)-horor-CZ-dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-03 11:49 - 2017-03-03 11:49 - 00000000 ____D C:\Users\euronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2017-03-02 18:47 - 2017-03-02 19:31 - 778133504 _____ C:\Users\euronics\Downloads\Chata-v-horách-horor-CZ-dabing-(2011).avi
2017-03-02 17:42 - 2017-03-02 18:29 - 853090234 _____ C:\Users\euronics\Downloads\3_15---Zemřeš!-horor-(CZ-dabing).avi
2017-03-02 16:59 - 2017-03-02 17:41 - 735003946 _____ C:\Users\euronics\Downloads\Ostrov-smrti-CZ-Dabing-Drama-_-Thriller,-USA,-2003...ID_-154291.avi
2017-03-02 15:21 - 2017-03-02 16:48 - 1564805120 _____ C:\Users\euronics\Downloads\Smrtelne-lzi-2012-CZ-dabing-Drama-Thriller.avi
2017-03-02 09:35 - 2017-03-02 10:17 - 758927338 _____ C:\Users\euronics\Downloads\Podstata-strachu-horor-cz-dabing-sony1708.avi
2017-03-02 08:09 - 2017-03-02 09:29 - 1427295515 _____ C:\Users\euronics\Downloads\The-Pact.2012.novy-horor.cz-dabing-OD-SOUČKA-TOMÁŠE.avi
2017-03-01 15:46 - 2017-03-01 16:27 - 734029825 _____ C:\Users\euronics\Downloads\Territories.2010.novinka.horor-cz-dabing.avi
2017-03-01 15:05 - 2017-03-01 15:46 - 727769088 _____ C:\Users\euronics\Downloads\Drtič-horor,-CZ-dabing.avi
2017-03-01 13:38 - 2017-03-01 15:05 - 1558731674 _____ C:\Users\euronics\Downloads\Pravidla-vášn--(2002)-Novinka-CZ-dabing-Komedie-Drama-Romantický-Thriller.avi
2017-03-01 10:57 - 2017-03-01 12:43 - 1908080640 _____ C:\Users\euronics\Downloads\Provinění-2016-Cz-Avi-Drama-Thriller=Cz-Dabing-SUPER-KVALITA!!!-(1).avi
2017-02-28 14:11 - 2017-02-28 16:03 - 2008017274 _____ C:\Users\euronics\Downloads\Bod-zlomu-(2015)-CZ-Dabing,akční,drama,thriller,,novinka.fico.avi
2017-02-28 10:59 - 2017-02-28 11:30 - 555148338 _____ C:\Users\euronics\Downloads\Karmenin-polibek---Drama-Romantický-Thriller-CZ-Dabing-novinka-na-Ulož-to_xvid(1).avi
2017-02-28 09:45 - 2017-02-28 10:55 - 1262439454 _____ C:\Users\euronics\Downloads\Dead-Set-CZ-Dabing-Drama,Thriller,-Velká-Británie,-2008.avi
2017-02-28 08:50 - 2017-02-28 09:41 - 907085102 _____ C:\Users\euronics\Downloads\Prokletý-ostrov---2010,-drama,-thriller,-mysteriózní,-CZ-dabing,-(Angel).avi
2017-02-28 08:28 - 2017-02-28 08:44 - 277483207 _____ C:\Users\euronics\Downloads\Posedlá-láskou-(-Lethal-Seduction)-Drama-Thriller-2015-celý-film-CZ-Dabing.mp4
2017-02-26 21:31 - 2017-02-26 21:31 - 01682584 _____ C:\windows\Minidump\022617-22807-01.dmp
2017-02-23 22:26 - 2017-03-05 07:43 - 00000000 _____ C:\windows\SysWOW64\last.dump
2017-02-16 14:25 - 2017-02-16 15:18 - 930500548 _____ C:\Users\euronics\Downloads\ocista-volebni-rok-2016-horor-CZ.avi
2017-02-12 10:55 - 2017-02-12 11:39 - 795711550 _____ C:\Users\euronics\Downloads\novinky-smrtiaci-priliv-melcin-y-the-shallow-s-melcina-zralok-utok-smrtici-novinka-2016-cz-cesky-dabing-dab-skvely-film-dobra-kvalita-top-drama-horor-thriller-blake-lively-oscar-jaenada-brett-cu-destro-mkv.htm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 18:13 - 2009-07-14 05:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-13 18:13 - 2009-07-14 05:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-13 18:10 - 2011-11-14 23:38 - 00669132 _____ C:\windows\system32\perfh005.dat
2017-03-13 18:10 - 2011-11-14 23:38 - 00141760 _____ C:\windows\system32\perfc005.dat
2017-03-13 18:10 - 2009-07-14 06:13 - 00833938 _____ C:\windows\system32\PerfStringBackup.INI
2017-03-13 18:10 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2017-03-13 18:06 - 2016-11-21 14:22 - 00000000 ____D C:\Users\euronics\AppData\LocalLow\Mozilla
2017-03-13 18:06 - 2011-12-15 01:56 - 00060824 _____ C:\Users\euronics\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-13 18:05 - 2011-11-14 16:45 - 00000000 ____D C:\ProgramData\VeriFace
2017-03-13 18:04 - 2011-11-14 16:46 - 00133915 _____ C:\windows\system32\fastboot.set
2017-03-13 18:04 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-03-13 18:03 - 2015-03-12 10:44 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-03-13 17:53 - 2009-07-14 05:45 - 00272832 _____ C:\windows\system32\FNTCACHE.DAT
2017-03-13 10:04 - 2016-09-22 20:48 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2017-03-12 14:51 - 2013-12-25 12:50 - 00000000 ____D C:\Users\euronics\AppData\Roaming\vlc
2017-03-06 06:39 - 2009-07-14 06:08 - 00032546 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-02-26 21:31 - 2016-12-19 15:05 - 507264150 _____ C:\windows\MEMORY.DMP
2017-02-26 21:31 - 2013-04-14 16:39 - 00000000 ____D C:\windows\Minidump
2017-02-24 07:51 - 2013-08-14 10:58 - 00000000 ____D C:\windows\system32\MRT
2017-02-24 07:50 - 2012-09-21 18:01 - 138020592 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-02-22 22:41 - 2012-01-24 16:46 - 00000000 ____D C:\ProgramData\Skype
2017-02-15 12:48 - 2015-03-12 10:44 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 12:48 - 2013-03-24 18:30 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-02-15 12:48 - 2012-01-24 15:15 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-15 12:47 - 2013-03-24 18:30 - 00000000 ____D C:\windows\system32\Macromed
2017-02-15 09:17 - 2012-01-24 15:15 - 00000000 ____D C:\windows\SysWOW64\Macromed

==================== Files in the root of some directories =======

2017-03-13 18:10 - 2017-03-13 18:11 - 0029696 _____ () C:\Users\euronics\AppData\Local\MSGBOX.EXE
2012-01-30 10:41 - 2012-01-30 10:42 - 0000000 _____ () C:\Users\euronics\AppData\Local\{5FFC2F76-E8E0-4961-AAAC-3712983142B8}
2016-09-09 14:23 - 2016-09-09 14:23 - 0000016 _____ () C:\ProgramData\mntemp

Some files in TEMP:
====================
2016-09-22 20:20 - 2010-02-26 09:45 - 0080896 _____ (Microsoft Corporation) C:\Users\euronics\AppData\Local\Temp\devcon.exe
2017-01-20 14:23 - 2017-01-20 14:23 - 0739904 _____ (Oracle Corporation) C:\Users\euronics\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-25 05:29 - 2016-09-25 05:29 - 47038840 _____ (Google Inc.) C:\Users\euronics\AppData\Local\Temp\{5F97580F-41FA-468F-A064-5E3267C558EA}-53.0.2785.143_chrome_installer.exe
2016-09-25 06:00 - 2016-09-25 06:00 - 1246584 _____ (Google Inc.) C:\Users\euronics\AppData\Local\Temp\{E8452597-C50D-4458-B122-346E45B58649}-53.0.2785.143_53.0.2785.116_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-05 17:01

==================== End of FRST.txt ============================

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\euronics\Plocha)



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [NeroFilterCheck] => C:\windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Ladix]

Velikost adresare plochy (C:\Users\euronics\Plocha) je 27,3 GB.


Zde je fixlog:



Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by euronics (18-03-2017 12:57:11) Run:1
Running from C:\Users\euronics\Desktop
Loaded Profiles: euronics (Available Profiles: euronics)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [NeroFilterCheck] => C:\windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1337698518-1948378384-1755668044-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-1337698518-1948378384-1755668044-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => key removed successfully
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => key removed successfully
HKCR\Wow6432Node\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15804484 B
Java, Flash, Steam htmlcache => 2441 B
Windows/system/drivers => 123059580 B
Edge => 0 B
Chrome => 59402816 B
Firefox => 442532083 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42354146 B
systemprofile32 => 72758 B
LocalService => 0 B
NetworkService => 0 B
euronics => 1525951032 B

RecycleBin => 0 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:58:50 ====

[Márty84]

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[Ladix]

Plochu jsem usměrnil na 10,5 MB.

Momentálně bude asi den probíhat defragmentace, takže se ozvu i zítra. Musím ale již teď říct, že zlepšení určitě nastalo. Nemám ovšem moc času to vyzkoušet delší dobu, ale mělo by to být asi dobré. Ještě přemýšlím, že jí změním antivir, s Avastem totiž nemám příliš dobré zkušenosti. Co si o tom myslíte?

[Márty84]

Ještě přemýšlím, že jí změním antivir, s Avastem totiž nemám příliš dobré zkušenosti. Co si o tom myslíte?

Ja pouzivam Avast free uz vic nez 10 let a jsem spokojeny, nemam duvod menit. Ale samozrejme zalezi na jeji/vasi volbe. Kazdopadne tam nebyla zadna nebezpecna havet, jen bezne smeti, se kterym v podstate zadny antivir nic nenadela

Vyzkousejte co pujde a pokud bude vse v poradku, tema uzavreme. Vsak kdyby nahodou nastal nejaky problem, budeme tady

[Ladix]

Defragmentace dokončena, stav diskku je dobrý. Ntb se chová dobře, žádné záseky momentálně nesleduji.
Nemyslel jsem, že by měl být Avast free špatný antivir, ale spíš to, že se s nějakým typem počítače třeba nesnese. Znám to z osobní zkušenosti, jelikož mi jednou málem oddělal systém. Zatím ho ale tady ještě nechám, vypadá to dobře.

Děkuji mnohkrát za rady, za nějakou dobu se určitě ozvu s mým pc na kontrolu, pokud možno

Přeji hezký zbytek slunečného víkendu

[Márty84]

ale spíš to, že se s nějakým typem počítače třeba nesnese.

To ale plati pro vsechny antiviry

Jasne, klidne se ozvete

Nemate zac!

Mejte se a treba zase nekdy