Pop-Up okna v prohlížeči

Zpráva

toox · #1 Příspěvek od **toox** » 09 čer 2017 17:24

Zdravím, stáhl jsem si nějaký soft a sputil, poté mi začaly vyskakovat Pop-Up okna.

Díky za kontrolu

Logfile of random's system information tool 1.16 (written by random/random)
Run by Honza at 2017-06-09 18:22:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 439 GB (46%) free of 954 GB
Total RAM: 4087 MB (45% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:22:52, on 9.6.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Honza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Users\Honza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Honza_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ManyCam Service - Visicom Media Inc. - C:\ProgramData\ManyCam\Service\service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7626 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\ProgramData\ManyCam\Service\service.exe
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Honza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe" uTorrent_376_009F4850_1592256226 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Users\Honza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe" uTorrent_376_009F4900_2036322329 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" https://launchpage.org/?uid=oTlKBGjchx1 ... m6yQNpI9m4
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="820.0.797761015\1227154997" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 820 "\\.\pipe\gecko-crash-server-pipe.820" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="820.2.1943928837\1219541355" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 820 "\\.\pipe\gecko-crash-server-pipe.820" tab
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b1cddb0c-3a20-469b-a73c-2b9ab53ddc30 -SystemEventPortName:HostProcess-1c69f5f2-ae11-4b70-9d29-797a25aa0241 -IoCancelEventPortName:HostProcess-40fc60d4-cda0-4b4d-a9a2-9def40157481 -NonStateChangingEventPortName:HostProcess-a8d5f3e7-50f9-49a0-9389-51233239abcb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ea7e3223-e3bb-4161-8523-ddfc45b00193 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 14b1984f-8f2a-4359-8f96-c1a6a4206273 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "2022458584469374292-759819106538459006-12727716541831644458-364146633-1938682260
\??\C:\Windows\system32\conhost.exe "161721529397307206518068888071736887074509043485-572088862-827020355-2038758201
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\CCleaner\CCleaner64.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Honza\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft_Hardware_Launch_IType_exe - C:\Program Files\Microsoft IntelliType Pro\IType.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1461354161 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1379411598-525497723-484556184-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions.json
Test Pilot - extension - @testpilot-addon - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\@testpilot-addon.xpi
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\sp@avast.com.xpi
Avast Online Security - webextension - wrc@avast.com - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\wrc@avast.com.xpi
Follow-on Search Telemetry - extension - followonsearch@mozilla.com - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\features\{9d35f02c-4d75-4dee-b335-54372200d3fc}\followonsearch@mozilla.com.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\features\{9d35f02c-4d75-4dee-b335-54372200d3fc}\shield-recipe-client@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.171 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

======Registry dump ======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-02 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-21 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-02 773920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-21 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-02-05 1514528]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-09 213824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe [2016-01-10 2026520]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2017-03-21 23819304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-05 2585744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
"NoSimpleNetIDList"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1

====== List of files/folders created in the last 1 month ======

2017-06-09 18:22:52 ----D---- C:\ProgramData\SWCUTemp
2017-06-08 18:17:43 ----D---- C:\ProgramData\ManyCam
2017-06-08 18:16:14 ----D---- C:\Users\Honza\AppData\Roaming\ManyCam
2017-06-08 18:16:14 ----D---- C:\Program Files (x86)\ManyCam
2017-06-03 19:21:32 ----D---- C:\FRST
2017-05-21 12:09:49 ----D---- C:\Users\Honza\AppData\Roaming\Microsoft Games
2017-05-21 12:08:22 ----D---- C:\Program Files (x86)\GameSpy Arcade
2017-05-20 00:05:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-05-14 22:27:34 ----D---- C:\ProgramData\Age of Empires 3
2017-05-14 22:22:00 ----D---- C:\Program Files (x86)\MSXML 4.0
2017-05-14 22:20:24 ----D---- C:\Users\Honza\AppData\Roaming\Age of Empires III - Complete Collection_unistall
2017-05-14 21:57:38 ----D---- C:\Program Files (x86)\Age of Empires III - Complete Collection

====== List of files/folders modified in the last 1 month ======

2017-06-09 18:22:52 ----D---- C:\ProgramData
2017-06-09 18:22:51 ----D---- C:\Program Files\trend micro
2017-06-09 18:19:37 ----D---- C:\Users\Honza\AppData\Roaming\uTorrent
2017-06-09 18:17:02 ----D---- C:\Windows\Temp
2017-06-09 18:13:15 ----D---- C:\ProgramData\NVIDIA
2017-06-09 15:58:17 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2017-06-09 14:41:42 ----D---- C:\Windows\system32\config
2017-06-09 10:02:16 ----D---- C:\Windows\system32\drivers
2017-06-09 08:33:59 ----D---- C:\Windows
2017-06-08 18:17:37 ----D---- C:\Windows\inf
2017-06-08 18:17:35 ----D---- C:\Windows\system32\DriverStore
2017-06-08 18:17:31 ----SHD---- C:\System Volume Information
2017-06-08 18:16:14 ----RD---- C:\Program Files (x86)
2017-06-08 15:21:41 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2017-06-04 13:24:48 ----SHD---- C:\Windows\Installer
2017-06-04 13:24:48 ----D---- C:\Program Files (x86)\Java
2017-06-04 13:24:48 ----D---- C:\Config.Msi
2017-06-04 13:24:43 ----D---- C:\Windows\SysWOW64
2017-06-04 13:23:47 ----D---- C:\Windows\System32
2017-06-04 13:23:40 ----D---- C:\ProgramData\Conexant
2017-06-04 13:23:35 ----D---- C:\ProgramData\EPSON
2017-06-04 13:22:51 ----D---- C:\Windows\system32\catroot
2017-06-04 13:21:34 ----D---- C:\Program Files (x86)\Webteh
2017-06-04 13:21:15 ----D---- C:\Users\Honza\AppData\Roaming\BSplayer
2017-06-04 13:19:15 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2017-06-04 13:19:14 ----D---- C:\Windows\Logs
2017-06-04 13:16:32 ----D---- C:\Program Files (x86)\Google
2017-06-04 13:14:37 ----D---- C:\GOG Games
2017-06-03 19:13:05 ----D---- C:\Program Files
2017-05-31 12:37:40 ----D---- C:\Windows\system32\Tasks
2017-05-21 12:08:13 ----D---- C:\Windows\winsxs
2017-05-21 12:01:36 ----D---- C:\Program Files (x86)\Microsoft Games
2017-05-20 16:03:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-18 23:18:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-15 07:01:14 ----AD---- C:\TEMP
2017-05-11 15:17:37 ----D---- C:\ProgramData\Skype
2017-05-11 15:17:36 ----RD---- C:\Program Files (x86)\Skype
2017-05-11 15:17:36 ----D---- C:\Program Files (x86)\Common Files
2017-05-11 15:13:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-05-11 15:13:28 ----D---- C:\Windows\system32\Macromed
2017-05-11 15:13:27 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-05-09 190256]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-05-09 334576]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-05-09 49016]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-09 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-09 339696]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-05-09 311808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-09 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-09 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-09 1007160]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-09 569192]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-09 128648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-13 158880]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-12-29 49304]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-06-09 192216]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-12-29 35992]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-02-05 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-09 38296]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 DxVGrb;DxVGrb; C:\Windows\system32\drivers\DxVGrb.sys [2014-04-08 227456]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 qcusbnet;Qualcomm USB-NDIS miniport; C:\Windows\system32\DRIVERS\innosusbnet.sys [2012-10-26 510976]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\innosusbser.sys [2012-10-26 369792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-09 263304]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-02-05 1148560]
R2 ManyCam Service;ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [2015-12-15 77528]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-12-16 51112]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-02-05 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-02-05 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-05 935056]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-12-11 66872]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-03-06 389896]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-09 7346208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-04-05 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11 271864]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-02 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-20 173512]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Kodlz · #2 Příspěvek od **Kodlz** » 10 čer 2017 15:56

Ahoj
Poprosim Te o vlozeni logu FRST.txt a Addition.txt z aplikace FRST (Farbar Recovery Scan Tool). Navod naleznes zde: http://forum.viry.cz/viewtopic.php?f=13&t=133100

toox · #3 Příspěvek od **toox** » 10 čer 2017 16:18

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-06-2017
Ran by Honza (administrator) on HONZA-PC (10-06-2017 17:16:02)
Running from C:\Users\Honza\Downloads
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\Honza\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [uTorrent] => C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2016-01-10] (BitTorrent Inc.)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 62.129.50.20
Tcpip\..\Interfaces\{7BAF1024-5AF0-4AA6-B66A-D571EBA383BC}: [DhcpNameServer] 8.8.8.8 62.129.50.20

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-21] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917 [2017-06-10]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917 ->
FF Homepage: Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917 -> hxxp://www.centrum.cz/
FF Extension: (Test Pilot) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\@testpilot-addon.xpi [2017-04-18]
FF Extension: (Avast SafePrice) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\sp@avast.com.xpi [2017-05-31]
FF Extension: (Avast Online Security) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\wrc@avast.com.xpi [2017-05-31]
FF Extension: (Video DownloadHelper) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Follow-on Search Telemetry) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\azakhs9m.default-1431967574917\features\{9d35f02c-4d75-4dee-b335-54372200d3fc}\followonsearch@mozilla.com.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\E51D91331AE6C40F446AED1F1575C10FE51D [2015-11-22] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-02-05] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-12-16] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-12-11] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-27] (DT Soft Ltd)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [227456 2014-04-08] (Dexetek )
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-02-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 qcusbnet; C:\Windows\System32\DRIVERS\innosusbnet.sys [510976 2012-10-26] (QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\innosusbser.sys [369792 2012-10-26] (QUALCOMM Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-10 17:16 - 2017-06-10 17:16 - 00015864 _____ C:\Users\Honza\Downloads\FRST.txt
2017-06-10 17:15 - 2017-06-10 17:15 - 02437120 _____ (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2017-06-10 16:48 - 2008-12-20 18:29 - 773676288 _____ C:\Users\Honza\Desktop\MAFIA_CD_1.mdf
2017-06-10 16:40 - 2017-06-10 16:40 - 08734883 _____ C:\Users\Honza\Downloads\mafiacz_tomus.zip
2017-06-10 16:37 - 2017-06-10 16:37 - 00000737 _____ C:\Users\Honza\Desktop\Mafia.lnk
2017-06-10 16:37 - 2017-06-10 16:37 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2017-06-10 16:37 - 2017-06-10 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2017-06-10 16:31 - 2017-06-10 16:41 - 00000000 ____D C:\Program Files\Mafia
2017-06-09 20:28 - 2017-06-09 20:28 - 00291265 _____ C:\Users\Honza\Documents\Miestulik _ Amateri.com.pdf
2017-06-09 18:22 - 2017-06-09 18:22 - 01329152 _____ C:\Users\Honza\Downloads\RSIT.exe
2017-06-09 12:03 - 2010-12-07 17:37 - 00171751 _____ C:\Users\Honza\Desktop\navod.pdf
2017-06-08 18:17 - 2017-06-10 15:53 - 00000000 ____D C:\Users\Honza\AppData\Local\ManyCam
2017-06-08 18:17 - 2017-06-08 18:17 - 00000991 _____ C:\Users\Public\Desktop\ManyCam.lnk
2017-06-08 18:17 - 2017-06-08 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2017-06-08 18:17 - 2017-06-08 18:17 - 00000000 ____D C:\ProgramData\ManyCam
2017-06-08 18:16 - 2017-06-08 18:20 - 00000000 ____D C:\Program Files (x86)\ManyCam
2017-06-08 18:16 - 2017-06-08 18:17 - 00000000 ____D C:\Users\Honza\AppData\Roaming\ManyCam
2017-06-08 18:15 - 2017-06-08 18:15 - 66507564 _____ C:\Users\Honza\Downloads\ManyCam_Enterprise_v5.1.0.4_Setup_Cr@ck.rar
2017-06-05 08:02 - 2017-04-08 22:36 - 3599487310 _____ C:\Users\Honza\Desktop\Rogue-One-A-Star-Wars-Story-2016-BDrip-CZdab.mkv
2017-06-03 19:21 - 2017-06-10 17:16 - 00000000 ____D C:\FRST
2017-05-21 12:09 - 2017-05-21 12:09 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft Games
2017-05-21 12:08 - 2017-05-21 12:08 - 00002151 _____ C:\Users\Public\Desktop\Rise of Nations Gold.lnk
2017-05-21 12:08 - 2017-05-21 12:08 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2017-05-21 12:08 - 2017-05-21 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-05-21 12:08 - 2017-05-21 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2017-05-21 12:08 - 2017-05-21 12:08 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2017-05-21 11:53 - 2017-05-21 11:56 - 1085792256 _____ C:\Users\Honza\Downloads\Rise-of-nations---Gold-edition-CZ-Vacho1790.iso
2017-05-20 12:12 - 2017-05-20 12:12 - 03951128 _____ (Geek Unіnstaller) C:\Users\Honza\Desktop\geek64.exe
2017-05-20 00:05 - 2017-06-08 12:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-14 22:27 - 2017-05-14 22:27 - 00000000 ____D C:\ProgramData\Age of Empires 3
2017-05-14 22:22 - 2017-05-14 22:22 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-05-14 22:20 - 2017-05-14 22:20 - 00001212 _____ C:\Users\Honza\Desktop\Age of Empires - III The Asian Dynasties.lnk
2017-05-14 22:20 - 2017-05-14 22:20 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Age of Empires III - Complete Collection_unistall
2017-05-14 21:57 - 2017-05-20 14:01 - 00000000 ____D C:\Program Files (x86)\Age of Empires III - Complete Collection
2017-05-14 21:14 - 2017-05-14 21:31 - 2604274649 _____ C:\Users\Honza\Downloads\Age-of-Empires-III---Complete-Collection-CZ.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-10 17:15 - 2016-11-18 21:01 - 00000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2017-06-10 17:15 - 2016-01-10 16:19 - 00000000 ____D C:\Users\Honza\AppData\Roaming\uTorrent
2017-06-10 16:54 - 2009-07-14 06:45 - 00023392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-10 16:54 - 2009-07-14 06:45 - 00023392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-10 16:47 - 2016-07-28 13:11 - 00000000 ___RD C:\Users\Honza\Disk Google
2017-06-10 16:46 - 2017-05-01 11:58 - 00000000 ____D C:\Users\Honza\AppData\LocalLow\uTorrent
2017-06-10 16:45 - 2014-03-12 13:38 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-10 16:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-10 15:55 - 2016-01-09 20:42 - 00000000 ____D C:\Users\Honza\Downloads\torrent
2017-06-10 15:44 - 2012-12-27 22:00 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2017-06-10 10:19 - 2014-10-05 10:03 - 00000000 ___RD C:\Users\Honza\Desktop\### Trap,Dirty South
2017-06-10 08:37 - 2015-11-22 21:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-10 08:37 - 2012-12-27 22:00 - 00000000 ____D C:\ProgramData\Skype
2017-06-09 21:34 - 2012-12-27 22:05 - 00000000 ____D C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2017-06-09 18:25 - 2014-08-02 12:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-09 18:22 - 2014-09-21 16:52 - 00000000 ____D C:\Program Files\trend micro
2017-06-09 15:58 - 2012-12-28 00:23 - 00183112 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-06-08 18:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-06-08 15:19 - 2016-10-29 20:44 - 00000000 ____D C:\Users\Honza\Documents\Rockstar Games
2017-06-08 11:36 - 2014-05-03 00:25 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2017-06-08 10:16 - 2016-04-22 21:42 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-08 10:16 - 2015-11-22 20:39 - 00001325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-06-08 10:16 - 2015-09-12 17:18 - 00000993 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-06-08 10:16 - 2015-07-02 16:35 - 00001555 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-06-08 10:16 - 2014-11-12 18:27 - 00001361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-08 10:16 - 2014-11-12 18:27 - 00001349 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-06-08 10:16 - 2012-12-27 19:56 - 00002491 _____ C:\Users\Honza\Desktop\Internet Explorer.lnk
2017-06-05 08:44 - 2016-07-19 08:50 - 00000000 ____D C:\Users\Honza\Documents\HyperCam3
2017-06-05 08:44 - 2013-01-05 20:40 - 00074752 _____ C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-04 16:59 - 2013-03-29 17:17 - 00000132 _____ C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2017-06-04 13:24 - 2014-07-22 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-04 13:24 - 2013-08-09 16:30 - 00000000 ____D C:\Program Files (x86)\Java
2017-06-04 13:23 - 2015-10-01 18:32 - 00000000 ____D C:\ProgramData\Conexant
2017-06-04 13:23 - 2015-07-23 16:08 - 00000000 ____D C:\ProgramData\EPSON
2017-06-04 13:21 - 2016-02-11 02:40 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer
2017-06-04 13:21 - 2016-02-11 02:40 - 00000000 ____D C:\Program Files (x86)\Webteh
2017-06-04 13:16 - 2013-07-12 20:30 - 00000000 ____D C:\Users\Honza\AppData\Local\Google
2017-06-04 13:16 - 2013-07-12 20:30 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-04 13:14 - 2017-01-25 14:50 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-06-04 13:14 - 2016-06-19 08:43 - 00000000 ____D C:\GOG Games
2017-06-04 13:14 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-06-04 13:11 - 2012-12-27 20:57 - 00000000 ___RD C:\Users\Honza\Downloads\Ostatní
2017-05-31 12:37 - 2017-03-19 01:11 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1461354161
2017-05-25 19:20 - 2012-12-27 20:43 - 00001183 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-05-25 19:20 - 2012-12-27 20:43 - 00001159 _____ C:\Users\Public\Desktop\GOM Player.lnk
2017-05-21 12:12 - 2013-07-22 19:42 - 00000000 ____D C:\Users\Honza\Documents\My Games
2017-05-21 12:09 - 2014-05-08 15:06 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-05-21 12:01 - 2014-12-27 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2017-05-20 17:01 - 2016-04-13 18:26 - 00000000 ____D C:\Users\Honza\Documents\FIFA 14
2017-05-20 16:03 - 2014-11-12 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-18 23:18 - 2009-07-14 17:18 - 14265650 _____ C:\Windows\system32\perfh005.dat
2017-05-18 23:18 - 2009-07-14 17:18 - 04802538 _____ C:\Windows\system32\perfc005.dat
2017-05-18 23:18 - 2009-07-14 07:13 - 00006440 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-17 00:55 - 2017-03-18 15:46 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-15 07:03 - 2014-07-19 13:50 - 00000000 ____D C:\Users\Honza\AppData\Local\ElevatedDiagnostics
2017-05-15 07:01 - 2014-03-04 00:52 - 00000000 ____D C:\TEMP
2017-05-14 22:42 - 2016-10-02 18:11 - 00000000 ____D C:\Users\Honza\Documents\Ulozto
2017-05-14 19:36 - 2012-12-27 20:24 - 00000000 ___RD C:\Users\Honza\Documents\Web
2017-05-13 08:16 - 2016-04-22 21:41 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-11 15:13 - 2017-03-20 21:55 - 00004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-11 15:13 - 2014-11-12 18:50 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-11 15:13 - 2014-11-12 18:50 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 15:13 - 2012-12-27 20:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 15:13 - 2012-12-27 20:48 - 00000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2016-07-22 22:51 - 2013-11-29 21:58 - 0000224 _____ () C:\Program Files (x86)\update-HotPursuit.bat
2016-07-22 22:51 - 2013-11-06 14:28 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2014-11-02 13:46 - 2016-12-12 16:59 - 0000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2013-06-03 21:25 - 2013-06-03 21:25 - 0000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2013-03-29 17:17 - 2017-06-04 16:59 - 0000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2006-03-06 15:15 - 2015-09-18 00:31 - 0013863 ____H () C:\Users\Honza\AppData\Roaming\Honzalog.dat
2002-08-29 18:33 - 2002-08-29 18:33 - 0319488 ____R () C:\Users\Honza\AppData\Roaming\MafiaSetup.exe
2012-12-29 02:27 - 2014-10-18 16:41 - 0045270 _____ () C:\Users\Honza\AppData\Roaming\room_v3.dat
2013-01-05 20:40 - 2017-06-05 08:44 - 0074752 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-22 10:34 - 2014-07-22 10:34 - 0007599 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2013-06-21 20:22 - 2013-06-21 20:27 - 0000700 ___SH () C:\Users\Honza\AppData\Local\systemFL7.dat
2017-01-15 19:29 - 2017-01-15 20:47 - 0000166 _____ () C:\Users\Honza\AppData\Local\uts.ini
2016-02-01 17:01 - 2016-02-01 17:01 - 0002784 _____ () C:\ProgramData\epstplog.bak

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-02 08:53

==================== End of FRST.txt ============================

----------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2017
Ran by Honza (10-06-2017 17:16:45)
Running from C:\Users\Honza\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-12-27 17:55:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1379411598-525497723-484556184-500 - Administrator - Disabled)
Guest (S-1-5-21-1379411598-525497723-484556184-501 - Limited - Disabled)
Honza (S-1-5-21-1379411598-525497723-484556184-1000 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1)
Aktualizace NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
AMR Player 1.2 (HKLM-x32\...\{2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1) (Version: - www.amrplayer.com)
android_driver_install.exe (HKLM-x32\...\android_driver_install_is1) (Version: - android)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Balíček ovladače systému Windows - Google, Inc (androidusb) USB (12/11/2012 1.0.0009.00000) (HKLM\...\8E3B176889FB79CA6FE02DF2D2D6DE38BD9FC9F6) (Version: 12/11/2012 1.0.0009.00000 - Google, Inc)
Balíček ovladače systému Windows - Qualcomm (qcusbnet) Net (10/16/2012 1.0.7.9) (HKLM\...\C03E573DE1B7F7DE10352D707DF6C7E88C0FAA03) (Version: 10/16/2012 1.0.7.9 - Qualcomm)
Balíček ovladače systému Windows - Qualcomm Incorporated (qcusbser) Modem (10/26/2012 2.1.0.3) (HKLM\...\19E621CD1BB015A1069EB53B72E2877DC34F038C) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated)
Balíček ovladače systému Windows - Qualcomm Incorporated (qcusbser) Ports (10/26/2012 2.1.0.3) (HKLM\...\521149B020D2896EF887ED07E9FC74DD0C29C17A) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CoD 2 čeština 1.1 (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S[al!er!)
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4930 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.4930 - Název společnosti:) Hidden
CZShare Manager (HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\7f4182272b52fd8f) (Version: 0.0.1.35 - CZShare)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.11 - Piriform)
doPDF (Version: 8.8.946 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{3aba8e0f-add2-4184-a828-80ee3352c738}) (Version: 8.8.946 - Softland)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9 (HKLM-x32\...\Fifa 14 CZ v1.4.0.0 - Reapck by Danik1B9_is1) (Version: 1.0. - icecheats)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.16.5272 - GOM & Company)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HTML Password Lock 3.0 (HKLM-x32\...\HTML Password Lock_is1) (Version: - MTop Software, Inc.)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IrfanView (uninstall) (HKLM\...\IrfanView) (Version: - )
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
MediaInfo 0.7.73 (HKLM\...\MediaInfo) (Version: 0.7.73 - MediaArea.net)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mortal Kombat Komplete Edition (HKLM-x32\...\{9F012408-04EC-4989-932F-4C096117D2DD}_is1) (Version: - Warner Bros)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 53.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 cs)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
Need for Speed Undercover verze 1.0.1.17 (HKLM-x32\...\Need for Speed Undercover_is1) (Version: 1.0.1.17 - EA Games)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
novaPDF 8 Printer Driver (HKLM\...\{45ACC237-36D7-4071-8BFE-54DA41A0EC21}) (Version: 8.8.946 - Softland)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 4.0.1 (HKLM-x32\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Rapture3D 2.4.4 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
RAW Image Viewer (HKLM-x32\...\{3C867AA0-22EC-4B27-8C60-A354AA37D68C}_is1) (Version: - IdeaMK)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Resident Evil 6 verze 1.0.6 (HKLM-x32\...\{4735EAA5-20E6-44AA-9C46-CB9D1A195ED0}_is1) (Version: 1.0.6 - Capcom)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
SafeZone Stable 3.55.2393.607 (x32 Version: 3.55.2393.607 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Saboteur version 1.03 (HKLM-x32\...\The Saboteur_is1) (Version: 1.03 - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ulož.to FileManager verze 2.10 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.10 - Uloz.to cloud a.s.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Viber (HKU\S-1-5-21-1379411598-525497723-484556184-1000\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc)
Video Grabber (HKLM\...\VID_1D19&PID_6109&MI_01) (Version: 1.0.0.0 - Conexant Systems)
virtualPhotographer 1.5.6 (HKLM-x32\...\virtualPhotographer_is1) (Version: - optikVerve Labs)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1379411598-525497723-484556184-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (hxxp://MediaArea.net/MediaInfo)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB4A8F5-2B59-46F0-9673-E637D9AEDB15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {43810344-9F66-4EB9-B393-FB6650E03EE8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {951A2531-3C77-463E-B3A5-74A46F57E6B2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {AA4857AE-A3A3-4DDE-911A-50BE11541F3E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-09] (AVAST Software)
Task: {AB1B69B0-98AD-4B23-9365-DD6143797BDA} - \WiseCleaner\WRCSkipUAC -> No File <==== ATTENTION
Task: {C5805D39-C3D6-485D-B536-CA79E69079A7} - System32\Tasks\SafeZone scheduled Autoupdate 1461354161 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {C5DEA38C-0060-4E4C-87A4-A7E97D3F4870} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {D9B63AD4-1870-4642-BA66-9171A3BD1A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {FE635189-A957-418B-8B72-D81D6A284E8B} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat ()

==================== Loaded Modules (Whitelisted) ==============

2014-03-12 13:38 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-16 19:36 - 2016-12-16 19:36 - 00145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2016-12-16 19:36 - 2016-12-16 19:36 - 00060840 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
2016-12-16 19:37 - 2016-12-16 19:37 - 00035240 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
2012-12-28 00:23 - 2016-12-11 10:51 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-10-01 18:45 - 2013-03-06 14:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-05-09 14:07 - 2017-05-09 14:07 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00825960 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-05-09 14:07 - 2017-05-09 14:07 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-06-10 08:12 - 2017-06-10 08:12 - 06101864 _____ () C:\Program Files\AVAST Software\Avast\defs\17060904\algo.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-05-09 14:07 - 2017-05-09 14:07 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-09 14:08 - 2017-05-09 14:08 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-09 14:07 - 2017-05-09 14:07 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-06-10 16:45 - 2017-06-10 16:45 - 00098816 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32api.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00110080 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\pywintypes27.dll
2017-06-10 16:45 - 2017-06-10 16:45 - 00364544 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\pythoncom27.dll
2017-06-10 16:45 - 2017-06-10 16:45 - 00320512 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32com.shell.shell.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00914432 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_hashlib.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 01176576 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._core_.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00806400 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._gdi_.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00816128 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._windows_.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 01067008 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._controls_.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00733184 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._misc_.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00682496 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\pysqlite2._sqlite.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00088064 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_ctypes.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00686080 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\unicodedata.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00119808 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32file.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00108544 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32security.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00007168 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\hashobjs_ext.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00017920 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\thumbnails_ext.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00088064 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\usb_ext.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00012800 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\common.time34.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00018432 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32event.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00167936 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32gui.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00046080 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_socket.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 01303552 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_ssl.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00128512 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_elementtree.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00127488 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\pyexpat.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00038912 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32inet.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00036864 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_psutil_windows.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00524248 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\windows._lib_cacheinvalidation.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00011264 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32crypt.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00123392 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._wizard.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00077312 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._html2.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00027648 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_multiprocessing.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00020480 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\_yappi.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00035840 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32process.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00078848 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\wx._animate.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00024064 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32pipe.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00010240 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\select.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00025600 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32pdh.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00017408 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32profile.pyd
2017-06-10 16:45 - 2017-06-10 16:45 - 00022528 ____R () C:\Users\Honza\AppData\Local\Temp\_MEI22402\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-05-03 13:40 - 2015-01-07 00:08 - 00000035 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1379411598-525497723-484556184-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 62.129.50.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{CE942AD7-EE5D-431D-999B-6DEC4C42B4E1}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{FA2E753C-4E44-4754-9D4B-B143796A390A}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{D9793D20-AEF0-431C-B739-912788D06965}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{C1F6A90A-A22F-4AB9-BC20-5B4538D937A9}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{8C334242-962B-4D4D-9B4E-2E6C18C0F9CF}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{6FA5CC03-7A76-4301-AC38-D36530DC5B05}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [{946CF733-5FDF-44EF-8E8A-1970B28D8CC1}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\outlook.exe
FirewallRules: [TCP Query User{E807C801-7956-431D-ACDD-8241CC6AF180}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Block) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{047486DE-B09D-4F4F-AAB5-B7ED09202152}C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Block) C:\program files (x86)\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [{C1D360C5-278B-4A67-83D3-0BD91CE2E82A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{49D64E06-A434-4D3E-A352-2524E369E510}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BE887F4E-4C34-44C0-BCFD-592A6A43E4D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5739205F-0198-402C-A455-868278D6CF54}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{80226EDF-CA62-4C09-8676-1C4C58122382}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Block) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{7FBDDC72-4A10-4808-B68E-01D0C5417B59}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Block) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [{F0E801B1-D52E-4E49-BF7D-7701C087653A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA642421-C042-4D1A-ACCD-5FC8A1A802BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2547633F-FD1E-4D14-A6AE-C50BBC1797B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6818BDFA-4EDB-4138-BC67-F85CF1EEEE3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FF9A42B2-927B-44F1-8C5B-21650BE29C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36998759-E3CA-4EA2-8EE5-637867CAE303}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E57ABE73-5904-4601-849C-1A536D8C563B}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [TCP Query User{5C85D8C1-D972-4E3A-B8C3-825999DF5E0D}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{0C26E5D9-10ED-426F-A111-BDFE084888D3}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{D184FD3D-635F-48E9-9850-391198A749A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C12A2ED7-45BD-4EE8-A63D-310D209E36CE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F4F2BC6F-6C3D-4328-B368-FA0BEB209BBC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{43C27032-319E-4ACE-BE75-CDC4FB41711D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1AAB84F8-4C94-4896-A62D-A04F23D7CC9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32EF0426-5CF7-4409-ADD6-862528E325DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A735F9A5-3A08-4D31-A531-4527A6787162}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Block) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [UDP Query User{BE1D6D34-65FC-496D-B623-87CF1A8173FF}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe] => (Block) C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe
FirewallRules: [{D322978D-E3F0-4239-B1DA-F74D743A0484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B367592D-23FA-4BCA-930A-FD1E742D9322}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9B607AE3-0AFC-4452-A385-6EFFB20F0E80}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{77217111-481A-4510-994A-53EEBF2FF6C2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CB4BFF45-AC09-4DD8-927C-02B17F83FECC}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe] => (Block) C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe
FirewallRules: [UDP Query User{DB573CBD-57A9-4091-9DE3-F14D9B9698F0}C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe] => (Block) C:\program files (x86)\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe
FirewallRules: [TCP Query User{2E254C54-64FA-454C-8B1B-83A84BD44616}C:\program files (x86)\need for speed hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{ED5998BF-0621-457B-A14D-B19402A08545}C:\program files (x86)\need for speed hot pursuit\nfs11.exe] => (Block) C:\program files (x86)\need for speed hot pursuit\nfs11.exe
FirewallRules: [TCP Query User{E019041D-C4E7-40FB-9B56-765D804B7D5A}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{3AE60274-82BA-4618-94DE-78E27C83A934}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{25468BBD-32EE-4584-B06F-E5AF5D88AAEF}] => (Allow) C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EA4DD2A-49AD-480D-ABD9-47A165681EF9}] => (Allow) C:\Users\Honza\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{36A3B6E8-B472-4F3D-972F-447750F9B506}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{585F0554-B37E-4EC7-90CB-A4FCBA087E01}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{5F965D7D-7E99-4A99-B8FA-F5F5C481D84E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{85A6DC09-1464-4727-87A2-95D582597F20}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B7DA3491-48A7-49CF-BF82-1AE4508CD0F1}] => (Allow) LPort=8501
FirewallRules: [{30E84AE4-4344-4D81-BEB9-61E312FC4D00}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{D73C3388-F350-42BC-8CFC-072234433CAB}C:\games\resident evil 6\bh6.exe] => (Block) C:\games\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{75AF1ABC-48A3-4963-89D2-FCCF59577377}C:\games\resident evil 6\bh6.exe] => (Block) C:\games\resident evil 6\bh6.exe
FirewallRules: [{567DE40A-ED45-4F9D-A331-500BA3D80560}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe
FirewallRules: [{46746846-AEB2-4E19-A805-D2EC06AC7E4A}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K14\nba2k14.exe
FirewallRules: [{3D213337-6044-4E97-8AC9-CE08FD7BBAB2}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{8B0A6B25-159C-435D-B254-D34F9C25C6BE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [{9201150A-D5D2-495D-B3A8-339825B09E68}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [TCP Query User{683EBE82-C71C-4FED-B1E3-2D0F115ACC44}C:\program files (x86)\microsoft games\rise of nations\patriots.exe] => (Block) C:\program files (x86)\microsoft games\rise of nations\patriots.exe
FirewallRules: [UDP Query User{C0876E8C-2C6B-4AF5-A9C5-20455BAB0CF2}C:\program files (x86)\microsoft games\rise of nations\patriots.exe] => (Block) C:\program files (x86)\microsoft games\rise of nations\patriots.exe
FirewallRules: [{681D1921-65CB-4F51-BDF9-381638645DB8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe

==================== Restore Points =========================

30-05-2017 07:46:33 Naplánovaný kontrolní bod
04-06-2017 13:12:06 Removed Google Earth
04-06-2017 13:15:17 Removed One Click Root
04-06-2017 13:24:05 Removed Java 8 Update 101
08-06-2017 18:16:34 Instalace balíčku ovladače zařízení: Visicom Media Inc. Zařízení pro zpracování obrázků
08-06-2017 18:17:19 Instalace balíčku ovladače zařízení: Visicom Media Inc. Řadiče zvuku, videa a her

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2017 08:45:25 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (06/09/2017 02:39:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 90080108).

Error: (06/09/2017 01:18:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).

Error: (06/09/2017 08:36:43 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, ONEINDEX14://{S-1-5-21-1379411598-525497723-484556184-1000}/>.

Error: (06/09/2017 08:33:47 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/09/2017 08:33:47 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/09/2017 08:33:47 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/09/2017 08:33:47 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (06/09/2017 08:33:43 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/09/2017 08:33:43 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

System errors:
=============
Error: (06/09/2017 06:13:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:11:28, ‎9.‎6.‎2017) bylo neočekávané.

Error: (06/09/2017 08:34:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/09/2017 08:34:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Search bylo dosaženo časového limitu (60000 ms).

Error: (06/09/2017 08:34:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/09/2017 08:34:10 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/09/2017 08:33:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/09/2017 08:33:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (06/08/2017 06:14:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (06/06/2017 09:04:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hostitel zařízení UPnP neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (06/06/2017 09:04:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba upnphost se nemohla přihlásit jako NT AUTHORITY\LocalService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

CodeIntegrity:
===================================
Date: 2016-09-10 10:29:47.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-10 10:24:44.565
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-10 10:24:44.346
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 09:23:31.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 09:20:20.190
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 09:20:20.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 22:58:25.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 22:55:38.440
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 22:55:38.237
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 09:44:22.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 48%
Total physical RAM: 4087.49 MB
Available physical RAM: 2090.6 MB
Total Virtual: 8173.18 MB
Available Virtual: 6097.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:425.87 GB) NTFS
Drive e: (MAFIA_CD_1) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Kodlz · #4 Příspěvek od **Kodlz** » 12 čer 2017 10:29

kolik z tech aplikaci a her je cracknutych nebo stazeno nacerno?

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\E51D91331AE6C40F446AED1F1575C10FE51D [2015-11-22] <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - <no Path/update_url>
2017-06-08 18:15 - 2017-06-08 18:15 - 66507564 _____ C:\Users\Honza\Downloads\ManyCam_Enterprise_v5.1.0.4_Setup_Cr@ck.rar
2017-06-05 08:44 - 2013-01-05 20:40 - 00074752 _____ C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
016-07-22 22:51 - 2013-11-29 21:58 - 0000224 _____ () C:\Program Files (x86)\update-HotPursuit.bat
2016-07-22 22:51 - 2013-11-06 14:28 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2013-01-05 20:40 - 2017-06-05 08:44 - 0074752 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1379411598-525497723-484556184-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (hxxp://MediaArea.net/MediaInfo)
C:\Program Files\MediaInfo\
Task: {0FB4A8F5-2B59-46F0-9673-E637D9AEDB15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {AB1B69B0-98AD-4B23-9365-DD6143797BDA} - \WiseCleaner\WRCSkipUAC -> No File <==== ATTENTION
Task: {D9B63AD4-1870-4642-BA66-9171A3BD1A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat ()
end

toox · #5 Příspěvek od **toox** » 12 čer 2017 10:45

Některé jsou cracknuty

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-06-2017
Ran by Honza (12-06-2017 11:37:55) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\E51D91331AE6C40F446AED1F1575C10FE51D [2015-11-22] <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - <no Path/update_url>
2017-06-08 18:15 - 2017-06-08 18:15 - 66507564 _____ C:\Users\Honza\Downloads\ManyCam_Enterprise_v5.1.0.4_Setup_Cr@ck.rar
2017-06-05 08:44 - 2013-01-05 20:40 - 00074752 _____ C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
016-07-22 22:51 - 2013-11-29 21:58 - 0000224 _____ () C:\Program Files (x86)\update-HotPursuit.bat
2016-07-22 22:51 - 2013-11-06 14:28 - 0000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2013-01-05 20:40 - 2017-06-05 08:44 - 0074752 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1379411598-525497723-484556184-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (hxxp://MediaArea.net/MediaInfo)
C:\Program Files\MediaInfo\
Task: {0FB4A8F5-2B59-46F0-9673-E637D9AEDB15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {AB1B69B0-98AD-4B23-9365-DD6143797BDA} - \WiseCleaner\WRCSkipUAC -> No File <==== ATTENTION
Task: {D9B63AD4-1870-4642-BA66-9171A3BD1A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk -> C:\cygwin\Cygwin.bat ()
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Program Files (x86)\mozilla firefox\E51D91331AE6C40F446AED1F1575C10FE51D => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKU\S-1-5-21-1379411598-525497723-484556184-1000\SOFTWARE\Google\Chrome\Extensions\cnnbdaahphjgdgfhliignpepgnbnfomp => key removed successfully
C:\Users\Honza\Downloads\ManyCam_Enterprise_v5.1.0.4_Setup_Cr@ck.rar => moved successfully
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
016-07-22 22:51 - 2013-11-29 21:58 - 0000224 _____ () C:\Program Files (x86)\update-HotPursuit.bat => Error: No automatic fix found for this entry.
C:\Program Files (x86)\visit-www.nosteam.ro.html => moved successfully
"C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
HKU\S-1-5-21-1379411598-525497723-484556184-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42} => key removed successfully
C:\Program Files\MediaInfo => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FB4A8F5-2B59-46F0-9673-E637D9AEDB15} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB4A8F5-2B59-46F0-9673-E637D9AEDB15} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB1B69B0-98AD-4B23-9365-DD6143797BDA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB1B69B0-98AD-4B23-9365-DD6143797BDA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WRCSkipUAC => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9B63AD4-1870-4642-BA66-9171A3BD1A1D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9B63AD4-1870-4642-BA66-9171A3BD1A1D} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung Galaxy Ace - Guide - Cygwin-Odin\Cygwin Terminal.lnk => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47134604 B
Java, Flash, Steam htmlcache => 1030 B
Windows/system/drivers => 1975679 B
Edge => 0 B
Chrome => 0 B
Firefox => 385935085 B
Opera => 578560 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33490 B
LocalService => 0 B
NetworkService => 0 B
Honza => 122931185 B
UpdatusUser => 0 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 2060230105 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:38:38 ====

Kodlz · #6 Příspěvek od **Kodlz** » 12 čer 2017 11:03

a ty se divis ze ti vyskakuji okna v prohlizeci?

Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken

-Log zkopíruj sem.

toox · #7 Příspěvek od **toox** » 12 čer 2017 12:24

Pop-up mi začaly skákat po stažení exe souboru z neoficialnich stranek a byl tam nejspise vir.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 12.06.17
Čas skenování: 12:50
Logovací soubor: 56.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2136
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Honza-PC\Honza

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 393057
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 19 min, 18 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

# AdwCleaner v6.047 - Logfile created 12/06/2017 at 12:42:25
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-10.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Windows\SysNative\Tasks\WiseCleaner

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

[-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[-] Shortcut disinfected: C:\Users\Honza\Desktop\Internet Explorer.lnk
[-] Shortcut disinfected: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut disinfected: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
[-] Shortcut disinfected: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut disinfected: C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\Honza\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Scheduled Tasks ] *****

[-] Task deleted: WiseCleaner

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-1379411598-525497723-484556184-1000\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2960 Bytes] - [06/06/2016 19:21:26]
C:\AdwCleaner\AdwCleaner[C2].txt - [4352 Bytes] - [22/11/2015 21:51:42]
C:\AdwCleaner\AdwCleaner[C3].txt - [2303 Bytes] - [12/06/2017 12:42:25]
C:\AdwCleaner\AdwCleaner[R0].txt - [927 Bytes] - [16/05/2015 22:38:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [986 Bytes] - [16/05/2015 22:40:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [3088 Bytes] - [06/06/2016 19:19:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [5306 Bytes] - [22/11/2015 21:50:00]
C:\AdwCleaner\AdwCleaner[S3].txt - [3748 Bytes] - [12/06/2017 12:41:21]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2739 Bytes] ##########

Kodlz · #8 Příspěvek od **Kodlz** » 12 čer 2017 13:32

jak se chova pc?

toox · #9 Příspěvek od **toox** » 12 čer 2017 13:43

zdá se to vše v naprostém pořádku

Kodlz · #10 Příspěvek od **Kodlz** » 12 čer 2017 13:47

dobre

toox · #11 Příspěvek od **toox** » 12 čer 2017 13:52

je to vše? Děkuji velice za kontrolu a za čas

Kodlz · #12 Příspěvek od **Kodlz** » 12 čer 2017 14:03

ano, muzes vse smazat/odinstalovat.
neni zac

VIRY.CZ

Pop-Up okna v prohlížeči

Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči

Re: Pop-Up okna v prohlížeči