Facebook nutná změna,hesla najednou?

Zpráva

dj-paja · #1 Příspěvek od **dj-paja** » 14 lis 2016 20:23

Zdravim dnes jsem musel pomocí telefonu změnit heslo na mém účtu od fb.Objevilo jse mne toto hlášení Váš účet je dočasně zablokovaný Dnes jsem při mém prvním přihlášení byl informován o stavu mého účtu a to tak že byl dočasně zablokován z podezření, že se někdo pokoušel o přístup k účtu z jiné polohy či zařízení. Bylo mi oznámeno že dotyčný v tu dobu se nacházel v Praze použit byl Firefox na Linux systému.
Postupoval jsem logicky změnou hesla, mám v plánu použít i generátor kódů "hesla" pak už je každé přihlášení zcela unikátní. V minulosti jsem o takové možnosti neměl tušení.
Zkontroloval jsem stav mého účtu jakožto zprávy, Timeline atp. Vše je v pořádku.Naposled jsem byl přihlášen na notebooku viz fb setkal jste se už někdo s tímto problémem?mám si dělat obavy díky?

#2 Příspěvek od **Rudy** » 14 lis 2016 20:32

Zdravím!
Tím, že jste si změnil heslo, mělo by být vystaráno. Heslo by mělo být dostatečně silné (velká, malá písmena a diakritické, či speciální znaky). Původní heslo se asi nějak profláklo, nebo vám ho někdo hacknul.

dj-paja · #3 Příspěvek od **dj-paja** » 14 lis 2016 20:50

Zdravim myslíte si,že když je heslo jednoduché tak ho asi zřejmně někdo hacknul,možné to je viďte.Jak jsem googlil tak tento problém byl,také již zaznamenán uživateli myslíte,že může být chyba v aplikaci fb.Nebo je v pc nějaký vir,který tohle může způspbit díky.

#4 Příspěvek od **Rudy** » 14 lis 2016 21:56

Jednoduché heslo je snáze "hackovatelné", než složitější. V PC byste mohl mít keylogger, který snímá stisky kláves a odesílá. Další možností je hacknutí hesla metodou brute force a konečně jste si ho někde mohl "vypustit" sám, aniž byste si to uvědomil. Abych zjistil, zda nemáte keylogger, musel bych zkontrolovat PC. Máte-li zájem, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

dj-paja · #5 Příspěvek od **dj-paja** » 14 lis 2016 22:40

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2016
Ran by Paja (administrator) on PAJA-NOTEBOOK (14-11-2016 22:34:48)
Running from D:\Stažené soubory
Loaded Profiles: Paja (Available Profiles: Paja)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Nainstalovano\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Ellora Assets Corp.) C:\Nainstalovano\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Nainstalovano\reaConverter 7 Standard\rc_service.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Nainstalovano\ProShow\scsiaccess.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\st_rsser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink Corp.) C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13Agent.exe
(NEC Electronics Corporation) C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(PowerISO Computing, Inc.) C:\Nainstalovano\PowerISO\PWRISOVM.EXE
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(iSkySoft) C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Apple Inc.) C:\Nainstalovano\Itunes\iTunesHelper.exe
(AVAST Software) C:\Nainstalovano\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ZONER software) C:\Nainstalovano\Photo Studio 17\Program32\ZPSTray.exe
(Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\plugin-container.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Serengeti Systems Incorporated) C:\Nainstalovano\robo ftp\SchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Farbar) D:\Stažené soubory\FRST(2).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PowerDVD13Agent] => C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13Agent.exe [517144 2013-10-23] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Nainstalovano\PowerISO\PWRISOVM.EXE [200704 2006-12-25] (PowerISO Computing, Inc.)
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] ()
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2131856 2016-06-20] (iSkySoft)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-29] ()
HKLM\...\Run: [iTunesHelper] => C:\Nainstalovano\Itunes\iTunesHelper.exe [157456 2015-10-16] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Nainstalovano\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM\...\Run: [SpywareTerminatorShield] => G:\Downloads\Spyware Terminator Premium 2015 3.0.1.107 CZ!\100%\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => G:\Downloads\Spyware Terminator Premium 2015 3.0.1.107 CZ!\100%\SpywareTerminatorUpdate.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12009176 2013-09-13] (Realtek Semiconductor)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Run: [PowerDVD13] => C:\Nainstalovano\Power DVD 13\PowerDVD13\PDVDLP.exe [470792 2013-10-23] (CyberLink Corp.)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Nainstalovano\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Policies\system: [DisableClock] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast\ashShell.dll [2016-09-08] (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BootExecute: autocheck autochk * sh4native Sh4Removal

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4310A902-C9E0-4895-B0EA-1B023C3E0392}: [NameServer] 10.1.1.0,10.1.1.100
Tcpip\..\Interfaces\{773AED62-3847-4BF6-ADB6-CD8382113C44}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-203695958-539750940-1501531493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> 1500C81568E2C9D8F17E29C71ECBB74C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> {E3BF7B2D-C987-462D-9BF9-92F2FCC615DA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files\Spyware Terminator\STInternetGuard.dll [2016-03-03] (Crawler Group, LLC)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Nainstalovano\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-10-29] (Wondershare)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF ProfilePath: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\3456uct3.default [2016-11-14]
FF Homepage: Mozilla\Firefox\Profiles\3456uct3.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\3456uct3.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\3456uct3.default -> type", 4
FF HKLM\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com [2015-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2016-01-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Nainstalovano\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Nainstalovano\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Nainstalovano\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Nainstalovano\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [{30628BCD-632F-4698-8E83-0B6597E9100A}] - C:\Nainstalovano\Facebook Video Downloader\FBVD_FF.xpi
FF Extension: (Facebook Video Downloader Extension) - C:\Nainstalovano\Facebook Video Downloader\FBVD_FF.xpi [2014-09-19] [not signed]
FF HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Nainstalovano\Itunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [No File]
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2014-11-11] ( )
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Nainstalovano\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-11-09]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-11-09]
CHR Extension: (YouTube) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (RealDownloader) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2016-01-16]
CHR Extension: (Facebook Video Downloader Extension) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffdffcnfhdcfbjijbcfghooboafmhel [2016-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-11-09]
CHR Extension: (Gmail) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-09]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jffdffcnfhdcfbjijbcfghooboafmhel] - C:\Nainstalovano\Facebook Video Downloader\FBVD_GC.crx [2014-09-19]

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
StartMenuInternet: (HKLM) OperaStable - C:\Nainstalovano\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2015-03-04] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2015-02-03] (Microsoft Corporation) [File not signed]
S3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2015-06-15] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [475136 2015-02-03] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [475136 2015-02-03] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Nainstalovano\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [143872 2015-04-27] (Microsoft Corporation) [File not signed]
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-10-23] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-10-23] (CyberLink)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [853504 2015-05-25] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [909312 2015-04-20] (Microsoft Corporation) [File not signed]
R2 FreemakeVideoCapture; C:\Nainstalovano\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-04-17] (Ellora Assets Corp.) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [102912 2015-06-19] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveAuditService.exe [65824 2006-10-26] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2015-06-15] (Microsoft Corporation) [File not signed]
S3 NBService; C:\Nainstalovano\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2014-12-06] (Microsoft Corporation) [File not signed]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2015-02-03] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164864 2014-12-19] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 reaConverter_service; C:\Nainstalovano\reaConverter 7 Standard\rc_service.exe [2129408 2015-06-19] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 SchedulerService0310; C:\Nainstalovano\robo ftp\SchedulerService.exe [48448 2016-05-27] (Serengeti Systems Incorporated)
R2 ScsiAccess; C:\Nainstalovano\ProShow\ScsiAccess.exe [186760 2014-11-11] ()
S2 Secure Hunter Service; C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe [47416 2015-12-16] (SecureHunter LLC) [File not signed]
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [2114384 2016-03-03] (Crawler Group, LLC)
S3 TermService; C:\Windows\System32\termsrv.dll [523776 2014-10-14] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) [File not signed]
S4 wuauserv; C:\Windows\system32\wuaueng.dll [2057216 2015-07-09] (Microsoft Corporation) [File not signed]
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2012-05-17] (AnvSoft Inc.) [File not signed]
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2015-02-03] (Microsoft Corporation) [File not signed]
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-04-11] (Disc Soft Ltd)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [514560 2015-02-25] (Microsoft Corporation) [File not signed]
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2000-01-01] (Atheros Communications, Inc.)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [116224 2014-12-19] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [124416 2015-07-01] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [225792 2015-07-01] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [98304 2015-07-01] (Microsoft Corporation) [File not signed]
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7517696 2011-08-03] (Intel Corporation)
R3 NPF; C:\Windows\System32\drivers\NPF.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-08-31] (Nuvoton Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [593920 2015-02-03] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [31644 2006-12-25] (PowerISO Computing, Inc.) [File not signed]
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2014-02-07] (Screaming Bee LLC)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2016-11-14] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2014-11-11] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [File not signed]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Nainstalovano\Power DVD 13\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-10-23] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Paja\AppData\Local\Temp\catchme.sys [X]
S3 CTIpHook; \SystemRoot\system32\Drivers\CTIpHook.sys [X]
U3 DfSdkS; no ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-14 22:34 - 2016-11-14 22:34 - 00000000 ____D C:\FRST
2016-11-05 23:49 - 2016-11-05 23:36 - 1340518490 _____ C:\Převrat.avi
2016-11-05 23:14 - 2016-11-05 23:14 - 00000677 _____ C:\Users\Public\Desktop\AIMP.lnk
2016-11-05 23:14 - 2016-11-05 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2016-11-05 21:30 - 2016-11-05 21:30 - 10160836 _____ C:\Users\Paja\Documents\vlc-record-2016-11-05-21h30m37s-HBO HD-.ts
2016-11-05 21:22 - 2016-11-05 21:23 - 16352240 _____ C:\Users\Paja\Documents\vlc-record-2016-11-05-21h22m44s-HBO HD-.ts
2016-11-04 00:11 - 2016-11-04 00:11 - 00001093 _____ C:\Users\Paja\Desktop\playlist – zástupce.lnk
2016-10-23 13:51 - 2016-10-23 13:53 - 00000000 ____D C:\paní Duchková TV
2016-10-17 16:13 - 2016-10-17 16:13 - 00000000 ____D C:\Program Files\Common Files\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-14 22:02 - 2014-04-11 17:11 - 00029140 _____ C:\Users\Paja\Desktop\Nový textový dokument.txt
2016-11-14 21:57 - 2014-04-11 20:38 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-14 21:42 - 2014-04-11 15:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-14 20:50 - 2016-06-03 21:14 - 00000000 ____D C:\Users\Paja\AppData\Roaming\AIMP
2016-11-14 20:30 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-14 20:30 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-14 20:11 - 2015-11-22 22:54 - 00000000 ____D C:\Users\Paja\AppData\Roaming\vlc
2016-11-14 20:11 - 2010-11-21 02:16 - 00672046 _____ C:\Windows\system32\perfh005.dat
2016-11-14 20:11 - 2010-11-21 02:16 - 00142610 _____ C:\Windows\system32\perfc005.dat
2016-11-14 20:11 - 2010-11-20 22:01 - 01591750 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-14 20:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-14 20:08 - 2014-06-24 14:04 - 00000000 ____D C:\Users\Paja\AppData\Local\CrashDumps
2016-11-14 20:08 - 2014-04-11 16:05 - 00000384 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-11-14 20:07 - 2016-07-01 22:44 - 00000441 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-11-14 20:05 - 2016-06-09 19:21 - 00000286 _____ C:\native log.txt
2016-11-14 20:05 - 2016-01-05 00:49 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2016-11-14 20:05 - 2014-04-11 15:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-14 20:05 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-14 00:11 - 2016-02-12 00:39 - 00000000 ____D C:\Users\Paja\AppData\Roaming\uTorrent
2016-11-09 15:37 - 2015-07-22 21:03 - 00000000 ____D C:\Anička Sofinka dnes
2016-11-09 14:56 - 2015-10-29 21:41 - 00000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe
2016-11-08 23:57 - 2014-04-11 20:38 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 23:57 - 2014-04-11 20:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-08 23:57 - 2014-04-11 20:38 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 22:32 - 2014-04-19 16:46 - 00000000 ____D C:\Users\Paja\AppData\Roaming\Skype
2016-11-06 00:19 - 2015-11-13 18:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 22:48 - 2014-05-05 21:41 - 00000000 ____D C:\Users\Paja\AppData\Roaming\dvdcss
2016-11-02 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-02 21:47 - 2014-04-11 19:07 - 00000000 ____D C:\Users\Paja\AppData\Local\ElevatedDiagnostics
2016-10-24 19:47 - 2015-09-22 16:30 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-24 19:47 - 2014-04-11 15:22 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-22 23:11 - 2014-05-02 21:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-22 19:00 - 2014-04-11 15:15 - 00000000 ____D C:\Nainstalovano
2016-10-21 15:46 - 2014-04-19 16:46 - 00000000 ____D C:\ProgramData\Skype
2016-10-17 16:13 - 2015-02-01 22:58 - 00000000 ___RD C:\Program Files\Skype

==================== Files in the root of some directories =======

2014-08-08 23:17 - 2011-07-19 02:37 - 0003262 _____ () C:\Program Files\Falco.ico
2014-08-08 23:17 - 2011-07-19 03:05 - 0000046 _____ () C:\Program Files\Falco.url
2014-07-10 07:16 - 2014-07-10 07:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2014-04-17 22:50 - 2014-04-19 21:57 - 0007887 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.cat
2014-04-17 22:50 - 2014-04-19 21:57 - 0001144 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.inf
2014-04-17 22:52 - 2014-04-19 21:57 - 0000034 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.log
2014-04-17 22:50 - 2014-04-19 21:57 - 0047360 _____ (VSO Software) C:\Users\Paja\AppData\Roaming\pcouffin.sys
2016-02-18 21:18 - 2016-02-18 23:13 - 0000668 _____ () C:\Users\Paja\AppData\Roaming\vso_ts_preview.xml
2014-05-02 22:58 - 2014-05-02 22:58 - 0000001 _____ () C:\Users\Paja\AppData\Local\llftool.4.40.agreement
2016-07-01 18:50 - 2016-07-01 18:51 - 0000600 _____ () C:\Users\Paja\AppData\Local\PUTTY.RND
2016-07-05 23:36 - 2016-07-05 23:36 - 0001421 _____ () C:\Users\Paja\AppData\Local\recently-used.xbel
2016-01-02 22:28 - 2016-01-02 22:28 - 0000000 _____ () C:\Users\Paja\AppData\Local\{260E69FE-667F-4EA6-AAA1-CDB82EE17888}
2016-01-02 22:28 - 2016-01-02 22:28 - 0000000 _____ () C:\Users\Paja\AppData\Local\{420565C7-551E-4DB4-A42D-D66A5D182EA7}
2014-04-11 16:49 - 2014-04-11 16:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Paja\AppData\Local\temp\iv_uninstall.exe
C:\Users\Paja\AppData\Local\temp\jna1887828504310327085.dll
C:\Users\Paja\AppData\Local\temp\vlc-2.2.4-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-05 17:39

==================== End of FRST.txt ============================

dj-paja · #6 Příspěvek od **dj-paja** » 14 lis 2016 22:42

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by Paja (14-11-2016 22:36:24)
Running from D:\Stažené soubory
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-04-11 13:46:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-203695958-539750940-1501531493-500 - Administrator - Disabled)
Guest (S-1-5-21-203695958-539750940-1501531493-501 - Limited - Enabled)
Paja (S-1-5-21-203695958-539750940-1501531493-1000 - Administrator - Enabled) => C:\Users\Paja

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

_fm 0.0.4.5 (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\{6DBFF1BC-C61E-49DD-832C-401BCCC39907}}_is1) (Version: 0.0.4.5 - František Szijartó)
µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
4K YouTube to MP3 2.10 (HKLM\...\4K YouTube to MP3_is1) (Version: 2.10.8.1505 - Open Media LLC)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
Advent 1.6.0.2 (HKLM\...\Advent 1.6.0.2) (Version: - )
AIMP (HKLM\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
Any Video Recorder version 1.0.2 (HKLM\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.2 - anvsoft, Inc.)
Apowersoft Online Launcher verze 1.4.4 (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.4 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AquaSoft DiaShow 10 Ultimate (32 Bit) (HKLM\...\AquaSoft DiaShow 10 Ultimate (32 Bit)) (Version: 10.1.01.00697 - AquaSoft)
ArtRage 4 (HKLM\...\ArtRage 4 4.0.2.1) (Version: 4.0.2.1 - Ambient Design)
ArtRage 4 (Version: 4.0.2.1 - Ambient Design) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.69.1079 - AB Team, d.o.o.)
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.8.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 6.8.0 - Crystal Dew World)
CSEP 14 1.0 (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\CSEP 14 1.0) (Version: - )
Data Lifeguard Diagnostic for Windows (HKLM\...\{E40CE517-0D42-4198-96B4-C8232B257EB5}) (Version: 1.13 - Western Digital Corporation)
DVDFab 9.2.0.2 (10/06/2015) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Dynamic-Photo HDR 5 (HKLM\...\Dynamic-Photo HDR 5_is1) (Version: - Mediachance)
Facebook Video Downloader 3 (HKLM\...\Facebook Video Downloader_is1) (Version: - Tomabo)
FileZilla Client 3.19.0 (HKLM\...\FileZilla Client) (Version: 3.19.0 - Tim Kosse)
FlashFXP 5 (HKLM\...\FlashFXP 5) (Version: 5.2.0.3897 - OpenSight Software LLC)
FotoMorph version 13.8.3 (HKLM\...\{87A9A094-22A8-4F8A-9B7D-03D7CA48CE15}_is1) (Version: 13.8.3 - Digital Photo Software)
Free YouTube Download version 3.2.52.113 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.52.113 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Freemake Video Converter verze 4.1.9 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
GetSmile v1.952 (HKLM\...\GetSmile0903_is1) (Version: 1.952 - Sofrayt LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstantMask Pro 2.3 (HKLM\...\{A180E293-61BB-44E6-9470-4CE81FDBDECE}_is1) (Version: - clipping-path-studio.com)
iPhotoDraw 2.0 (HKLM\...\{AD0EFB82-D42E-4CBB-9662-98B4916FFBDA}) (Version: 2.0.0.0 - Simen Wu)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
iSkysoft Helper Compact 2.5.0 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.0 - iSkysoft)
iSkysoft iMedia Converter Deluxe(Build 5.8.0.1) (HKLM\...\iSkysoft iMedia Converter Deluxe_is1) (Version: 5.8.0.1 - iSkysoft Software)
iTunes (HKLM\...\{8862F11A-A9A0-4899-9F50-B5A79F12F3C2}) (Version: 12.3.1.23 - Apple Inc.)
JPEGCrops 0.7.5 beta (HKLM\...\{DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1) (Version: - )
Life Is Strange (HKLM\...\Life Is Strange_is1) (Version: - )
M4VGear 5.1.5 (HKLM\...\M4VGear_is1) (Version: - M4VGear.com Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Merge Version 2.1 (HKLM\...\merge_is1) (Version: - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mortal Kombat Komplete Edition (HKLM\...\{9F012408-04EC-4989-932F-4C096117D2DD}_is1) (Version: - Warner Bros)
Mozilla Firefox 49.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 49.0.2 (x86 cs)) (Version: 49.0.2 - Mozilla)
Neat Image v7.6.0 Pro plug-in for Photoshop (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Neat Image v7.6.0 Pro Standalone (HKLM\...\Neat Image Standalone_is1) (Version: - Neat Image team, ABSoft)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - )
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.4229.1002 - Microsoft Corporation) Hidden
Opera Stable 41.0.2353.56 (HKLM\...\Opera 41.0.2353.56) (Version: 41.0.2353.56 - Opera Software)
PDF Decrypter Pro 3.60 (HKLM\...\PDF Decrypter Pro_is1) (Version: - pdfdecrypter.com)
Photo! Editor 1.1 (HKLM\...\PhotoToolkit_is1) (Version: - )
Photodex Presenter (HKLM\...\Photodex Presenter) (Version: - Photodex Corporation)
PhotoFiltre 7 (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\PhotoFiltre 7) (Version: - )
PilsFree IPTV verze 1.0 (HKLM\...\{FD0E773E-A8D6-4CFC-AA66-1FD81E2B0000}_is1) (Version: 1.0 - PilsFree, z. s.)
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
ProShow Producer (HKLM\...\ProShow Producer) (Version: - Photodex Corporation)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PUSH Entertainment - Video Wallpaper (HKLM\...\Video Wallpaper_is1) (Version: 2.23 - PUSH Entertainment)
RadioSure (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\RadioSure) (Version: - )
reaConverter 7 Standard (HKLM\...\{659727C6-7267-4076-803B-351A467F6CAF}_is1) (Version: 7.1.43.0 - reaConverter LLC)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Resident Evil 0 HD Remaster (HKLM\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0091}) (Version: 6.0 - Black Box)
Robo-FTP 3.10 (HKLM\...\{470D6527-E783-4A34-89A5-44492FEE901D}) (Version: 3.10.5.0 - Serengeti Systems Inc.)
Robo-FTP 3.10 (Version: 3.10.5.0 - Serengeti Systems Inc.) Hidden
SafeZone Stable 1.51.2220.53 (Version: 1.51.2220.53 - Avast Software) Hidden
Sketch Drawer 3.0 (HKLM\...\Sketch Drawer_is1) (Version: 3.0 - SoftOrbits)
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.6 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.6 - SoftPerfect)
Spyware Terminator 2015 (HKLM\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.107 - Crawler Group)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Trillian (HKLM\...\Trillian) (Version: - Cerulean Studios, LLC)
UberSoldier 2 (CZ) 1.00 (HKLM\...\UberSoldier 2 (CZ) 1.00) (Version: 1.00 - Monster-CZ)
UEFA Euro 2016 France (HKLM\...\UEFA Euro 2016 France_is1) (Version: - )
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.4.2 - CrystalIDEA Software, Inc.)
Video Download Capture verze 5.1.7 (HKLM\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 5.1.7 - APOWERSOFT LIMITED)
Video Rotator V1.0 (HKLM\...\Video Rotator_is1) (Version: - VideoRotator.com)
VirtualDJ Home FREE (HKLM\...\{19192A84-6172-4312-A661-D8F9A34585AB}) (Version: 7.0.4.1 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wave Editor 3.3.3.0 (HKLM\...\Wave Editor_is1) (Version: 3.3.3.0 - AbyssMedia.com)
WiliSoft Video Splitter 2.1 (HKLM\...\WiliSoft Video Splitter_is1) (Version: - WiliSoft,Inc.)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinX HD Video Converter Deluxe 5.5.3 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Xilisoft Video Converter Ultimate (HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Xilisoft Video Converter Ultimate) (Version: 7.8.5.20141031 - Xilisoft)
Zamzom Wireless (HKLM\...\{CED3B64B-9381-4AB8-A213-6C084C952E43}) (Version: 1.0.0 - Zamzom)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0264E0B8-8E5F-49AC-8227-63FC5521A004} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {0B6209B1-0FF8-48DF-AB17-83D82F43805E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0414a515638e1 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {0BD40F9A-711B-443F-A7FF-0A4D23AD89CD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {125A41ED-C849-4696-8A5D-E4647A0CAEDE} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f2e2e042fdf => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {1444F6B0-6A6D-4A62-AB01-C41022B9076F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-203695958-539750940-1501531493-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {14605887-1D73-4D16-B0B3-4C85CE06D53A} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e329c6aa71d5 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {20082405-070B-4AED-94F8-F477F12B7EF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {29042D63-8759-451A-ABCC-AE39A3574B93} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfeed906801e => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {380BFED9-47B8-4FEA-8DD6-AB84E0A350D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {3A863412-1EB9-4640-AB4D-95260B88C48B} - System32\Tasks\Opera scheduled Autoupdate 1397227235 => C:\Nainstalovano\Opera\launcher.exe [2016-11-07] (Opera Software)
Task: {426026BA-E286-4FA3-8F9E-6C32093F3B04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {468FDEA5-3146-40A4-BCED-6A4715EA5AB7} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e908529931c8 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {48F7F35C-121C-4AD4-AAA3-8117FE34E2FE} - System32\Tasks\avast! Emergency Update => C:\Nainstalovano\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)
Task: {4F80126F-E5BB-42B7-A539-3C8F7F6A9C33} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Task: {57EBABBC-E842-4BA1-A3A5-ED61FFB805A9} - System32\Tasks\Adobe Flash Player Updater
Task: {6114CB1B-6250-481A-9B66-66EF5AB541DD} - System32\Tasks\{6759A6A2-87DB-4B16-B70E-414F417269CA} => I:\Downloads\Pirate-1005.exe
Task: {638ADED8-02EE-4A28-B69C-DE75D6A718B1} - System32\Tasks\RunUninstallTool_SkipUac => C:\Nainstalovano\Uninstall Tool\UninstallTool.exe [2015-05-10] (CrystalIDEA Software)
Task: {7A7424A0-6D1A-41F8-977B-5231EE388F8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {7E6CF980-AFEA-4E80-92F4-56A97EF79A1F} - System32\Tasks\GoogleUpdateTaskMachineCore1d15d2091c2694a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {7F678502-A58D-4804-834B-422A6EAEE73A} - System32\Tasks\GoogleUpdateTaskMachineCore1d12fa330b3a975 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {83158296-37A8-403B-A88C-DD39A50C9D18} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {9BDB9D08-670A-4949-AF1F-DE49975CBB98} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-203695958-539750940-1501531493-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9FEC9B6F-3C94-4E4E-A4F9-7B67B411CAF3} - System32\Tasks\GoogleUpdateTaskMachineCore1cfff933c927ae1 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {A057061E-CC52-49E0-A405-9DF5A628951D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Task: {AE6EA039-3D9D-41B5-A0C4-D98F35BCDCA7} - System32\Tasks\GoogleUpdateTaskMachineCore1d1aafc9c2c4a1d => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {D8725993-C3A1-4FC6-BEF1-42B8089FF7A2} - System32\Tasks\SafeZone scheduled Autoupdate 1458679429 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {F6183BB2-1C16-4611-8529-109175800DF5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe
Task: {FCAE1829-AF1B-4659-B9AF-4050218A5853} - System32\Tasks\GoogleUpdateTaskMachineCore1d0efb443302158 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {FD090188-7BEE-4736-B126-CC23509F1570} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f322e751134a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)
Task: {FFEAE6C6-30CB-46BC-A358-FDAAFD800007} - System32\Tasks\GoogleUpdateTaskMachineCore1cfeaea3a378319 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfeaea3a378319.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff933c927ae1.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0414a515638e1.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f2e2e042fdf.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfeed906801e.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e329c6aa71d5.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0efb443302158.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f322e751134a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12fa330b3a975.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15d2091c2694a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aafc9c2c4a1d.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1e908529931c8.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

==================== Loaded Modules (Whitelisted) ==============

2014-04-11 16:24 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2016-09-08 22:23 - 2016-09-08 22:23 - 00169064 _____ () C:\Nainstalovano\Avast\JsonRpcServer.dll
2016-11-14 20:06 - 2016-11-14 20:06 - 03130832 _____ () C:\Nainstalovano\Avast\defs\16111401\algo.dll
2016-09-08 22:23 - 2016-09-08 22:23 - 00482928 _____ () C:\Nainstalovano\Avast\ffl2.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 00073512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-22 21:56 - 2015-06-19 09:18 - 02129408 _____ () C:\Nainstalovano\reaConverter 7 Standard\rc_service.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-11-11 00:42 - 2014-11-11 00:42 - 00186760 _____ () C:\Nainstalovano\ProShow\ScsiAccess.exe
2015-08-24 14:58 - 2016-06-27 16:25 - 00048816 _____ () C:\Nainstalovano\FileZilla FTP Client\fzshellext.dll
2015-02-09 19:25 - 2008-09-02 12:29 - 00098304 _____ () C:\Nainstalovano\Photo! Editor\IvBar\ivbshlext.dll
2014-05-09 22:53 - 2011-10-08 15:28 - 00411056 _____ () C:\Nainstalovano\Perfect Uninstaller\Contextmenu.dll
2016-06-06 14:36 - 2016-06-06 14:36 - 00085336 _____ () C:\Nainstalovano\robo ftp\RoboUpload.dll
2016-06-06 14:36 - 2016-06-06 14:36 - 01153368 _____ () C:\Nainstalovano\robo ftp\RoboFTPDLL.dll
2016-02-17 10:31 - 2016-02-17 10:31 - 00489472 _____ () C:\Nainstalovano\robo ftp\aws-cpp-sdk-core.dll
2016-02-17 10:37 - 2016-02-17 10:37 - 02027520 _____ () C:\Nainstalovano\robo ftp\aws-cpp-sdk-s3.dll
2015-09-01 10:29 - 2015-09-01 10:29 - 00017408 _____ () C:\Nainstalovano\robo ftp\boost_system-vc120-mt-1_59.dll
2015-09-01 10:29 - 2015-09-01 10:29 - 00040960 _____ () C:\Nainstalovano\robo ftp\boost_date_time-vc120-mt-1_59.dll
2015-09-01 10:30 - 2015-09-01 10:30 - 00103936 _____ () C:\Nainstalovano\robo ftp\boost_filesystem-vc120-mt-1_59.dll
2015-09-01 10:35 - 2015-09-01 10:35 - 00519680 _____ () C:\Nainstalovano\robo ftp\boost_log-vc120-mt-1_59.dll
2015-09-01 10:29 - 2015-09-01 10:29 - 00026112 _____ () C:\Nainstalovano\robo ftp\boost_chrono-vc120-mt-1_59.dll
2015-09-01 10:29 - 2015-09-01 10:29 - 00082944 _____ () C:\Nainstalovano\robo ftp\boost_thread-vc120-mt-1_59.dll
2015-09-01 10:31 - 2015-09-01 10:31 - 00628736 _____ () C:\Nainstalovano\robo ftp\boost_regex-vc120-mt-1_59.dll
2015-09-01 10:32 - 2015-09-01 10:32 - 00380416 _____ () C:\Nainstalovano\robo ftp\boost_locale-vc120-mt-1_59.dll
2015-09-01 10:31 - 2015-09-01 10:31 - 00060416 _____ () C:\Nainstalovano\robo ftp\boost_iostreams-vc120-mt-1_59.dll
2015-09-01 10:31 - 2015-09-01 10:31 - 00067072 _____ () C:\Nainstalovano\robo ftp\boost_zlib-vc120-mt-1_59.dll
2005-06-21 03:34 - 2005-06-21 03:34 - 00557056 _____ () C:\Nainstalovano\Right Click Image Converter\extRCIC.dll
2015-06-22 21:56 - 2015-06-19 09:18 - 01086976 _____ () C:\Nainstalovano\reaConverter 7 Standard\newcontext.dll
2015-10-29 21:41 - 2015-02-27 14:38 - 00214528 _____ () C:\Windows\System32\ISCM32.dll
2014-05-16 00:52 - 2013-10-23 06:46 - 00862472 _____ () C:\Nainstalovano\Power DVD 13\PowerDVD13\common\UNO\UNO.dll
2014-05-16 00:52 - 2013-05-02 01:06 - 00081920 _____ () C:\Nainstalovano\Power DVD 13\PowerDVD13\Common\koan\_ctypes.pyd
2014-05-16 00:52 - 2013-05-02 01:06 - 00053248 _____ () C:\Nainstalovano\Power DVD 13\PowerDVD13\Common\Koan\_socket.pyd
2014-05-16 00:52 - 2013-05-02 01:06 - 00655360 _____ () C:\Nainstalovano\Power DVD 13\PowerDVD13\Common\Koan\_ssl.pyd
2014-05-16 00:52 - 2013-10-23 06:46 - 00043272 _____ () C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2015-07-31 20:51 - 2015-12-23 16:31 - 00073216 _____ () C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-10-29 21:42 - 2016-06-20 13:51 - 01506304 _____ () C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2015-10-29 21:42 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2016-06-29 17:59 - 2016-06-29 17:59 - 48936448 _____ () C:\Nainstalovano\Avast\libcef.dll
2015-01-23 18:31 - 2014-09-09 12:30 - 00603648 _____ () C:\Nainstalovano\Photo Studio 17\Program32\SpiderMonkey.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:264A9BB7 [118]
AlternateDataStreams: C:\ProgramData\Temp:FB1B13D8 [358]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2016-01-09 01:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-203695958-539750940-1501531493-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: wuauserv => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E855DC06-7687-46B6-ACD8-5663CC410ED6}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{678EA129-9FCB-4184-9A4F-0E0EDB40AF33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4CEACF5E-45A8-4243-97D9-7E9F1CCB6E77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3E2D6AE9-2AAF-4C46-BAB6-1BBA6D83BC3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D6218026-0A3D-4379-BC5D-2D630637708D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CF08F9A-23AD-4785-AACC-BB2DB7DA50CF}] => (Allow) C:\Nainstalovano\uTorrent\uTorrent.exe
FirewallRules: [{B35B4A50-69D2-4131-9593-0BE9A324BF3D}] => (Allow) C:\Nainstalovano\uTorrent\uTorrent.exe
FirewallRules: [{B18231AF-D45C-4500-9D85-1975EA24EFB2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F5F6A779-716A-4EF9-B01C-1410D3E7DE8A}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\outlook.exe
FirewallRules: [{2BA4E93F-9DE0-4CF8-B5DE-BE96A01C9EA2}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GROOVE.EXE
FirewallRules: [{ADF77F0E-9282-4EA5-BFF7-C89C836E2654}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GROOVE.EXE
FirewallRules: [{CDCC11FD-5C0D-493F-9149-07E63069C5C9}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\ONENOTE.EXE
FirewallRules: [{36006F2F-4E7C-407A-B389-FDB6FDDD2135}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\ONENOTE.EXE
FirewallRules: [TCP Query User{311AF5A6-BE4B-4E34-89B1-674997B013E1}D:\hry\comamortuary\binaries\win32\udk.exe] => (Allow) D:\hry\comamortuary\binaries\win32\udk.exe
FirewallRules: [UDP Query User{241FD680-F79A-4276-861F-30E80D50E08F}D:\hry\comamortuary\binaries\win32\udk.exe] => (Allow) D:\hry\comamortuary\binaries\win32\udk.exe
FirewallRules: [{506A7663-9646-45C2-ABA6-EB5AE74A06B5}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13.exe
FirewallRules: [{8D7EF84C-50BB-48FC-85AA-CE6C2A4FE7E4}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
FirewallRules: [{B8B5259A-F32C-407D-8A07-5B05E2E9FFDD}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13Agent.exe
FirewallRules: [{318757C7-D5CD-4DA2-ADE9-3A25120CDDB5}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13ML.exe
FirewallRules: [{26B2466D-1262-4606-BBDF-4D501A5982CD}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\Movie\PowerDVD.exe
FirewallRules: [{D34C63DD-D6D0-4FA4-808E-BC7489854111}] => (Allow) C:\Nainstalovano\Power DVD 13\PowerDVD13\Movie\PowerDVD Cinema\PowerDVDCinema13.exe
FirewallRules: [TCP Query User{738821F9-47F3-473E-8AA9-14DB982F1172}F:\hry\dead island\deadislandgame.exe] => (Allow) F:\hry\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{91860325-C950-44D5-A1B7-6F13ECEB2B60}F:\hry\dead island\deadislandgame.exe] => (Allow) F:\hry\dead island\deadislandgame.exe
FirewallRules: [TCP Query User{0EFE5356-6222-4906-AA75-89390A51619B}F:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) F:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{E77AB552-E91C-447E-9EE5-23A7FE027202}F:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) F:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [TCP Query User{EBFC04A4-D04E-41AB-807A-6ED6C9EA3A14}F:\hry\resident evil 6\bh6.exe] => (Block) F:\hry\resident evil 6\bh6.exe
FirewallRules: [UDP Query User{9612F229-83F3-4BE9-AE08-CCC7235DF3D9}F:\hry\resident evil 6\bh6.exe] => (Block) F:\hry\resident evil 6\bh6.exe
FirewallRules: [TCP Query User{D74E380A-6E8E-483A-929C-91758E1C6128}F:\hry\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) F:\hry\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{D37E1F17-9CA4-482B-BD1B-F1D518C7F8D4}F:\hry\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Block) F:\hry\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{CA1F2C7F-EB39-4302-B2CE-A8FCA309B815}D:\hry\fifa 2014\fifa 14\game\fifa14.exe] => (Allow) D:\hry\fifa 2014\fifa 14\game\fifa14.exe
FirewallRules: [UDP Query User{1B14D089-8A0E-4052-ABE9-A85BE7BDE73A}D:\hry\fifa 2014\fifa 14\game\fifa14.exe] => (Allow) D:\hry\fifa 2014\fifa 14\game\fifa14.exe
FirewallRules: [TCP Query User{BE115552-1BF6-4E8F-8F36-D18FF59D9484}F:\games\enemy front proper\bin32\enemyfront.exe] => (Block) F:\games\enemy front proper\bin32\enemyfront.exe
FirewallRules: [UDP Query User{C437B777-4BFE-4E0A-A6EB-4003EA21F2A8}F:\games\enemy front proper\bin32\enemyfront.exe] => (Block) F:\games\enemy front proper\bin32\enemyfront.exe
FirewallRules: [TCP Query User{6D2A9E09-F345-4A36-B0E9-F495C5EFD36B}C:\games\batman - arkham asylum [goty]\binaries\shippingpc-bmgame.exe] => (Block) C:\games\batman - arkham asylum [goty]\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{4FFE92CF-1279-48BE-BE3B-093BB04AFB9E}C:\games\batman - arkham asylum [goty]\binaries\shippingpc-bmgame.exe] => (Block) C:\games\batman - arkham asylum [goty]\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{8E36BF02-F6C3-43D4-8D82-2AAF7254E248}C:\games\fifa 14 (2013)\game\fifa14.exe] => (Block) C:\games\fifa 14 (2013)\game\fifa14.exe
FirewallRules: [UDP Query User{DEBACE0A-5D41-4742-AE72-38C90DDB2A88}C:\games\fifa 14 (2013)\game\fifa14.exe] => (Block) C:\games\fifa 14 (2013)\game\fifa14.exe
FirewallRules: [TCP Query User{CB19C983-064A-464B-A80C-DDF8C1BCD589}D:\hry\real boxing\binaries\win32\realboxing.exe] => (Block) D:\hry\real boxing\binaries\win32\realboxing.exe
FirewallRules: [UDP Query User{E1C9D28B-2CA7-4D59-97E2-7A40D225222B}D:\hry\real boxing\binaries\win32\realboxing.exe] => (Block) D:\hry\real boxing\binaries\win32\realboxing.exe
FirewallRules: [TCP Query User{38C61323-2EE4-46B7-B1E7-A22F3C4FCEFE}D:\hry\real boxing\binaries\gfx\gfxmediaplayeropengl.exe] => (Block) D:\hry\real boxing\binaries\gfx\gfxmediaplayeropengl.exe
FirewallRules: [UDP Query User{C141B86B-EBFA-4390-9F43-01E2A8F2F9A4}D:\hry\real boxing\binaries\gfx\gfxmediaplayeropengl.exe] => (Block) D:\hry\real boxing\binaries\gfx\gfxmediaplayeropengl.exe
FirewallRules: [TCP Query User{B8C2CB56-F37E-432F-B1C6-1C46FD560338}D:\hry\real boxing\binaries\win32\realboxinggame.exe] => (Block) D:\hry\real boxing\binaries\win32\realboxinggame.exe
FirewallRules: [UDP Query User{3AF33CFC-F37E-4803-99B5-05E613D94A3C}D:\hry\real boxing\binaries\win32\realboxinggame.exe] => (Block) D:\hry\real boxing\binaries\win32\realboxinggame.exe
FirewallRules: [{35123716-9FF5-458C-9481-16895A8E5DB5}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe
FirewallRules: [{F32E71FA-1C74-4262-AD7B-0BCDF83915C1}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe
FirewallRules: [{D40B1108-6D0B-449F-BE46-8EA117FC523D}] => (Allow) C:\Nainstalovano\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{1CA080FD-B402-4693-812F-8A9BD496B9CA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{9E212901-E354-4AE2-A10A-F6916B27BF9C}C:\nainstalovano\vlc\vlc.exe] => (Allow) C:\nainstalovano\vlc\vlc.exe
FirewallRules: [UDP Query User{BDE95086-5CED-46C0-8A50-0EDE47791C8E}C:\nainstalovano\vlc\vlc.exe] => (Allow) C:\nainstalovano\vlc\vlc.exe
FirewallRules: [TCP Query User{069B9BAC-7484-4323-A0AA-36BC98077479}C:\nainstalovano\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\nainstalovano\ps3 media server\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1F3CC5C1-E477-442C-9829-2777CD246CB8}C:\nainstalovano\ps3 media server\jre\bin\javaw.exe] => (Allow) C:\nainstalovano\ps3 media server\jre\bin\javaw.exe
FirewallRules: [TCP Query User{69EC4CDD-10F6-4C68-B987-BB6E441E25D5}C:\nainstalovano\totalcmd\totalcmd.exe] => (Allow) C:\nainstalovano\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{3C196146-D1DA-448B-8A78-5173E8025E3F}C:\nainstalovano\totalcmd\totalcmd.exe] => (Allow) C:\nainstalovano\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{E9949285-8801-497F-8EDB-E20781E76A22}I:\games\pro evolution soccer 2015\pes2015.exe] => (Allow) I:\games\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{7AA3C894-AAAC-45A6-9C99-5D92207E04A5}I:\games\pro evolution soccer 2015\pes2015.exe] => (Allow) I:\games\pro evolution soccer 2015\pes2015.exe
FirewallRules: [TCP Query User{B70FE225-727C-4381-B901-DF6C752EEF29}I:\games\son of nor\son.exe] => (Allow) I:\games\son of nor\son.exe
FirewallRules: [UDP Query User{2D43CF5C-7A8E-4DB3-AE8B-19850EA1B6F6}I:\games\son of nor\son.exe] => (Allow) I:\games\son of nor\son.exe
FirewallRules: [TCP Query User{6B33D2C1-7F0B-4767-B851-908E9EA55DA0}C:\nainstalovano\filezilla ftp client\filezilla.exe] => (Allow) C:\nainstalovano\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{64C1A521-0942-435A-BA08-ABAF2B2C536F}C:\nainstalovano\filezilla ftp client\filezilla.exe] => (Allow) C:\nainstalovano\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{59BF052A-8A8A-402F-8005-50C99DF753BE}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [UDP Query User{361719EC-240D-481A-8BB0-A45735A0E00B}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe] => (Allow) D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe
FirewallRules: [{D6FA0C13-5CB1-4953-A891-2647936CB998}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe
FirewallRules: [{578D0F63-3AF7-4897-94F7-46A8933EF93D}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe
FirewallRules: [{3F1596EC-8D8B-45B8-B7D0-A661585CD205}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0390F6E7-CBB5-46E3-AFDB-8611C62EFF4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EA3DF2FD-6A2D-4902-8A93-EA7468D34538}] => (Allow) C:\Nainstalovano\Itunes\iTunes.exe
FirewallRules: [{D54F1D65-DABC-43F4-82FC-8513ABFA7169}] => (Allow) C:\Program Files\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{9C77410F-4E75-458B-B369-B710A204E8AB}] => (Allow) C:\Program Files\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{728E93F6-3DB8-4A7E-ADC5-B1FD0882525F}] => (Allow) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{F53F47A2-8241-4613-BBC4-5F4362575D2A}] => (Allow) C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{E1B657D0-8459-4DCB-AA5F-A7ADED2D2AE2}] => (Allow) C:\Nainstalovano\Video Download Capture\Video Download Capture.exe
FirewallRules: [{87256B0C-4F7D-4D8E-93D3-1A5721B90307}] => (Allow) C:\Nainstalovano\Video Download Capture\Video Download Capture.exe
FirewallRules: [{C275FEB4-D930-4302-A396-70D2AA229A01}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{8FB66D5A-E292-44FA-8851-58DB54711213}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{6A2A0450-4110-436E-B9D2-3421C68DAD26}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{5A686B6F-7B31-4AD7-B3EB-4B8C79E82F8A}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{3AC1205C-2F01-4AC4-84BA-813E422BC3D2}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{D1B50CF9-5737-4475-BC21-EB15BC801912}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{1FA20D28-B7AB-4BCF-B5CD-38CBAE07C642}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{AE5324D4-9E38-46E8-A9E3-0EF9D3764744}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{6E181540-DEF6-4904-ABC0-C60C7BCA3B5D}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{D002448B-77F7-45C2-9350-692C64084DDD}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{041E05C7-363F-4DDA-AE89-C0314DD77C39}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{0084348E-86E7-40F6-B058-49DD7D553E1A}] => (Allow) C:\Nainstalovano\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{B44BE1F4-94AE-491A-AB1B-D1E6B8BF8F3C}] => (Allow) C:\Users\Paja\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{E2BECB5F-4E14-4C97-A431-5E2D6BC3454E}] => (Allow) C:\Users\Paja\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe
FirewallRules: [{77694652-9C6E-4ADC-81CC-9085A045DB62}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Nainstalovano\Facebook Video Downloader\FacebookVideoDownloader.exe] => Enabled:Facebook Video Downloader

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #3
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2016 08:07:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SlimDrivers.exe, verze: 2.2.32705.52095, časové razítko: 0x5241d095
Název chybujícího modulu: SlimDrivers.exe, verze: 2.2.32705.52095, časové razítko: 0x5241d095
Kód výjimky: 0xc0000005
Posun chyby: 0x0001d628
ID chybujícího procesu: 0xcc8
Čas spuštění chybující aplikace: 0x01d23eaa132bbbf8
Cesta k chybující aplikaci: C:\Program Files\SlimDrivers\SlimDrivers.exe
Cesta k chybujícímu modulu: C:\Program Files\SlimDrivers\SlimDrivers.exe
ID zprávy: 9cbb720c-aa9d-11e6-a909-00238b4d4eb9

Error: (11/14/2016 08:06:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2016 08:05:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: shrtsrv.exe, verze: 1.0.1.100, časové razítko: 0x56708cb2
Název chybujícího modulu: shrtsrv.exe, verze: 1.0.1.100, časové razítko: 0x56708cb2
Kód výjimky: 0xc0000409
Posun chyby: 0x00005412
ID chybujícího procesu: 0x8d0
Čas spuštění chybující aplikace: 0x01d23eaa10b50d7f
Cesta k chybující aplikaci: C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe
Cesta k chybujícímu modulu: C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe
ID zprávy: 5bb443fa-aa9d-11e6-a909-00238b4d4eb9

Error: (11/14/2016 08:05:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/14/2016 08:05:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/14/2016 08:05:26 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/14/2016 12:12:00 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: Event-ID 1

Error: (11/13/2016 09:42:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2016 09:41:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: shrtsrv.exe, verze: 1.0.1.100, časové razítko: 0x56708cb2
Název chybujícího modulu: shrtsrv.exe, verze: 1.0.1.100, časové razítko: 0x56708cb2
Kód výjimky: 0xc0000409
Posun chyby: 0x00005412
ID chybujícího procesu: 0x8e4
Čas spuštění chybující aplikace: 0x01d23dee32c226d3
Cesta k chybující aplikaci: C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe
Cesta k chybujícímu modulu: C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe
ID zprávy: 7f47d9b2-a9e1-11e6-869d-00238b4d4eb9

Error: (11/13/2016 09:40:38 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

System errors:
=============
Error: (11/14/2016 08:07:27 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: Přidělování DHCP bylo automaticky vypnuto u IP adresy 192.168.1.101, protože tato adresa nepatří do oboru 192.168.137.0/255.255.255.0, ze kterého jsou přidělovány adresy klientům DHCP. Chcete-li přidělování DHCP u této IP adresy zapnout, změňte obor tak, aby tuto IP adresu zahrnoval, nebo změňte IP adresu tak, aby patřila do oboru.

Error: (11/14/2016 08:07:27 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

Error: (11/14/2016 08:07:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Secure Hunter Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/14/2016 08:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/14/2016 08:05:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/14/2016 08:05:25 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu AirSpaceChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.

Error: (11/14/2016 08:05:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Virtualizace souborů nástroje Řízení uživatelských účtů neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2016 11:40:41 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.

Error: (11/13/2016 09:43:28 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: Přidělování DHCP bylo automaticky vypnuto u IP adresy 192.168.1.104, protože tato adresa nepatří do oboru 192.168.137.0/255.255.255.0, ze kterého jsou přidělovány adresy klientům DHCP. Chcete-li přidělování DHCP u této IP adresy zapnout, změňte obor tak, aby tuto IP adresu zahrnoval, nebo změňte IP adresu tak, aby patřila do oboru.

Error: (11/13/2016 09:43:28 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: Službě ICS_IPV6 se nepodařilo nakonfigurovat zásobník IPv6.

CodeIntegrity:
===================================
Date: 2016-11-05 19:06:55.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:06:37.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:06:26.431
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:06:23.637
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:06:06.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:05:49.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:05:38.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:05:28.350
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:05:22.698
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:05:16.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\nvapo32v.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 62%
Total physical RAM: 3066.87 MB
Available physical RAM: 1138.36 MB
Total Virtual: 3264.49 MB
Available Virtual: 834.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:1.03 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:2.95 GB) NTFS
Drive g: (Elements) (Fixed) (Total:1863.01 GB) (Free:1.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 95BC2171)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0002F734)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#7 Příspěvek od **Rudy** » 15 lis 2016 10:15

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

dj-paja · #8 Příspěvek od **dj-paja** » 17 lis 2016 21:34

# AdwCleaner v6.030 - Log soubor vytvořen 17/11/2016 na 21:26:09
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-16.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : Paja - PAJA-NOTEBOOK
# Beží od : D:\Stažené soubory\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

[-] Služby smazány:sp_rsdrv2
[-] Služby smazány:swdumon
[-] Služby smazány:esgiguard

***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Paja\AppData\Local\slimware utilities inc
[#] Adresář nelze smazat:C:\Users\Paja\AppData\Local\SlimWare Utilities Inc
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[-] Adresář smazán:C:\Users\Public\Documents\Downloaded Installers
[-] Adresář smazán:C:\Program Files\SlimDrivers
[-] Adresář smazán:C:\Program Files\Enigma Software Group
[-] Adresář smazán:C:\Program Files\Common Files\freemake shared

***** [ Soubory ] *****

[-] Soubor smazán:C:\spyhunter.fix
[-] Soubor smazán:C:\Users\Public\Desktop\SlimDrivers.lnk
[-] Soubor smazán:C:\Windows\system32\sh4native.exe
[-] Soubor smazán:C:\Windows\system32\drivers\sp_rsdrv2.sys
[-] Soubor smazán:C:\Windows\system32\drivers\swdumon.sys

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKCU\Software\5cfefa2a3be509ecfa698392558adbf4
[-] Klíč smazán:HKCU\Software\bf3b803928407c8d55a4c3416884c613
[-] Klíč smazán:HKCU\Software\d2596fea1a9f77b0e9009eca6a67c4a3
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ProductUpdater]
[-] Klíč smazán:HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Classes\Tomabo.MP4Player.play
[#] Klíč smazán po restartování:HKCU\Software\Classes\Tomabo.MP4Player.play
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Tomabo.MP4Player.flv
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Tomabo.MP4Player.mp4
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Tomabo.MP4Player.ShellContextMenu
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Tomabo.MP4Player.ShellContextMenu.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Klíč smazán:HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartování:HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán:HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč smazán:HKLM\SOFTWARE\EnigmaSoftwareGroup
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4036 Bajtů] - [17/11/2016 21:26:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [4281 Bajtů] - [17/11/2016 21:22:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4184 Bajtů] ##########

#9 Příspěvek od **Rudy** » 17 lis 2016 22:21

Dejte nový log FRST.

dj-paja · #10 Příspěvek od **dj-paja** » 17 lis 2016 22:55

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2016
Ran by Paja (administrator) on PAJA-NOTEBOOK (17-11-2016 22:48:41)
Running from D:\Stažené soubory
Loaded Profiles: Paja (Available Profiles: Paja)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Nainstalovano\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Ellora Assets Corp.) C:\Nainstalovano\Freemake\CaptureLib\CaptureLibService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Nainstalovano\reaConverter 7 Standard\rc_service.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Nainstalovano\ProShow\scsiaccess.exe
(Crawler Group, LLC) C:\Program Files\Spyware Terminator\st_rsser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink Corp.) C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13Agent.exe
(NEC Electronics Corporation) C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(PowerISO Computing, Inc.) C:\Nainstalovano\PowerISO\PWRISOVM.EXE
(iSkySoft) C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Apple Inc.) C:\Nainstalovano\Itunes\iTunesHelper.exe
(AVAST Software) C:\Nainstalovano\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ZONER software) C:\Nainstalovano\Photo Studio 17\Program32\ZPSTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Serengeti Systems Incorporated) C:\Nainstalovano\robo ftp\SchedulerService.exe
(Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\plugin-container.exe
(BitTorrent, Inc.) C:\Nainstalovano\uTorrent\uTorrent.exe
(Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
(Farbar) D:\Stažené soubory\FRST(2).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PowerDVD13Agent] => C:\Nainstalovano\Power DVD 13\PowerDVD13\PowerDVD13Agent.exe [517144 2013-10-23] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Western Digital\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Nainstalovano\PowerISO\PWRISOVM.EXE [200704 2006-12-25] (PowerISO Computing, Inc.)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2131856 2016-06-20] (iSkySoft)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-29] ()
HKLM\...\Run: [iTunesHelper] => C:\Nainstalovano\Itunes\iTunesHelper.exe [157456 2015-10-16] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Nainstalovano\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [SpywareTerminatorShield] => G:\Downloads\Spyware Terminator Premium 2015 3.0.1.107 CZ!\100%\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => G:\Downloads\Spyware Terminator Premium 2015 3.0.1.107 CZ!\100%\SpywareTerminatorUpdate.exe
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12009176 2013-09-13] (Realtek Semiconductor)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Run: [PowerDVD13] => C:\Nainstalovano\Power DVD 13\PowerDVD13\PDVDLP.exe [470792 2013-10-23] (CyberLink Corp.)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Nainstalovano\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Policies\system: [DisableClock] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast\ashShell.dll [2016-09-08] (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BootExecute: autocheck autochk * sh4native Sh4Removal

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4310A902-C9E0-4895-B0EA-1B023C3E0392}: [NameServer] 10.1.1.0,10.1.1.100
Tcpip\..\Interfaces\{773AED62-3847-4BF6-ADB6-CD8382113C44}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-203695958-539750940-1501531493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> 1500C81568E2C9D8F17E29C71ECBB74C URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-203695958-539750940-1501531493-1000 -> {E3BF7B2D-C987-462D-9BF9-92F2FCC615DA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files\Spyware Terminator\STInternetGuard.dll [2016-03-03] (Crawler Group, LLC)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Nainstalovano\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-10-29] (Wondershare)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File

FireFox:
========
FF ProfilePath: C:\Users\Paja\AppData\Roaming\Mozilla\Firefox\Profiles\3456uct3.default [2016-11-17]
FF Homepage: Mozilla\Firefox\Profiles\3456uct3.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\3456uct3.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\3456uct3.default -> type", 4
FF HKLM\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com [2015-10-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2016-01-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Nainstalovano\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Nainstalovano\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Nainstalovano\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Nainstalovano\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [{30628BCD-632F-4698-8E83-0B6597E9100A}] - C:\Nainstalovano\Facebook Video Downloader\FBVD_FF.xpi
FF Extension: (Facebook Video Downloader Extension) - C:\Nainstalovano\Facebook Video Downloader\FBVD_FF.xpi [2014-09-19] [not signed]
FF HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Nainstalovano\Itunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [No File]
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2014-11-11] ( )
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Nainstalovano\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Nainstalovano\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-11-09]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-11-09]
CHR Extension: (YouTube) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (RealDownloader) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2016-01-16]
CHR Extension: (Facebook Video Downloader Extension) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffdffcnfhdcfbjijbcfghooboafmhel [2016-05-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-11-09]
CHR Extension: (Gmail) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\Paja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-09]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jffdffcnfhdcfbjijbcfghooboafmhel] - C:\Nainstalovano\Facebook Video Downloader\FBVD_GC.crx [2014-09-19]

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/?clid=6826"
StartMenuInternet: (HKLM) OperaStable - C:\Nainstalovano\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2015-03-04] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2015-02-03] (Microsoft Corporation) [File not signed]
S3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2015-06-15] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [475136 2015-02-03] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [475136 2015-02-03] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Nainstalovano\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [143872 2015-04-27] (Microsoft Corporation) [File not signed]
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-10-23] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Nainstalovano\Power DVD 13\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-10-23] (CyberLink)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [853504 2015-05-25] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [909312 2015-04-20] (Microsoft Corporation) [File not signed]
R2 FreemakeVideoCapture; C:\Nainstalovano\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-04-17] (Ellora Assets Corp.) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [102912 2015-06-19] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveAuditService.exe [65824 2006-10-26] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2015-06-15] (Microsoft Corporation) [File not signed]
S3 NBService; C:\Nainstalovano\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2014-12-06] (Microsoft Corporation) [File not signed]
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2015-02-03] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164864 2014-12-19] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 reaConverter_service; C:\Nainstalovano\reaConverter 7 Standard\rc_service.exe [2129408 2015-06-19] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R2 SchedulerService0310; C:\Nainstalovano\robo ftp\SchedulerService.exe [48448 2016-05-27] (Serengeti Systems Incorporated)
R2 ScsiAccess; C:\Nainstalovano\ProShow\ScsiAccess.exe [186760 2014-11-11] ()
S2 Secure Hunter Service; C:\Nainstalovano\AntiMalwarePro\bin\shrtsrv.exe [47416 2015-12-16] (SecureHunter LLC) [File not signed]
R2 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [2114384 2016-03-03] (Crawler Group, LLC)
S3 TermService; C:\Windows\System32\termsrv.dll [523776 2014-10-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2015-07-01] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) [File not signed]
S4 wuauserv; C:\Windows\system32\wuaueng.dll [2057216 2015-07-09] (Microsoft Corporation) [File not signed]
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2012-05-17] (AnvSoft Inc.) [File not signed]
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2015-02-03] (Microsoft Corporation) [File not signed]
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-04-11] (Disc Soft Ltd)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [514560 2015-02-25] (Microsoft Corporation) [File not signed]
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [55848 2000-01-01] (Atheros Communications, Inc.)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [116224 2014-12-19] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [124416 2015-07-01] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [225792 2015-07-01] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [98304 2015-07-01] (Microsoft Corporation) [File not signed]
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7517696 2011-08-03] (Intel Corporation)
R3 NPF; C:\Windows\System32\drivers\NPF.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-08-31] (Nuvoton Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [593920 2015-02-03] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [31644 2006-12-25] (PowerISO Computing, Inc.) [File not signed]
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2014-02-07] (Screaming Bee LLC)
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2014-11-11] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-17] (Apple, Inc.) [File not signed]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Nainstalovano\Power DVD 13\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-10-23] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Paja\AppData\Local\Temp\catchme.sys [X]
S3 CTIpHook; \SystemRoot\system32\Drivers\CTIpHook.sys [X]
U3 DfSdkS; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-17 21:28 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2016-11-17 21:20 - 2016-11-17 21:26 - 00000000 ____D C:\AdwCleaner
2016-11-14 22:34 - 2016-11-17 22:48 - 00000000 ____D C:\FRST
2016-11-05 23:49 - 2016-11-05 23:36 - 1340518490 _____ C:\Převrat.avi
2016-11-05 23:14 - 2016-11-05 23:14 - 00000677 _____ C:\Users\Public\Desktop\AIMP.lnk
2016-11-05 23:14 - 2016-11-05 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2016-11-05 21:30 - 2016-11-05 21:30 - 10160836 _____ C:\Users\Paja\Documents\vlc-record-2016-11-05-21h30m37s-HBO HD-.ts
2016-11-05 21:22 - 2016-11-05 21:23 - 16352240 _____ C:\Users\Paja\Documents\vlc-record-2016-11-05-21h22m44s-HBO HD-.ts
2016-11-04 00:11 - 2016-11-04 00:11 - 00001093 _____ C:\Users\Paja\Desktop\playlist – zástupce.lnk
2016-10-23 13:51 - 2016-10-23 13:53 - 00000000 ____D C:\paní Duchková TV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-17 22:48 - 2016-02-12 00:39 - 00000000 ____D C:\Users\Paja\AppData\Roaming\uTorrent
2016-11-17 22:42 - 2014-04-11 15:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-17 22:20 - 2010-11-21 02:16 - 00672046 _____ C:\Windows\system32\perfh005.dat
2016-11-17 22:20 - 2010-11-21 02:16 - 00142610 _____ C:\Windows\system32\perfc005.dat
2016-11-17 22:20 - 2010-11-20 22:01 - 01591750 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-17 22:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-17 21:57 - 2014-04-11 20:38 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-17 21:45 - 2015-11-22 22:54 - 00000000 ____D C:\Users\Paja\AppData\Roaming\vlc
2016-11-17 21:43 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-17 21:43 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-17 21:30 - 2016-07-01 22:44 - 00000441 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-11-17 21:28 - 2014-04-11 15:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-17 21:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-17 21:00 - 2014-04-14 23:26 - 00000000 ____D C:\Users\Paja\Documents\FFOutput
2016-11-17 18:45 - 2016-06-09 19:21 - 00000286 _____ C:\native log.txt
2016-11-15 13:45 - 2015-09-22 16:30 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-15 13:45 - 2014-04-11 15:22 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-15 13:22 - 2014-06-24 14:04 - 00000000 ____D C:\Users\Paja\AppData\Local\CrashDumps
2016-11-14 22:02 - 2014-04-11 17:11 - 00029140 _____ C:\Users\Paja\Desktop\Nový textový dokument.txt
2016-11-14 20:50 - 2016-06-03 21:14 - 00000000 ____D C:\Users\Paja\AppData\Roaming\AIMP
2016-11-09 15:37 - 2015-07-22 21:03 - 00000000 ____D C:\Anička Sofinka dnes
2016-11-09 14:56 - 2015-10-29 21:41 - 00000000 ____D C:\ProgramData\iSkysoft iMedia Converter Deluxe
2016-11-08 23:57 - 2014-04-11 20:38 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 23:57 - 2014-04-11 20:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-08 23:57 - 2014-04-11 20:38 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 22:32 - 2014-04-19 16:46 - 00000000 ____D C:\Users\Paja\AppData\Roaming\Skype
2016-11-06 00:19 - 2015-11-13 18:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 22:48 - 2014-05-05 21:41 - 00000000 ____D C:\Users\Paja\AppData\Roaming\dvdcss
2016-11-02 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-02 21:47 - 2014-04-11 19:07 - 00000000 ____D C:\Users\Paja\AppData\Local\ElevatedDiagnostics
2016-10-22 23:11 - 2014-05-02 21:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-22 19:00 - 2014-04-11 15:15 - 00000000 ____D C:\Nainstalovano
2016-10-21 15:46 - 2014-04-19 16:46 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-08-08 23:17 - 2011-07-19 02:37 - 0003262 _____ () C:\Program Files\Falco.ico
2014-08-08 23:17 - 2011-07-19 03:05 - 0000046 _____ () C:\Program Files\Falco.url
2014-07-10 07:16 - 2014-07-10 07:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2014-04-17 22:50 - 2014-04-19 21:57 - 0007887 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.cat
2014-04-17 22:50 - 2014-04-19 21:57 - 0001144 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.inf
2014-04-17 22:52 - 2014-04-19 21:57 - 0000034 _____ () C:\Users\Paja\AppData\Roaming\pcouffin.log
2014-04-17 22:50 - 2014-04-19 21:57 - 0047360 _____ (VSO Software) C:\Users\Paja\AppData\Roaming\pcouffin.sys
2016-02-18 21:18 - 2016-02-18 23:13 - 0000668 _____ () C:\Users\Paja\AppData\Roaming\vso_ts_preview.xml
2014-05-02 22:58 - 2014-05-02 22:58 - 0000001 _____ () C:\Users\Paja\AppData\Local\llftool.4.40.agreement
2016-07-01 18:50 - 2016-07-01 18:51 - 0000600 _____ () C:\Users\Paja\AppData\Local\PUTTY.RND
2016-07-05 23:36 - 2016-07-05 23:36 - 0001421 _____ () C:\Users\Paja\AppData\Local\recently-used.xbel
2016-01-02 22:28 - 2016-01-02 22:28 - 0000000 _____ () C:\Users\Paja\AppData\Local\{260E69FE-667F-4EA6-AAA1-CDB82EE17888}
2016-01-02 22:28 - 2016-01-02 22:28 - 0000000 _____ () C:\Users\Paja\AppData\Local\{420565C7-551E-4DB4-A42D-D66A5D182EA7}
2014-04-11 16:49 - 2014-04-11 16:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Paja\AppData\Local\temp\iv_uninstall.exe
C:\Users\Paja\AppData\Local\temp\jna1887828504310327085.dll
C:\Users\Paja\AppData\Local\temp\libeay32.dll
C:\Users\Paja\AppData\Local\temp\msvcr120.dll
C:\Users\Paja\AppData\Local\temp\sqlite3.dll
C:\Users\Paja\AppData\Local\temp\vlc-2.2.4-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-14 23:38

==================== End of FRST.txt ============================

#11 Příspěvek od **Rudy** » 18 lis 2016 18:52

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-203695958-539750940-1501531493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FF HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
U3 DfSdkS; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Paja\AppData\Local\temp

EmptaTemp:
End

Uložte do D:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

dj-paja · #12 Příspěvek od **dj-paja** » 19 lis 2016 00:58

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by Paja (19-11-2016 00:52:40) Run:1
Running from D:\Stažené soubory
Loaded Profiles: Paja (Available Profiles: Paja)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-203695958-539750940-1501531493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - No File
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - No File
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FF HKU\S-1-5-21-203695958-539750940-1501531493-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe" [X]
U3 DfSdkS; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Paja\AppData\Local\temp

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-203695958-539750940-1501531493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key removed successfully.
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}" => key removed successfully.
HKCR\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
"HKCR\PROTOCOLS\Handler\mso-minsb-roaming.16" => key removed successfully.
"HKCR\CLSID\{83C25742-A9F7-49FB-9138-434302C88D07}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\mso-minsb.16" => key removed successfully.
"HKCR\CLSID\{42089D2D-912D-4018-9087-2B87803E93FB}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\osf-roaming.16" => key removed successfully.
HKCR\CLSID\{42089D2D-912D-4018-9087-2B87803E93FB} => key not found.
"HKCR\PROTOCOLS\Handler\osf.16" => key removed successfully.
"HKCR\CLSID\{5504BE45-A83B-4808-900A-3A5C36E7F77A}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\WSISVCUchrome" => key removed successfully.
HKU\S-1-5-21-203695958-539750940-1501531493-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
McComponentHostService => service removed successfully.
DfSdkS => service removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Paja\AppData\Local\temp" folder move:

Could not move "C:\Users\Paja\AppData\Local\temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-11-2016 00:55:31)

C:\Users\Paja\AppData\Local\temp => moved successfully

==== End of Fixlog 00:55:31 ====

#13 Příspěvek od **Rudy** » 19 lis 2016 11:13

Smazáno, log by již měl být OK.

dj-paja · #14 Příspěvek od **dj-paja** » 19 lis 2016 19:06

Jen se tedy zeptám,zřejmně tam byl vir,který toto mohl způsobit že díky.

#15 Příspěvek od **Rudy** » 19 lis 2016 19:48

Jen AdWary a zbytečnosti. Nemáte zač!

VIRY.CZ

Facebook nutná změna,hesla najednou?

Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?

Re: Facebook nutná změna,hesla najednou?