reklamy a takrka nepouzitelny pocitac

[JaRon]

Nalezene hrozby nechaj zmazat v mbam
Log mbam musi byt cisty
Ak je to potrebne chrome preinstaluj

[Georgo]

projizdim pocitac znova, po restartu se objevila hlaska viz priloha

[JaRon]

Vycisti pc s ccleanerom - hlavne registre
Restart a kontrola mbam

[Georgo]

vkladam novy log, MBAM nic nenasel,, ale ani po procisteni CClenerem (dvojnasobnem) se po restartu hlaska stále objevuje...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 1. 2016
Čas skenování: 14:12
Protokol: log1001b.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.10.01
Databáze rootkitů: v2016.01.09.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 418277
Uplynulý čas: 34 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[JaRon]

Spust msconfig a pozri v casti po spusteni riadok, kde sa nachadza weblogo
Polozku odskrtni

[Georgo]

bohužel jsem ho tam nikde nenasel, po restartu stále vyskakuje,, i když jsem zakazal nektere zbytecnosti. Davam do prilohy aktivni progrmy po spusteni

[JaRon]

Spust regedit a nechaj hladat weblogo.dll
Najdene polozky nechaj zmazat - NIC ine

[Georgo]

ani tady nic nenalezeno... .

[JaRon]

Vloz oba logy frst
Zajtra pozriem

[Georgo]

Jsem se k tomu bohužel včera nedostal. Diky moc za kontrolu


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by PC (administrator) on HP (12-01-2016 08:24:09)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC & (Available Profiles: PC & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(© 2015 Microsoft Corporation) C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
() C:\Users\PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\Temp\AEBE34CB-76BE-4061-81E8-5025A36F1AE0\DismHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-09] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-31] (Electronic Arts)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [YandexElements] => C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.7.0.3110\elements64.exe [1596192 2015-01-30] (Yandex)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [BingSvc] => C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {896478fb-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {8964792b-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {e457b467-dc6b-11e4-bece-1c3e84d3e000} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-31] (Electronic Arts)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [YandexElements] => C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.7.0.3110\elements64.exe [1596192 2015-01-30] (Yandex)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BingSvc] => C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {896478fb-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8964792b-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e457b467-dc6b-11e4-bece-1c3e84d3e000} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712904 2013-06-26] (CyberLink Corp.)
HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-09] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.2.lnk [2016-01-10]
ShortcutTarget: LibreOffice 4.2.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.232.0.1
Tcpip\..\Interfaces\{D91DE564-3B19-436F-839F-9CF1F93BEB5E}: [DhcpNameServer] 10.232.0.1
Tcpip\..\Interfaces\{DBA9C032-1D32-4A36-B4AE-32E97F82AF63}: [NameServer] 212.96.162.2,212.96.160.6

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 0F90EA36D1613F7FBD571385D90C7B7E URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 72E484AF8DCDB114F152344A2D8C0D52 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 9A977916707078BDD353EC83F25BA3EE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> E47228424C646722743F33271D300290 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {3E27AC61-7600-40BE-A664-556F4BEFDD31} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {6779ABF7-35C4-42D4-9CEF-488D0F66F0D3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL =
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {992EC384-AB2D-41CE-8D76-1B5B1E83F5BC} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {A4BC2A94-CE8B-4186-B1F4-C217DD74B802} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {ADCFD57D-CB1C-49BB-8AC8-A10E33C027D3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {B2F71F2B-B0C7-4AC2-93AC-1E044DD06A5E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {C7055BB4-A3FD-45A0-B0CB-45ED9F9D1F5B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {EB9AC584-9F8C-4948-B8AF-2D8635E9D32C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {F425ACEF-394D-4398-9681-56F75B2CE54A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> 0F90EA36D1613F7FBD571385D90C7B7E URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> 72E484AF8DCDB114F152344A2D8C0D52 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> 9A977916707078BDD353EC83F25BA3EE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> E47228424C646722743F33271D300290 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3E27AC61-7600-40BE-A664-556F4BEFDD31} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6779ABF7-35C4-42D4-9CEF-488D0F66F0D3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL =
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {992EC384-AB2D-41CE-8D76-1B5B1E83F5BC} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A4BC2A94-CE8B-4186-B1F4-C217DD74B802} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {ADCFD57D-CB1C-49BB-8AC8-A10E33C027D3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {B2F71F2B-B0C7-4AC2-93AC-1E044DD06A5E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C7055BB4-A3FD-45A0-B0CB-45ED9F9D1F5B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EB9AC584-9F8C-4948-B8AF-2D8635E9D32C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F425ACEF-394D-4398-9681-56F75B2CE54A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Visual Bookmarks -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll [2015-01-30] ()
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll [2015-01-30] ()
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default
FF DefaultSearchEngine: V9
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: V9
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1409374307-799940909-199679684-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\bing-.xml [2015-07-30]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\firmy.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\firmy.cz-221019.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\seznam.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\videa.seznam.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\videa.seznam.cz-221019.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\zbozi.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\zbozi.cz-221019.xml [2015-03-03]
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\arthurj8283@gmail.com [not found]
FF Extension: faviconizetabespionjustsizejp - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\faviconizetab@espion.just-size.jp [2015-09-06] [not signed]
FF Extension: Bing Search - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\Extensions\bingsearch.full@microsoft.com [2015-07-30] [not signed]
FF Extension: Seznam lištička - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\arthurj8283@gmail.com => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-06] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\A48B15F50FEB83C2F3B736FCB25AC532A48B [2015-10-12] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-1409374307-799940909-199679684-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pchfckkccldkbclgdepkaonamkignanh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-12] ()
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-06-12] (EasyAntiCheat Ltd)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-07] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-01] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-06-16] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2015-06-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [228032 2014-08-08] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-09] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-04-11] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 08:24 - 2016-01-12 08:24 - 00035100 _____ C:\Users\PC\Desktop\FRST.txt
2016-01-12 08:22 - 2016-01-12 08:24 - 00000000 ____D C:\FRST
2016-01-12 08:22 - 2016-01-12 08:22 - 00112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2016-01-12 08:21 - 2016-01-12 08:21 - 00000000 _____ C:\Users\PC\Downloads\FRSTLauncher.exe.ropb12y.partial
2016-01-12 08:19 - 2016-01-12 08:19 - 02370560 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2016-01-12 08:07 - 2016-01-12 08:07 - 629405653 _____ C:\WINDOWS\MEMORY.DMP
2016-01-12 08:07 - 2016-01-12 08:07 - 00281624 _____ C:\WINDOWS\Minidump\011216-22968-01.dmp
2016-01-10 13:58 - 2016-01-10 13:58 - 00009494 _____ C:\Users\PC\Documents\cc_20160110_135759.reg
2016-01-10 13:47 - 2016-01-10 13:48 - 00486218 _____ C:\Users\PC\Documents\cc_20160110_134748.reg
2016-01-10 13:43 - 2016-01-10 13:43 - 00001026 _____ C:\Users\PC\Desktop\CCleaner.lnk
2016-01-10 13:43 - 2016-01-10 13:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-10 13:43 - 2016-01-10 13:43 - 00000000 ____D C:\Program Files (x86)\CCleaner
2016-01-10 13:42 - 2016-01-10 13:42 - 01187896 _____ (Piriform Ltd) C:\Users\PC\Desktop\ccleaner.exe
2016-01-09 23:25 - 2016-01-10 00:01 - 00000080 _____ C:\Users\PC\Desktop\Jednotka CD-ROM - zástupce.lnk
2016-01-09 23:25 - 2016-01-10 00:01 - 00000080 _____ C:\Users\PC\Desktop\hlaska - zástupce.lnk
2016-01-09 22:43 - 2016-01-09 22:43 - 00009728 ___SH C:\Users\PC\Documents\Thumbs.db
2016-01-09 22:43 - 2016-01-09 22:43 - 00001349 _____ C:\Users\PC\Desktop\hlaska – zástupce.lnk
2016-01-09 18:10 - 2016-01-09 18:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2016-01-09 18:08 - 2011-08-16 16:40 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-01-09 18:08 - 2011-08-16 16:40 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2016-01-09 18:07 - 2016-01-09 18:07 - 00000000 ____D C:\Program Files (x86)\Huawei
2016-01-06 10:13 - 2016-01-12 08:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-06 10:12 - 2016-01-06 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-06 10:12 - 2016-01-06 10:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-06 10:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-06 10:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-06 10:06 - 2016-01-06 10:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2016-01-06 10:03 - 2016-01-06 10:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-06 10:03 - 2016-01-06 10:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-01-06 10:03 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-06 09:59 - 2016-01-06 09:59 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-1.75.0.1300.exe
2016-01-05 15:31 - 2016-01-05 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-01-05 14:49 - 2016-01-05 15:16 - 00000000 ____D C:\AdwCleaner
2016-01-05 14:48 - 2016-01-05 14:48 - 01749504 _____ C:\Users\PC\Downloads\adwcleaner_5.028.exe
2016-01-05 14:42 - 2016-01-09 21:07 - 00000000 ____D C:\ProgramData\1WdM1
2016-01-05 14:38 - 2016-01-05 15:06 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-01-05 11:34 - 2016-01-12 08:16 - 00000000 ____D C:\Program Files\trend micro
2016-01-05 11:34 - 2016-01-05 11:34 - 00000000 ____D C:\rsit
2016-01-05 11:33 - 2016-01-05 11:34 - 01222144 _____ C:\Users\PC\Downloads\RSITx64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 08:23 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-12 08:15 - 2014-11-04 16:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\ClassicShell
2016-01-12 08:13 - 2014-11-04 17:20 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1409374307-799940909-199679684-1002
2016-01-12 08:09 - 2014-11-04 15:52 - 00000000 ____D C:\Users\PC\Documents\Youcam
2016-01-12 08:08 - 2013-08-08 15:15 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2016-01-12 08:08 - 2013-06-07 08:40 - 00001017 _____ C:\WINDOWS\SysWOW64\bscs.ini
2016-01-12 08:07 - 2015-01-04 16:35 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-12 08:07 - 2014-11-06 10:57 - 00000000 ____D C:\Users\PC
2016-01-12 08:07 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-12 08:07 - 2013-08-08 15:15 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2016-01-10 23:02 - 2014-12-21 12:32 - 00000347 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2016-01-10 20:00 - 2014-11-30 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-10 18:16 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-10 18:12 - 2015-10-10 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-10 18:11 - 2014-11-06 10:47 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-10 18:09 - 2015-10-19 20:50 - 00142336 ___SH C:\Users\PC\Desktop\Thumbs.db
2016-01-10 18:09 - 2015-09-23 13:17 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-10 17:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-10 17:45 - 2015-07-30 20:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-01-10 14:07 - 2015-07-21 22:18 - 00000000 ____D C:\Users\PC\AppData\Roaming\Seznam.cz
2016-01-10 03:05 - 2014-11-06 11:03 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-10 03:05 - 2014-11-05 16:03 - 00001731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-01-10 03:05 - 2014-11-05 16:02 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-10 00:05 - 2015-12-10 18:24 - 00001239 _____ C:\Users\Public\Desktop\Minecraft Launcher 1.8.lnk
2016-01-10 00:05 - 2015-11-09 23:27 - 00001983 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-10 00:05 - 2015-07-31 21:57 - 00001985 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-01-10 00:04 - 2015-04-21 07:04 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-10 00:01 - 2014-11-06 11:14 - 00001026 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-10 00:01 - 2014-11-06 10:57 - 00000469 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-10 00:01 - 2014-11-06 10:57 - 00000467 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-09 23:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2016-01-09 23:25 - 2015-11-25 17:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-01-09 23:24 - 2015-03-01 11:01 - 00000000 ____D C:\Users\PC\AppData\Roaming\wld
2016-01-09 21:02 - 2015-08-24 19:36 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-09 18:55 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-09 18:21 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-01-09 18:10 - 2014-09-24 17:23 - 01934988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-09 18:10 - 2014-09-24 16:39 - 00802206 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-09 18:10 - 2014-09-24 16:39 - 00183700 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-08 16:57 - 2015-10-15 13:34 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-01-08 16:57 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 16:54 - 2015-03-09 20:38 - 00000000 ____D C:\Program Files (x86)\Company
2016-01-05 15:53 - 2015-01-23 19:36 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2016-01-05 15:31 - 2015-11-24 13:05 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-01-05 15:22 - 2015-12-10 18:24 - 00000000 ____D C:\Program Files (x86)\Adobe Arkalis
2016-01-05 15:19 - 2015-09-23 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-05 15:06 - 2015-10-15 13:34 - 00000000 ____D C:\WINDOWS\system32\log
2016-01-05 15:06 - 2015-07-24 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Enhanced Edition
2016-01-05 15:06 - 2015-03-03 22:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-01-05 15:00 - 2014-11-30 19:55 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-05 14:52 - 2015-09-02 17:52 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2016-01-05 11:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Files in the root of some directories =======

2014-11-15 12:59 - 2015-04-20 13:05 - 0000030 _____ () C:\Users\PC\AppData\Roaming\mstlyajh.dat
2014-11-15 12:59 - 2014-11-15 12:59 - 0008922 _____ () C:\Users\PC\AppData\Roaming\mswcmbbn.dat
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\PC\AppData\Roaming\OFfuukckjH
2015-01-21 00:01 - 2015-01-21 16:16 - 0020908 _____ () C:\Users\PC\AppData\Roaming\PC.txt
2015-07-21 22:54 - 2015-07-21 22:49 - 0237568 ____N () C:\Users\PC\AppData\Roaming\trz35BA.tmp
2015-09-27 21:39 - 2015-09-27 21:39 - 0000000 ___SH () C:\Users\PC\AppData\Local\LumaEmu
2015-04-20 13:18 - 2015-04-20 15:16 - 0007598 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 18 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[JaRon]

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.autoupdate] => C:\Users\PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.szndesktop] => C:\Users\PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PC\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
2014-11-15 12:59 - 2015-04-20 13:05 - 0000030 _____ () C:\Users\PC\AppData\Roaming\mstlyajh.dat
2014-11-15 12:59 - 2014-11-15 12:59 - 0008922 _____ () C:\Users\PC\AppData\Roaming\mswcmbbn.dat
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\PC\AppData\Roaming\OFfuukckjH
2015-07-21 22:54 - 2015-07-21 22:49 - 0237568 ____N () C:\Users\PC\AppData\Roaming\trz35BA.tmp



EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[JaRon]

+
ZMAZ subor
C:\Windows\System32\Tasks\Web Logo

[Georgo]

super, hlaska je pryc. pridavam log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by PC (administrator) on HP (13-01-2016 08:19:48)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(© 2015 Microsoft Corporation) C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2994928 2013-06-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-05-14] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-11-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-31] (Electronic Arts)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [YandexElements] => C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.7.0.3110\elements64.exe [1596192 2015-01-30] (Yandex)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\Run: [BingSvc] => C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {896478fb-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {8964792b-b620-11e5-bf48-1c3e84d3e000} - "E:\Autorun.exe"
HKU\S-1-5-21-1409374307-799940909-199679684-1002\...\MountPoints2: {e457b467-dc6b-11e4-bece-1c3e84d3e000} - "E:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-11-09] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-01-10]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 4.2.lnk [2016-01-10]
ShortcutTarget: LibreOffice 4.2.lnk -> C:\Program Files (x86)\LibreOffice 4\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D91DE564-3B19-436F-839F-9CF1F93BEB5E}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DBA9C032-1D32-4A36-B4AE-32E97F82AF63}: [NameServer] 212.96.162.2,212.96.160.6

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 0F90EA36D1613F7FBD571385D90C7B7E URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 72E484AF8DCDB114F152344A2D8C0D52 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> 9A977916707078BDD353EC83F25BA3EE URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> E47228424C646722743F33271D300290 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {3E27AC61-7600-40BE-A664-556F4BEFDD31} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {6779ABF7-35C4-42D4-9CEF-488D0F66F0D3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL =
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {992EC384-AB2D-41CE-8D76-1B5B1E83F5BC} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {A4BC2A94-CE8B-4186-B1F4-C217DD74B802} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {ADCFD57D-CB1C-49BB-8AC8-A10E33C027D3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {B2F71F2B-B0C7-4AC2-93AC-1E044DD06A5E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {C7055BB4-A3FD-45A0-B0CB-45ED9F9D1F5B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {EB9AC584-9F8C-4948-B8AF-2D8635E9D32C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1409374307-799940909-199679684-1002 -> {F425ACEF-394D-4398-9681-56F75B2CE54A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Visual Bookmarks -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll [2015-01-30] ()
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll [2015-01-30] ()
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default
FF DefaultSearchEngine: V9
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: V9
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1409374307-799940909-199679684-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-15] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\bing-.xml [2015-07-30]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\firmy.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\firmy.cz-221019.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\seznam.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\videa.seznam.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\videa.seznam.cz-221019.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\zbozi.cz-220759.xml [2015-03-03]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\searchplugins\zbozi.cz-221019.xml [2015-03-03]
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\arthurj8283@gmail.com [not found]
FF Extension: faviconizetabespionjustsizejp - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\faviconizetab@espion.just-size.jp [2015-09-06] [not signed]
FF Extension: Bing Search - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\Extensions\bingsearch.full@microsoft.com [2015-07-30] [not signed]
FF Extension: Seznam lištička - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-01-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pxerndpm.default\extensions\arthurj8283@gmail.com => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-06] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\A48B15F50FEB83C2F3B736FCB25AC532A48B [2015-10-12] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-1409374307-799940909-199679684-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pchfckkccldkbclgdepkaonamkignanh] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-11-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-12] ()
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1630456 2013-06-07] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-05-14] (IVT Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-06-12] (EasyAntiCheat Ltd)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-07] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-01] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-06-16] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2015-06-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [228032 2014-08-08] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-11-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-11-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-11-09] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-04-11] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-05] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 07:52 - 2016-01-13 07:57 - 00007087 _____ C:\Users\PC\Desktop\Fixlog.txt
2016-01-13 07:49 - 2016-01-13 08:19 - 00000000 ____D C:\Users\PC\Desktop\frst
2016-01-12 08:29 - 2016-01-12 08:29 - 00006765 _____ C:\Users\PC\Desktop\Addition.zip
2016-01-12 08:26 - 2016-01-12 08:27 - 00018590 _____ C:\Users\PC\Desktop\Addition.txt
2016-01-12 08:24 - 2016-01-13 08:19 - 00025388 _____ C:\Users\PC\Desktop\FRST.txt
2016-01-12 08:23 - 2016-01-12 08:23 - 00015327 _____ C:\Users\PC\Desktop\LM.bat
2016-01-12 08:22 - 2016-01-13 08:19 - 00000000 ____D C:\FRST
2016-01-12 08:21 - 2016-01-12 08:21 - 00000000 _____ C:\Users\PC\Downloads\FRSTLauncher.exe.ropb12y.partial
2016-01-12 08:19 - 2016-01-12 08:19 - 02370560 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2016-01-12 08:07 - 2016-01-12 08:07 - 629405653 _____ C:\WINDOWS\MEMORY.DMP
2016-01-12 08:07 - 2016-01-12 08:07 - 00281624 _____ C:\WINDOWS\Minidump\011216-22968-01.dmp
2016-01-10 13:58 - 2016-01-10 13:58 - 00009494 _____ C:\Users\PC\Documents\cc_20160110_135759.reg
2016-01-10 13:47 - 2016-01-10 13:48 - 00486218 _____ C:\Users\PC\Documents\cc_20160110_134748.reg
2016-01-10 13:43 - 2016-01-10 13:43 - 00001026 _____ C:\Users\PC\Desktop\CCleaner.lnk
2016-01-10 13:43 - 2016-01-10 13:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-10 13:43 - 2016-01-10 13:43 - 00000000 ____D C:\Program Files (x86)\CCleaner
2016-01-10 13:42 - 2016-01-10 13:42 - 01187896 _____ (Piriform Ltd) C:\Users\PC\Desktop\ccleaner.exe
2016-01-09 23:25 - 2016-01-10 00:01 - 00000080 _____ C:\Users\PC\Desktop\Jednotka CD-ROM - zástupce.lnk
2016-01-09 23:25 - 2016-01-10 00:01 - 00000080 _____ C:\Users\PC\Desktop\hlaska - zástupce.lnk
2016-01-09 22:43 - 2016-01-09 22:43 - 00009728 ___SH C:\Users\PC\Documents\Thumbs.db
2016-01-09 22:43 - 2016-01-09 22:43 - 00001349 _____ C:\Users\PC\Desktop\hlaska – zástupce.lnk
2016-01-09 18:10 - 2016-01-09 18:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2016-01-09 18:08 - 2011-08-16 16:40 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-01-09 18:08 - 2011-08-16 16:40 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2016-01-09 18:07 - 2016-01-09 18:07 - 00000000 ____D C:\Program Files (x86)\Huawei
2016-01-06 10:13 - 2016-01-13 08:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-06 10:12 - 2016-01-06 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-06 10:12 - 2016-01-06 10:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-06 10:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-06 10:12 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-06 10:06 - 2016-01-06 10:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2016-01-06 10:03 - 2016-01-06 10:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-06 10:03 - 2016-01-06 10:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2016-01-06 10:03 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-06 09:59 - 2016-01-06 09:59 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-1.75.0.1300.exe
2016-01-05 15:31 - 2016-01-05 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-01-05 14:49 - 2016-01-05 15:16 - 00000000 ____D C:\AdwCleaner
2016-01-05 14:48 - 2016-01-05 14:48 - 01749504 _____ C:\Users\PC\Downloads\adwcleaner_5.028.exe
2016-01-05 14:42 - 2016-01-09 21:07 - 00000000 ____D C:\ProgramData\1WdM1
2016-01-05 14:38 - 2016-01-05 15:06 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-01-05 11:34 - 2016-01-12 08:16 - 00000000 ____D C:\Program Files\trend micro
2016-01-05 11:34 - 2016-01-05 11:34 - 00000000 ____D C:\rsit
2016-01-05 11:33 - 2016-01-05 11:34 - 01222144 _____ C:\Users\PC\Downloads\RSITx64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 08:12 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-13 08:10 - 2014-11-04 17:20 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1409374307-799940909-199679684-1002
2016-01-13 08:01 - 2015-04-21 07:04 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-13 08:01 - 2014-11-04 15:52 - 00000000 ____D C:\Users\PC\Documents\Youcam
2016-01-13 08:01 - 2013-08-08 15:15 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2016-01-13 08:00 - 2015-10-19 20:50 - 00142336 ___SH C:\Users\PC\Desktop\Thumbs.db
2016-01-13 08:00 - 2014-11-30 19:55 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-13 08:00 - 2013-06-07 08:40 - 00001017 _____ C:\WINDOWS\SysWOW64\bscs.ini
2016-01-13 07:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-13 07:59 - 2013-08-08 15:15 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2016-01-13 07:58 - 2014-11-06 10:57 - 00000000 ____D C:\Users\PC
2016-01-13 07:58 - 2014-11-06 10:47 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-13 07:58 - 2014-11-04 16:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\ClassicShell
2016-01-12 11:37 - 2014-12-21 12:32 - 00000347 _____ C:\WINDOWS\SysWOW64\REMOTEDEVICE.INI
2016-01-12 08:23 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-12 08:07 - 2015-01-04 16:35 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-10 18:12 - 2015-10-10 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-10 18:09 - 2015-09-23 13:17 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-10 17:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-10 17:45 - 2015-07-30 20:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-01-10 14:07 - 2015-07-21 22:18 - 00000000 ____D C:\Users\PC\AppData\Roaming\Seznam.cz
2016-01-10 03:05 - 2014-11-06 11:03 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-10 03:05 - 2014-11-05 16:03 - 00001731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-01-10 03:05 - 2014-11-05 16:02 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-10 00:05 - 2015-12-10 18:24 - 00001239 _____ C:\Users\Public\Desktop\Minecraft Launcher 1.8.lnk
2016-01-10 00:05 - 2015-11-09 23:27 - 00001983 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-10 00:05 - 2015-07-31 21:57 - 00001985 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-01-10 00:01 - 2014-11-06 11:14 - 00001026 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-10 00:01 - 2014-11-06 10:57 - 00000469 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-10 00:01 - 2014-11-06 10:57 - 00000467 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-09 23:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2016-01-09 23:25 - 2015-11-25 17:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2016-01-09 23:24 - 2015-03-01 11:01 - 00000000 ____D C:\Users\PC\AppData\Roaming\wld
2016-01-09 21:02 - 2015-08-24 19:36 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-09 18:55 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-09 18:21 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-01-09 18:10 - 2014-09-24 17:23 - 01934988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-09 18:10 - 2014-09-24 16:39 - 00802206 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-09 18:10 - 2014-09-24 16:39 - 00183700 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-08 16:57 - 2015-10-15 13:34 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2016-01-08 16:57 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 16:54 - 2015-03-09 20:38 - 00000000 ____D C:\Program Files (x86)\Company
2016-01-05 15:53 - 2015-01-23 19:36 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2016-01-05 15:31 - 2015-11-24 13:05 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-01-05 15:22 - 2015-12-10 18:24 - 00000000 ____D C:\Program Files (x86)\Adobe Arkalis
2016-01-05 15:19 - 2015-09-23 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-05 15:06 - 2015-10-15 13:34 - 00000000 ____D C:\WINDOWS\system32\log
2016-01-05 15:06 - 2015-07-24 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Enhanced Edition
2016-01-05 15:06 - 2015-03-03 22:06 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-01-05 15:00 - 2014-11-30 19:55 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-05 14:52 - 2015-09-02 17:52 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2016-01-05 11:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Files in the root of some directories =======

2015-01-21 00:01 - 2015-01-21 16:16 - 0020908 _____ () C:\Users\PC\AppData\Roaming\PC.txt
2015-09-27 21:39 - 2015-09-27 21:39 - 0000000 ___SH () C:\Users\PC\AppData\Local\LumaEmu
2015-04-20 13:18 - 2015-04-20 15:16 - 0007598 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-13 08:11

==================== End of FRST.txt ============================

[JaRon]

citat:
•Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
•Oznacte jen moznost "Remove disinfection tools"
•kliknete na Run

a mame hotovo

[Georgo]

Skvele,
mnohokráte diky za to, ze jste
verim, ze to kamarádka oceni i příspěvkem na provoz fora