Preventivka

[23blanik]

Prosím o kontrolu:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Honza23 (administrator) on HONZA23-PC (14-05-2016 11:23:51)
Running from C:\Users\Honza23\Downloads
Loaded Profiles: Honza23 (Available Profiles: Honza23)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\Honza23\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe [3417984 2012-05-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [Spotify Web Helper] => C:\Users\Honza23\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [Spotify] => C:\Users\Honza23\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3f99195e-c7a7-11e2-9436-50465ddb6ba6} - D:\Startme.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2012-12-29]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{18D44DDA-06E2-4F99-9D62-746A56FE921E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F82387F8-5F6F-46FD-86D4-E0E490677D0B}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1544955830-4211015516-3942192515-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picaso\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\searchplugins\seznam-avast.xml [2015-02-20]
FF Extension: Adblock Plus - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-12]

Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hppp&ts=1423487607&from=ild&uid=ST9500325AS_S2WMA2ENXXXXS2WMA2EN
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => No File
CHR Plugin: (Picasa) - E:\Picaso\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => No File
CHR Profile: C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-13] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{0C808377-8C23-44ED-9016-05F42E6D4900}\Installer\InstallerService.exe [125288 2013-09-17] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (ZD Secret Incorporated)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-13] (AVAST Software)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-03] () [File not signed]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-15] (Duplex Secure Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-14 11:23 - 2016-05-14 11:24 - 00020297 _____ C:\Users\Honza23\Downloads\FRST.txt
2016-05-14 11:23 - 2016-05-14 11:23 - 00000000 ____D C:\FRST
2016-05-14 11:19 - 2016-05-14 11:19 - 02381312 _____ (Farbar) C:\Users\Honza23\Downloads\FRST64.exe
2016-05-14 08:00 - 2016-05-14 08:01 - 01107968 _____ C:\Users\Honza23\Downloads\RSIT.exe
2016-05-14 07:57 - 2016-05-14 07:58 - 01222144 _____ C:\Users\Honza23\Downloads\RSITx64.exe
2016-05-12 21:39 - 2016-05-12 22:21 - 734754816 _____ C:\Users\Honza23\Downloads\Crash---David-Cronenberg(1996).avi
2016-05-11 17:05 - 2016-05-14 08:01 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-05-11 00:31 - 2016-05-11 01:02 - 04093925 _____ C:\Users\Honza23\Downloads\ManorBread_template_0605.pptx
2016-05-07 22:56 - 2016-05-13 00:16 - 00000000 ____D C:\Users\Honza23\Downloads\Subs
2016-05-07 21:35 - 2016-05-07 22:06 - 567181824 _____ C:\Users\Honza23\Downloads\waltz-with-bashir-valcik-s-basirem-animovany-drama-valecny-Sachallin.avi
2016-05-07 21:33 - 2016-05-07 21:33 - 00059196 _____ C:\Users\Honza23\Downloads\Waltz.With.Bashir.LIMITED.DVDRip.XviD-DMT [mininova].torrent
2016-05-07 21:29 - 2016-05-07 21:29 - 02841744 _____ (Torrents Time ) C:\Users\Honza23\Downloads\torrentsTime-download.exe
2016-04-29 14:51 - 2016-04-29 14:52 - 01885197 _____ C:\Users\Honza23\Downloads\Rocni hodnocení 2016.pptx
2016-04-29 14:41 - 2016-04-29 14:47 - 00013345 _____ C:\Users\Honza23\Downloads\Dochazka_duben_Šafářová.xlsx
2016-04-28 16:12 - 2016-04-28 16:12 - 00000000 ____D C:\Users\Honza23\AppData\Local\{9284DD50-F500-4A21-BEED-3E43AB8CDF31}
2016-04-24 18:31 - 2016-04-27 15:23 - 00000000 ____D C:\Users\Honza23\Desktop\Nová složka
2016-04-24 18:26 - 2016-04-24 18:26 - 00000000 ____D C:\Users\Honza23\Documents\Adobe
2016-04-24 18:22 - 2016-04-24 18:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-24 18:21 - 2016-04-24 18:21 - 00002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-bit.lnk
2016-04-24 18:21 - 2016-04-24 18:21 - 00002027 _____ C:\Users\Public\Desktop\Lightroom 5.7.1 64-bit.lnk
2016-04-24 18:20 - 2016-04-24 18:20 - 00000000 ____D C:\Program Files\Adobe
2016-04-20 23:24 - 2016-04-20 23:24 - 00000000 ____D C:\Users\Honza23\Desktop\Adobe
2016-04-20 23:12 - 2016-04-20 23:20 - 1003845736 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\Lightroom_5_LS11_win_5_7_1.exe
2016-04-20 22:39 - 2016-04-20 22:47 - 1003845736 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\Nepotvrzeno 286831.crdownload
2016-04-20 22:37 - 2016-04-20 22:37 - 00665776 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\CreativeCloudSet-Up.exe
2016-04-20 17:50 - 2016-04-20 17:50 - 00000000 ____D C:\Users\Honza23\Desktop\Staré dokumenty
2016-04-19 19:15 - 2016-04-19 19:15 - 07104860 _____ C:\Users\Honza23\Downloads\Manual-Opel-Signum.pdf
2016-04-19 17:49 - 2016-04-19 17:49 - 00000000 ____D C:\Users\Honza23\AppData\Local\{3D087BBC-F599-47B9-B2EC-3B229F6A910E}
2016-04-14 16:22 - 2016-04-14 16:58 - 00000000 ____D C:\Users\Honza23\Desktop\3 sestry

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-14 11:24 - 2012-06-27 14:17 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-14 10:42 - 2015-02-04 10:40 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-14 10:16 - 2009-07-14 06:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-14 10:16 - 2009-07-14 06:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-14 10:10 - 2013-05-16 23:18 - 00000380 _____ C:\Users\Honza23\AppData\Roaming\sp_data.sys
2016-05-14 08:20 - 2011-02-19 07:36 - 00672408 _____ C:\windows\system32\perfh005.dat
2016-05-14 08:20 - 2011-02-19 07:36 - 00142972 _____ C:\windows\system32\perfc005.dat
2016-05-14 08:20 - 2009-07-14 07:13 - 01593238 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-14 08:20 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-14 08:14 - 2014-09-03 11:17 - 00000000 ____D C:\Users\Honza23\AppData\Roaming\Spotify
2016-05-14 08:12 - 2015-02-04 10:40 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-14 08:12 - 2014-09-03 11:18 - 00000000 ____D C:\Users\Honza23\AppData\Local\Spotify
2016-05-14 08:12 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-14 08:02 - 2015-02-10 11:09 - 00000000 ____D C:\Program Files\trend micro
2016-05-13 22:02 - 2012-06-27 14:17 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 22:02 - 2012-06-27 14:17 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 22:02 - 2012-06-27 14:17 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 01:45 - 2013-06-03 14:28 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 16:37 - 2013-06-03 14:27 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 16:37 - 2013-06-03 14:27 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:35 - 2013-05-16 23:18 - 00000000 ___HD C:\ASUS.DAT
2016-05-11 16:34 - 2016-04-12 14:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-11 16:34 - 2013-05-22 21:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 09:10 - 2014-05-31 08:38 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-07 15:30 - 2015-01-11 19:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-27 12:27 - 2014-03-09 19:27 - 00000000 ____D C:\Users\Honza23\AppData\Local\Windows Live
2016-04-24 18:39 - 2013-05-22 21:48 - 00000000 ____D C:\Users\Honza23\AppData\Roaming\Adobe
2016-04-24 18:25 - 2013-05-23 16:49 - 00000000 ____D C:\Users\Honza23\AppData\Local\Adobe
2016-04-24 18:22 - 2012-06-27 14:18 - 00000000 ____D C:\ProgramData\Adobe
2016-04-21 15:05 - 2014-06-04 21:19 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-05-23 16:54 - 2013-05-23 16:54 - 0000021 _____ () C:\Users\Honza23\AppData\Roaming\my_intel.sys
2013-05-16 23:18 - 2016-05-14 10:10 - 0000380 _____ () C:\Users\Honza23\AppData\Roaming\sp_data.sys
2015-12-30 17:26 - 2015-12-30 17:26 - 0033193 _____ () C:\Users\Honza23\AppData\Roaming\UserTile.png
2013-12-08 21:45 - 2015-01-08 19:49 - 0005632 _____ () C:\Users\Honza23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-19 21:10 - 2015-12-11 17:29 - 0007597 _____ () C:\Users\Honza23\AppData\Local\Resmon.ResmonCfg
2012-06-27 14:32 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-12-29 16:17 - 2012-12-29 16:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-12-29 16:16 - 2012-12-29 16:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-12-29 16:15 - 2012-12-29 16:15 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Honza23\AppData\Local\Temp\Quarantine.exe
C:\Users\Honza23\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-08 13:08

==================== End of FRST.txt ============================

[altrok]

Krasny den Vam preju


Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku?


Doinstalujte dulezite aktualizace operacniho systemu.


Odinstalujte

• Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

[23blanik]

Zdravím, je preventivka. Po skenu ADW byly tabulka s výsledky prázdná.
# AdwCleaner v5.116 - Log soubor vytvořen 19/05/2016 o 16:19:53
# Aktualizováno 09/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Honza23 - HONZA23-PC
# Spuštěno z : C:\Users\Honza23\Desktop\adwcleaner_5.116.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****

[-] Soubor smazáno : C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] Soubor smazáno : C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****


***** [ Webové prohlížeče ] *****


*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3496 bytes] - [15/05/2016 09:49:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [2336 bytes] - [15/05/2016 10:03:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [1225 bytes] - [19/05/2016 16:19:53]
C:\AdwCleaner\AdwCleaner[R0].txt - [10829 bytes] - [10/02/2015 11:33:29]
C:\AdwCleaner\AdwCleaner[R1].txt - [1445 bytes] - [04/03/2015 15:08:38]
C:\AdwCleaner\AdwCleaner[R2].txt - [1037 bytes] - [10/03/2015 16:47:56]
C:\AdwCleaner\AdwCleaner[R3].txt - [1341 bytes] - [20/03/2015 20:41:31]
C:\AdwCleaner\AdwCleaner[R4].txt - [2002 bytes] - [05/07/2015 23:53:44]
C:\AdwCleaner\AdwCleaner[R5].txt - [1552 bytes] - [15/07/2015 12:43:53]
C:\AdwCleaner\AdwCleaner[R6].txt - [1584 bytes] - [23/07/2015 15:50:42]
C:\AdwCleaner\AdwCleaner[R7].txt - [1731 bytes] - [31/08/2015 13:07:29]
C:\AdwCleaner\AdwCleaner[R8].txt - [1790 bytes] - [31/08/2015 13:18:01]
C:\AdwCleaner\AdwCleaner[R9].txt - [1746 bytes] - [31/08/2015 13:56:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [9136 bytes] - [10/02/2015 11:35:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [4952 bytes] - [04/03/2015 15:15:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [4580 bytes] - [10/03/2015 16:50:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [3527 bytes] - [20/03/2015 20:54:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [4458 bytes] - [05/07/2015 23:58:20]
C:\AdwCleaner\AdwCleaner[S5].txt - [1581 bytes] - [15/07/2015 12:59:32]
C:\AdwCleaner\AdwCleaner[S6].txt - [1819 bytes] - [31/08/2015 13:22:31]
C:\AdwCleaner\AdwCleaner[S7].txt - [1812 bytes] - [31/08/2015 14:45:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2613 bytes] ##########

[altrok]

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

[23blanik]

Udělal jsem MBAM sken disků za bezmála 3 hod. log ADW zde, důležité aktualizace se nepodařilo:
# AdwCleaner v5.116 - Log soubor vytvořen 19/05/2016 o 21:28:10
# Aktualizováno 09/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Honza23 - HONZA23-PC
# Spuštěno z : C:\Users\Honza23\Desktop\adwcleaner_5.116.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****


***** [ Webové prohlížeče ] *****


*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3496 bytes] - [15/05/2016 09:49:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [2336 bytes] - [15/05/2016 10:03:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [2692 bytes] - [19/05/2016 16:19:53]
C:\AdwCleaner\AdwCleaner[C4].txt - [1016 bytes] - [19/05/2016 21:28:10]
C:\AdwCleaner\AdwCleaner[R0].txt - [10829 bytes] - [10/02/2015 11:33:29]
C:\AdwCleaner\AdwCleaner[R1].txt - [1445 bytes] - [04/03/2015 15:08:38]
C:\AdwCleaner\AdwCleaner[R2].txt - [1037 bytes] - [10/03/2015 16:47:56]
C:\AdwCleaner\AdwCleaner[R3].txt - [1341 bytes] - [20/03/2015 20:41:31]
C:\AdwCleaner\AdwCleaner[R4].txt - [2002 bytes] - [05/07/2015 23:53:44]
C:\AdwCleaner\AdwCleaner[R5].txt - [1552 bytes] - [15/07/2015 12:43:53]
C:\AdwCleaner\AdwCleaner[R6].txt - [1584 bytes] - [23/07/2015 15:50:42]
C:\AdwCleaner\AdwCleaner[R7].txt - [1731 bytes] - [31/08/2015 13:07:29]
C:\AdwCleaner\AdwCleaner[R8].txt - [1790 bytes] - [31/08/2015 13:18:01]
C:\AdwCleaner\AdwCleaner[R9].txt - [1746 bytes] - [31/08/2015 13:56:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [9136 bytes] - [10/02/2015 11:35:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [4952 bytes] - [04/03/2015 15:15:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [4580 bytes] - [10/03/2015 16:50:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [3527 bytes] - [20/03/2015 20:54:27]
C:\AdwCleaner\AdwCleaner[S4].txt - [4458 bytes] - [05/07/2015 23:58:20]
C:\AdwCleaner\AdwCleaner[S5].txt - [3884 bytes] - [15/07/2015 12:59:32]
C:\AdwCleaner\AdwCleaner[S6].txt - [1819 bytes] - [31/08/2015 13:22:31]
C:\AdwCleaner\AdwCleaner[S7].txt - [1812 bytes] - [31/08/2015 14:45:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2404 bytes] ##########

[altrok]

Udělal jsem MBAM sken disků za bezmála 3 hod.

A co MBAM nalezl? Vlozte z nej log (vlozil jste znovu log z AdwCleaneru).


Spustte MBAM -> zalozka History -> vlevo Application Logs -> tam pohledejte Scan Log -> pokud nejaky takovy bude, dvakrat na nej poklepejte -> Export a ulozte jako .txt

[23blanik]

log zde:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, Remediation Database, 2015.8.28.2, 2016.5.17.3,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, IP Database, 2015.7.24.3, 2016.5.18.2,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, Domain Database, 2015.7.24.2, 2016.5.19.5,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, Rootkit Database, 2015.8.16.1, 2016.5.6.1,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, AKA IP Database, 2015.8.29.1, 2015.9.11.2,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, AKA Domain Database, 2015.8.31.3, 2015.9.11.2,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, Malware Database, 2015.8.31.3, 2016.5.19.3,
Update, 19.5.2016 17:53, SYSTEM, HONZA23-PC, Manual, program, 2.1.8.1057, 2.2.1.0,
Protection, 19.5.2016 17:57, SYSTEM, HONZA23-PC, Protection, Malware Protection, Starting,
Protection, 19.5.2016 17:57, SYSTEM, HONZA23-PC, Protection, Malware Protection, Started,
Protection, 19.5.2016 17:57, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 17:57, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Manual, Remediation Database, 2016.2.12.1, 2016.5.17.3,
Update, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Manual, IP Database, 2016.2.8.1, 2016.5.18.2,
Update, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Manual, Domain Database, 2016.2.16.8, 2016.5.19.5,
Update, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Manual, Rootkit Database, 2016.2.8.1, 2016.5.6.1,
Update, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Manual, Malware Database, 2016.2.16.6, 2016.5.19.3,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 17:58, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Scheduler, Malware Database, 2016.5.19.3, 2016.5.19.4,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 18:01, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Scan, 19.5.2016 18:19, SYSTEM, HONZA23-PC, Context, Začátek: 19.5.2016 17:58, Doba trvání: 19 min 5 sekund, Sken hrozeb, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 1,
Protection, 19.5.2016 18:21, SYSTEM, HONZA23-PC, Protection, Malware Protection, Starting,
Protection, 19.5.2016 18:21, SYSTEM, HONZA23-PC, Protection, Malware Protection, Started,
Protection, 19.5.2016 18:21, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 18:21, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 18:55, SYSTEM, HONZA23-PC, Scheduler, Domain Database, 2016.5.19.5, 2016.5.19.6,
Protection, 19.5.2016 18:55, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 18:55, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 18:55, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 18:56, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 18:56, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 18:56, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 20:52, SYSTEM, HONZA23-PC, Scheduler, Domain Database, 2016.5.19.6, 2016.5.19.7,
Protection, 19.5.2016 20:52, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 20:52, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 20:52, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 20:53, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 20:53, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 20:53, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Scheduler, Malware Database, 2016.5.19.4, 2016.5.19.5,
Protection, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 21:13, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 21:14, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Scan, 19.5.2016 21:14, SYSTEM, HONZA23-PC, Manual, Začátek: 19.5.2016 18:24, Doba trvání: 2 hod 46 min 0 s, Vlastní sken, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 31,
Protection, 19.5.2016 21:15, SYSTEM, HONZA23-PC, Protection, Malware Protection, Starting,
Protection, 19.5.2016 21:15, SYSTEM, HONZA23-PC, Protection, Malware Protection, Started,
Protection, 19.5.2016 21:15, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 21:16, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Protection, 19.5.2016 21:29, SYSTEM, HONZA23-PC, Protection, Malware Protection, Starting,
Protection, 19.5.2016 21:29, SYSTEM, HONZA23-PC, Protection, Malware Protection, Started,
Protection, 19.5.2016 21:29, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 21:30, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,
Update, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Scheduler, Domain Database, 2016.5.19.7, 2016.5.19.8,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Refresh, Starting,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopping,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Stopped,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Refresh, Success,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Starting,
Protection, 19.5.2016 22:16, SYSTEM, HONZA23-PC, Protection, Malicious Website Protection, Started,

[altrok]

Tohle jse seznam logu - poprosim Vas, abyste rozklikl tyto logy a nasledne je ulozil jako txt (a vlozil je sem na forum):

Scan, 19.5.2016 18:19, SYSTEM, HONZA23-PC, Context, Začátek: 19.5.2016 17:58, Doba trvání: 19 min 5 sekund, Sken hrozeb, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 1,
Scan, 19.5.2016 21:14, SYSTEM, HONZA23-PC, Manual, Začátek: 19.5.2016 18:24, Doba trvání: 2 hod 46 min 0 s, Vlastní sken, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 31,

[23blanik]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19.5.2016
Čas skenování: 21:13
Protokol: logmbam.txt
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2016.05.19.05
Databáze rootkitů: v2016.05.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza23

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 526333
Uplynulý čas: 2 hod, 46 min, 0 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19.5.2016
Čas skenování: 17:58
Protokol: logmbam1.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.19.03
Databáze rootkitů: v2016.05.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza23

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 301996
Uplynulý čas: 19 min, 5 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.Conduit, C:\Users\Honza23\Downloads\zafwSetupWeb_132_015_000.exe, Do karantény, [15aaecebb5e4c1751c2c00af9f62dc24],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[altrok]

Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/

• spustte jako spravce
• nahore prejdete na zalozku Scan
• vpravo dole kliknete na Start Scan (potrva az nekolik desitek minut)
• vlevo dole vyberte Open Report
• vpravo dole Export TXT
• report ulozte na plochu a jeho obsah vlozte do pristi odpovedi

[23blanik]

Díky za trpělivost:

RogueKiller V12.2.1.0 [May 16 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Honza23 [Práva správce]
Started from : C:\Users\Honza23\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 05/20/2016 13:31:48

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1544955830-4211015516-3942192515-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1544955830-4211015516-3942192515-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : https://www.seznam.cz/?clid=22668 -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Startup][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] giqmo9xt.default : user_pref("browser.startup.homepage", "https://www.seznam.cz/"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] b282367436e525e39acd35d8e63ce479
[BSP] c7d5fdef6270b74558f3b7bc949c4fb5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 52430848 | Size: 100 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 52635648 | Size: 190776 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 443344896 | Size: 260463 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[altrok]

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

[23blanik]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:19-05-2016
Ran by Honza23 (2016-05-20 13:55:42)
Running from C:\Users\Honza23\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-05-16 21:18:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1544955830-4211015516-3942192515-500 - Administrator - Disabled)
Guest (S-1-5-21-1544955830-4211015516-3942192515-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1544955830-4211015516-3942192515-1002 - Limited - Enabled)
Honza23 (S-1-5-21-1544955830-4211015516-3942192515-1000 - Administrator - Enabled) => C:\Users\Honza23

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\uTorrent) (Version: 3.4.2.31536 - BitTorrent Inc.)
123 Free Solitaire 2008 v6.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames.com)
3G HSDPA Modem (HKLM-x32\...\3G HSDPA Modem) (Version: 1.0.0.1 - 3G HSDPA Modem)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.2 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.2.97 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Battle.net (HKLM-x32\...\Battle.net) (Version: - )
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version: - Oberon Media)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version: - Oberon Media)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mahjong Memoirs (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}) (Version: - Oberon Media)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.104.02020 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.104.02020 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
Need For Speed Hot Pursuit 2 Demo (HKLM-x32\...\InstallShield_{69EA6470-D4D3-49A3-89C8-0530C416ADB9}) (Version: 1.00.0000 - Electronic Arts, Inc.)
Need For Speed Hot Pursuit 2 Demo (x32 Version: 1.00.0000 - Electronic Arts, Inc.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Pharaoh (HKLM-x32\...\Pharaoh) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
rajče průvodce verze 1.59.48.263 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Seznam Software (HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Spotify (HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version: - Oberon Media)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.32 - ASUS)
Worms World Party (HKLM-x32\...\InstallShield_{0F6E17CB-0565-44A7-8C36-941EA56B215E}) (Version: 1.00.000 - Název společnosti:)
Worms World Party (x32 Version: 1.00.000 - Název společnosti:) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0096EEE7-756E-48F7-BA44-4D698386714A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {18757D91-6503-4731-9411-80EB09908524} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-13] (AVAST Software)
Task: {18DD9090-ABBA-4B3F-BFCB-CEAEB5330E33} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {1A8474FA-6862-4966-95DB-D87C0B3BEEA4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-05-16] (ASUS)
Task: {20EC82D1-A0D2-40D6-A35B-FB890B417F0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {2818EF84-13E5-4F6C-B7E5-735CAD0BB6B1} - System32\Tasks\{C52F011B-8983-4AB7-9013-50A878EC80A0} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
Task: {2A821617-A068-4B35-A773-80CE06B6AF9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {42062429-B81A-4233-A7B9-3FAD216385D3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {434F761C-9A6F-41B8-8073-C096168C0B83} - System32\Tasks\{19494ED3-405A-4563-9276-5DC6A3BAD89A} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
Task: {43BB3455-845F-41C6-83A4-19936A1FD065} - System32\Tasks\{D4109F31-A24F-48D8-9BF7-195929BE504C} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {464BD720-7D04-4F96-982A-4A45E5EA4322} - System32\Tasks\{1B964C43-BDC8-4CE6-B029-36A84C506C22} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {5583816C-8AD5-4B18-ABB7-021BD83E9114} - System32\Tasks\ASUS Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-07-11] (ASUSTeK Computer Inc.)
Task: {595CF607-E84D-4563-889D-98A0237AEC91} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-26] (ASUSTek Computer Inc.)
Task: {62F6934B-B3C2-45CC-98F7-AE073B6D05B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {6A5C8C15-A964-4ACE-8F68-CC4459C602AD} - System32\Tasks\{111349EA-DB34-460D-97C9-033316DF8DC4} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-07-11] (ASUSTeK Computer Inc.)
Task: {7A4DFE23-3213-4082-A2F2-BA588E8EBAD5} - System32\Tasks\{83388A5B-6ADD-4697-93AF-DDDC7723EB0D} => pcalua.exe -a C:\windows\system32\pcwrun.exe -c "C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe"
Task: {7CFFD3A0-4EB2-42E8-A063-68A27BC97162} - System32\Tasks\{50848112-E467-4994-94B2-9141DBF125AD} => pcalua.exe -a C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\Honza23\Downloads
Task: {7E285B64-0885-4878-9D49-37A3AFD37398} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-21] (ASUSTeK Computer Inc.)
Task: {7F0F5A1A-5528-4E01-AB18-D99AD71584C0} - System32\Tasks\{FDC82A4D-0583-4404-9D0F-83B4FA84B271} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {81B83B70-C236-49E5-B427-B13CF0EEE1BA} - System32\Tasks\{D4F7C290-60E9-4592-8CAC-9BF4BE16B187} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {8D08DD06-415A-4D14-9307-847537CBC604} - System32\Tasks\{075FCC47-23E3-4B64-976A-3D8A23CAB056} => pcalua.exe -a "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013\WMP x264 Codec Pack.exe" -d "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013"
Task: {985D1402-81DB-4972-8CB7-81B54BF8D0BB} - System32\Tasks\{5F7BB92A-A13E-4E3F-AAC4-54C68ABB03F0} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {A35DBAA5-6DB7-4CEE-94C6-3E5055CC295B} - System32\Tasks\{83C4A4D3-14C4-4DA7-940B-41A87A95B7AE} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {C5B68A18-5D63-454B-B215-983DE7792AB8} - System32\Tasks\{B64216B4-14F2-485E-AE3C-6B75DE096E13} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {E580C377-879A-4880-A84A-26A95215BF6E} - System32\Tasks\{928F114D-7A82-4ADE-A7A3-2E6ACA7EE4B8} => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-07-11] (ASUSTeK Computer Inc.)
Task: {F0189561-A568-435E-898F-DE400F2ADDB4} - System32\Tasks\{66241A78-0513-45DA-ABA2-B53364604118} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()
Task: {F42BC3E7-7934-4CF2-97EB-1586ADD933B7} - System32\Tasks\{132F5DB5-9051-4531-B8EA-F6308BD31AAB} => pcalua.exe -a C:\Users\Honza23\Downloads\mozilla-firefox-lista-centrumcz.exe -d C:\Users\Honza23\Downloads
Task: {F704115B-F865-47D9-9724-27C12563A3C6} - System32\Tasks\{55E66DE4-D0E2-4D83-9254-129E44C375BC} => C:\Program Files (x86)\3G HSDPA Modem\3G HSDPA Modem.exe [2013-02-20] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-12-08 17:37 - 2014-09-05 09:40 - 00138272 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-12-08 17:37 - 2014-09-05 09:40 - 00219680 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2010-07-15 02:11 - 2010-07-15 02:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ACVsWin.dll
2016-05-20 13:09 - 2016-05-20 13:09 - 19840072 _____ () C:\Users\Honza23\Desktop\RogueKiller.exe
2015-10-13 14:33 - 2015-10-13 14:33 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-13 14:33 - 2015-10-13 14:33 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-19 09:44 - 2016-05-19 09:44 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\16051802\algo.dll
2012-06-08 00:12 - 2012-06-08 00:12 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 19:57 - 2010-08-20 19:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-01-31 19:25 - 2012-01-31 19:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2015-10-13 14:33 - 2015-10-13 14:33 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-15 19:18 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza23\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Family Tree Builder Update => E:\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BC730CD3-E9C2-45F0-9B9E-D9961E454E60}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{434FEAF6-A216-49B6-8B65-3E3F786847A3}] => (Allow) LPort=2869
FirewallRules: [{033A3CC7-D7D2-45A6-915A-3854CFB38592}] => (Allow) LPort=1900
FirewallRules: [{9660FC64-B474-4D10-A4B3-100C553CDAAE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{910DBCF1-9BDA-482E-B378-D7FC866CB4DD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2B3EFFB7-5B31-4F30-A1C7-EC0C7BCCA57B}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{94015BAB-F4E3-4AC9-9ED3-F1DB247DF22F}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{99E56821-A8DF-4896-8CB1-66BFC0CEBF53}] => (Allow) C:\windows\explorer.exe
FirewallRules: [{28EB37FE-B1E6-46A6-99D2-9B38AB573406}] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [{2331594B-599F-40AE-9383-049DFEC99B7D}] => (Allow) C:\Users\Honza23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AA400328-3464-4778-B9CE-CE9B43A092A7}] => (Allow) C:\Users\Honza23\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{C0548B95-04F2-4848-A059-37E98D65E7A2}C:\users\honza23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1290B83C-65B3-486D-BDC8-DBDE9B117C70}C:\users\honza23\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\honza23\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{81204A75-DA35-4CEA-8CD4-34627C519383}C:\users\honza23\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\honza23\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A63C4462-AAC1-4E4A-BEA1-6EE3B84F40D5}C:\users\honza23\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\honza23\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0BD9D5DA-0130-4774-9A53-06D3F7B26003}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{25DDC384-D2EC-4760-97BE-58D0C9C2343E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B49319BD-5450-478F-BC1F-29D1DC18485D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5295F5B7-D04A-49B7-9A9C-68B2AF31CA56}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{930F106D-000B-4B1E-AEA6-518630AEA751}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CE8AA26B-3C8B-48A8-A3A6-A90547D0D443}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9D7AA9A6-62A9-4A41-8722-B70EC8821B65}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9B9AE756-BEF9-4E11-AAC2-A23176033B0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A59CFE08-A805-44C6-AA6F-608A8F18AA06}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66FA9034-3EAA-4FB7-A845-2BECD584C18F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

15-05-2016 09:57:20 Removed Skype Click to Call
15-05-2016 09:58:52 Removed Skype Click to Call
16-05-2016 21:51:17 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2016 06:47:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program PhotoScreensaver.scr verze 6.1.7601.17514 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1328

Čas spuštění: 01d1b1ec347db1c6

Čas ukončení: 94

Cesta k aplikaci: C:\windows\system32\PhotoScreensaver.scr

ID hlášení: 40741e11-1de1-11e6-8166-50465ddb6ba6

Error: (05/13/2016 10:02:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1640
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (05/07/2016 02:40:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1488
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/22/2016 04:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x228c
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/22/2016 04:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1e90
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/20/2016 08:38:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1638
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/20/2016 05:04:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1750
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/19/2016 05:26:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1a20
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/15/2016 04:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1b40
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3

Error: (04/12/2016 05:00:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GWXUX.exe, verze: 6.3.9600.18064, časové razítko: 0x56042d8f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19018, časové razítko: 0x560a0083
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004ac04
ID chybujícího procesu: 0x1afc
Čas spuštění chybující aplikace: 0xGWXUX.exe0
Cesta k chybující aplikaci: GWXUX.exe1
Cesta k chybujícímu modulu: GWXUX.exe2
ID zprávy: GWXUX.exe3


System errors:
=============
Error: (05/20/2016 01:11:57 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Windows\System32\drivers\TrueSight.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (05/20/2016 10:43:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (05/20/2016 10:42:18 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (05/19/2016 09:30:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastVBox COM Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (05/19/2016 09:30:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AvastVBox COM Service bylo dosaženo časového limitu (30000 ms).

Error: (05/19/2016 09:30:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053AvastVBoxSvc{F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (05/19/2016 09:30:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (05/19/2016 09:28:48 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (05/19/2016 09:28:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2016 09:28:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B820 @ 1.70GHz
Percentage of memory in use: 53%
Total physical RAM: 6048.13 MB
Available physical RAM: 2787.08 MB
Total Virtual: 12094.46 MB
Available Virtual: 9135.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:63.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:254.36 GB) (Free:217.41 GB) NTFS
Drive f: (LANDA) (CDROM) (Total:7.35 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-05-2016
Ran by Honza23 (administrator) on HONZA23-PC (20-05-2016 13:54:47)
Running from C:\Users\Honza23\Desktop
Loaded Profiles: Honza23 (Available Profiles: Honza23)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\Honza23\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Honza23\Desktop\RogueKiller.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-06-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\AsusWSPanel.exe [3417984 2012-05-17] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [Spotify Web Helper] => C:\Users\Honza23\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\Run: [Spotify] => C:\Users\Honza23\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3f99195e-c7a7-11e2-9436-50465ddb6ba6} - D:\Startme.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.2.97\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2012-12-29]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{18D44DDA-06E2-4F99-9D62-746A56FE921E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4BEFD505-647D-4AD0-90FC-8C43D4CCE8E3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9ABF9E5E-300B-481F-8A24-4335870CBA37}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{F82387F8-5F6F-46FD-86D4-E0E490677D0B}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1544955830-4211015516-3942192515-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-28] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

FireFox:
========
FF ProfilePath: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> E:\Picaso\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-09] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2013-02-14] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\searchplugins\seznam-avast.xml [2015-02-20]
FF Extension: Adblock Plus - C:\Users\Honza23\AppData\Roaming\Mozilla\Firefox\Profiles\giqmo9xt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-12]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => No File
CHR Plugin: (Picasa) - E:\Picaso\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => No File
CHR Profile: C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza23\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-13] (Avast Software)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{0C808377-8C23-44ED-9016-05F42E6D4900}\Installer\InstallerService.exe [125288 2013-09-17] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (ZD Secret Incorporated)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-20] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-13] (AVAST Software)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-03] () [File not signed]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-15] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-05-20] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-20 13:54 - 2016-05-20 13:55 - 00018638 _____ C:\Users\Honza23\Desktop\FRST.txt
2016-05-20 13:54 - 2016-05-20 13:54 - 00000000 ____D C:\Users\Honza23\Desktop\FRST-OlderVersion
2016-05-20 13:11 - 2016-05-20 13:11 - 00024688 _____ C:\windows\system32\Drivers\TrueSight.sys
2016-05-20 13:11 - 2016-05-20 13:11 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-20 13:09 - 2016-05-20 13:09 - 19840072 _____ C:\Users\Honza23\Desktop\RogueKiller.exe
2016-05-20 11:04 - 2016-05-20 11:04 - 00003894 _____ C:\mbamlog 20.5.txt
2016-05-20 11:02 - 2016-05-20 11:02 - 00007190 _____ C:\mbam log.txt
2016-05-20 09:26 - 2016-05-20 09:26 - 00000785 _____ C:\Users\Public\Desktop\123 Free Solitaire.lnk
2016-05-20 09:26 - 2016-05-20 09:26 - 00000785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire.lnk
2016-05-20 09:26 - 2016-05-20 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire
2016-05-19 17:56 - 2016-05-19 17:56 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-19 16:54 - 2016-05-19 16:54 - 00155107 _____ C:\Users\Honza23\Downloads\Ticketpro-eTicket-5188993.pdf
2016-05-15 09:36 - 2016-05-15 09:36 - 03640384 _____ C:\Users\Honza23\Desktop\adwcleaner_5.116.exe
2016-05-14 11:24 - 2016-05-14 11:25 - 00037664 _____ C:\Users\Honza23\Downloads\Addition.txt
2016-05-14 11:23 - 2016-05-20 13:54 - 00000000 ____D C:\FRST
2016-05-14 11:23 - 2016-05-14 11:25 - 00029123 _____ C:\Users\Honza23\Downloads\FRST.txt
2016-05-14 11:19 - 2016-05-20 13:54 - 02382336 _____ (Farbar) C:\Users\Honza23\Desktop\FRST64.exe
2016-05-14 08:00 - 2016-05-14 08:01 - 01107968 _____ C:\Users\Honza23\Downloads\RSIT.exe
2016-05-14 07:57 - 2016-05-14 07:58 - 01222144 _____ C:\Users\Honza23\Downloads\RSITx64.exe
2016-05-12 21:39 - 2016-05-12 22:21 - 734754816 _____ C:\Users\Honza23\Downloads\Crash---David-Cronenberg(1996).avi
2016-05-11 17:05 - 2016-05-14 08:01 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-05-11 00:31 - 2016-05-11 01:02 - 04093925 _____ C:\Users\Honza23\Downloads\ManorBread_template_0605.pptx
2016-05-07 22:56 - 2016-05-13 00:16 - 00000000 ____D C:\Users\Honza23\Downloads\Subs
2016-05-07 21:35 - 2016-05-07 22:06 - 567181824 _____ C:\Users\Honza23\Downloads\waltz-with-bashir-valcik-s-basirem-animovany-drama-valecny-Sachallin.avi
2016-05-07 21:33 - 2016-05-07 21:33 - 00059196 _____ C:\Users\Honza23\Downloads\Waltz.With.Bashir.LIMITED.DVDRip.XviD-DMT [mininova].torrent
2016-05-07 21:29 - 2016-05-07 21:29 - 02841744 _____ (Torrents Time ) C:\Users\Honza23\Downloads\torrentsTime-download.exe
2016-04-29 14:51 - 2016-04-29 14:52 - 01885197 _____ C:\Users\Honza23\Downloads\Rocni hodnocení 2016.pptx
2016-04-29 14:41 - 2016-04-29 14:47 - 00013345 _____ C:\Users\Honza23\Downloads\Dochazka_duben_Šafářová.xlsx
2016-04-28 16:12 - 2016-04-28 16:12 - 00000000 ____D C:\Users\Honza23\AppData\Local\{9284DD50-F500-4A21-BEED-3E43AB8CDF31}
2016-04-24 18:31 - 2016-04-27 15:23 - 00000000 ____D C:\Users\Honza23\Desktop\Nová složka
2016-04-24 18:26 - 2016-04-24 18:26 - 00000000 ____D C:\Users\Honza23\Documents\Adobe
2016-04-24 18:22 - 2016-04-24 18:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-24 18:21 - 2016-04-24 18:21 - 00002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-bit.lnk
2016-04-24 18:21 - 2016-04-24 18:21 - 00002027 _____ C:\Users\Public\Desktop\Lightroom 5.7.1 64-bit.lnk
2016-04-24 18:20 - 2016-04-24 18:20 - 00000000 ____D C:\Program Files\Adobe
2016-04-20 23:24 - 2016-04-20 23:24 - 00000000 ____D C:\Users\Honza23\Desktop\Adobe
2016-04-20 23:12 - 2016-04-20 23:20 - 1003845736 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\Lightroom_5_LS11_win_5_7_1.exe
2016-04-20 22:39 - 2016-04-20 22:47 - 1003845736 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\Nepotvrzeno 286831.crdownload
2016-04-20 22:37 - 2016-04-20 22:37 - 00665776 _____ (Adobe Systems Incorporated) C:\Users\Honza23\Downloads\CreativeCloudSet-Up.exe
2016-04-20 17:50 - 2016-04-20 17:50 - 00000000 ____D C:\Users\Honza23\Desktop\Staré dokumenty

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-20 13:42 - 2015-02-04 10:40 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-20 13:24 - 2012-06-27 14:17 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-20 12:48 - 2014-06-04 20:32 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-20 10:58 - 2009-07-14 06:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-20 10:58 - 2009-07-14 06:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-20 10:45 - 2014-09-03 11:18 - 00000000 ____D C:\Users\Honza23\AppData\Local\Spotify
2016-05-20 10:45 - 2014-09-03 11:17 - 00000000 ____D C:\Users\Honza23\AppData\Roaming\Spotify
2016-05-20 10:43 - 2015-02-04 10:40 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-20 10:43 - 2013-05-16 23:18 - 00000380 _____ C:\Users\Honza23\AppData\Roaming\sp_data.sys
2016-05-20 10:42 - 2012-06-27 14:27 - 00000000 ____D C:\windows\hr
2016-05-20 10:42 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-20 10:42 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-20 07:33 - 2014-05-31 08:38 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-19 21:28 - 2015-02-10 11:33 - 00000000 ____D C:\AdwCleaner
2016-05-19 17:56 - 2014-06-04 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-19 17:56 - 2014-06-04 20:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-15 15:12 - 2011-02-19 07:36 - 00672408 _____ C:\windows\system32\perfh005.dat
2016-05-15 15:12 - 2011-02-19 07:36 - 00142972 _____ C:\windows\system32\perfc005.dat
2016-05-15 15:12 - 2009-07-14 07:13 - 01593238 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-15 09:59 - 2015-01-11 19:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-15 09:34 - 2014-01-27 19:50 - 00000000 ____D C:\Users\Honza23\AppData\Roaming\Skype
2016-05-14 08:02 - 2015-02-10 11:09 - 00000000 ____D C:\Program Files\trend micro
2016-05-13 22:02 - 2012-06-27 14:17 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 22:02 - 2012-06-27 14:17 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 22:02 - 2012-06-27 14:17 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 01:45 - 2013-06-03 14:28 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 16:37 - 2013-06-03 14:27 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 16:37 - 2013-06-03 14:27 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:35 - 2013-05-16 23:18 - 00000000 ___HD C:\ASUS.DAT
2016-05-11 16:34 - 2016-04-12 14:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-11 16:34 - 2013-05-22 21:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-27 12:27 - 2014-03-09 19:27 - 00000000 ____D C:\Users\Honza23\AppData\Local\Windows Live
2016-04-24 18:39 - 2013-05-22 21:48 - 00000000 ____D C:\Users\Honza23\AppData\Roaming\Adobe
2016-04-24 18:25 - 2013-05-23 16:49 - 00000000 ____D C:\Users\Honza23\AppData\Local\Adobe
2016-04-24 18:22 - 2012-06-27 14:18 - 00000000 ____D C:\ProgramData\Adobe
2016-04-21 15:05 - 2014-06-04 21:19 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-05-23 16:54 - 2013-05-23 16:54 - 0000021 _____ () C:\Users\Honza23\AppData\Roaming\my_intel.sys
2013-05-16 23:18 - 2016-05-20 10:43 - 0000380 _____ () C:\Users\Honza23\AppData\Roaming\sp_data.sys
2015-12-30 17:26 - 2015-12-30 17:26 - 0033193 _____ () C:\Users\Honza23\AppData\Roaming\UserTile.png
2013-12-08 21:45 - 2015-01-08 19:49 - 0005632 _____ () C:\Users\Honza23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-19 21:10 - 2015-12-11 17:29 - 0007597 _____ () C:\Users\Honza23\AppData\Local\Resmon.ResmonCfg
2012-06-27 14:32 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-12-29 16:17 - 2012-12-29 16:18 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-12-29 16:16 - 2012-12-29 16:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-12-29 16:15 - 2012-12-29 16:15 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Honza23\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Honza23\AppData\Local\Temp\libeay32.dll
C:\Users\Honza23\AppData\Local\Temp\msvcr120.dll
C:\Users\Honza23\AppData\Local\Temp\Quarantine.exe
C:\Users\Honza23\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-18 20:37

==================== End of FRST.txt ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  Task: {2818EF84-13E5-4F6C-B7E5-735CAD0BB6B1} - System32\Tasks\{C52F011B-8983-4AB7-9013-50A878EC80A0} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
  Task: {434F761C-9A6F-41B8-8073-C096168C0B83} - System32\Tasks\{19494ED3-405A-4563-9276-5DC6A3BAD89A} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
  Task: {7CFFD3A0-4EB2-42E8-A063-68A27BC97162} - System32\Tasks\{50848112-E467-4994-94B2-9141DBF125AD} => pcalua.exe -a C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\Honza23\Downloads
  Task: {8D08DD06-415A-4D14-9307-847537CBC604} - System32\Tasks\{075FCC47-23E3-4B64-976A-3D8A23CAB056} => pcalua.exe -a "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013\WMP x264 Codec Pack.exe" -d "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013"
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  FirewallRules: [{99E56821-A8DF-4896-8CB1-66BFC0CEBF53}] => (Allow) C:\windows\explorer.exe
  HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
  HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3f99195e-c7a7-11e2-9436-50465ddb6ba6} - D:\Startme.exe
  GroupPolicy: Restriction - Chrome <======= ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
  CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => No File
  CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => No File
  2016-05-20 11:04 - 2016-05-20 11:04 - 00003894 _____ C:\mbamlog 20.5.txt
  2016-05-20 11:02 - 2016-05-20 11:02 - 00007190 _____ C:\mbam log.txt
  2016-05-15 09:36 - 2016-05-15 09:36 - 03640384 _____ C:\Users\Honza23\Desktop\adwcleaner_5.116.exe
  2016-05-14 11:24 - 2016-05-14 11:25 - 00037664 _____ C:\Users\Honza23\Downloads\Addition.txt
  2016-05-14 11:23 - 2016-05-14 11:25 - 00029123 _____ C:\Users\Honza23\Downloads\FRST.txt
  2016-05-14 08:00 - 2016-05-14 08:01 - 01107968 _____ C:\Users\Honza23\Downloads\RSIT.exe
  2016-05-14 07:57 - 2016-05-14 07:58 - 01222144 _____ C:\Users\Honza23\Downloads\RSITx64.exe
  2016-05-11 17:05 - 2016-05-14 08:01 - 00000000 ____D C:\Program Files (x86)\trend micro
  2016-05-19 21:28 - 2015-02-10 11:33 - 00000000 ____D C:\AdwCleaner
  2016-05-14 08:02 - 2015-02-10 11:09 - 00000000 ____D C:\Program Files\trend micro
  Hosts:
  EmptyTemp:
  End

[23blanik]

Fix result of Farbar Recovery Scan Tool (x64) Version:22-05-2016 01
Ran by Honza23 (2016-05-22 20:40:58) Run:1
Running from C:\Users\Honza23\Desktop
Loaded Profiles: Honza23 (Available Profiles: Honza23)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {2818EF84-13E5-4F6C-B7E5-735CAD0BB6B1} - System32\Tasks\{C52F011B-8983-4AB7-9013-50A878EC80A0} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
Task: {434F761C-9A6F-41B8-8073-C096168C0B83} - System32\Tasks\{19494ED3-405A-4563-9276-5DC6A3BAD89A} => C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe [2013-05-23] ()
Task: {7CFFD3A0-4EB2-42E8-A063-68A27BC97162} - System32\Tasks\{50848112-E467-4994-94B2-9141DBF125AD} => pcalua.exe -a C:\Users\Honza23\Downloads\Nokia_PC_Suite_ALL.exe -d C:\Users\Honza23\Downloads
Task: {8D08DD06-415A-4D14-9307-847537CBC604} - System32\Tasks\{075FCC47-23E3-4B64-976A-3D8A23CAB056} => pcalua.exe -a "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013\WMP x264 Codec Pack.exe" -d "E:\Filmy\Vlk z Wall Street\The Wolf of Wall Street 2013"
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{99E56821-A8DF-4896-8CB1-66BFC0CEBF53}] => (Allow) C:\windows\explorer.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {2dc9cb8e-967e-11e3-867b-50465ddb6ba6} - I:\autorun.exe
HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\...\MountPoints2: {3f99195e-c7a7-11e2-9436-50465ddb6ba6} - D:\Startme.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll => No File
2016-05-20 11:04 - 2016-05-20 11:04 - 00003894 _____ C:\mbamlog 20.5.txt
2016-05-20 11:02 - 2016-05-20 11:02 - 00007190 _____ C:\mbam log.txt
2016-05-15 09:36 - 2016-05-15 09:36 - 03640384 _____ C:\Users\Honza23\Desktop\adwcleaner_5.116.exe
2016-05-14 11:24 - 2016-05-14 11:25 - 00037664 _____ C:\Users\Honza23\Downloads\Addition.txt
2016-05-14 11:23 - 2016-05-14 11:25 - 00029123 _____ C:\Users\Honza23\Downloads\FRST.txt
2016-05-14 08:00 - 2016-05-14 08:01 - 01107968 _____ C:\Users\Honza23\Downloads\RSIT.exe
2016-05-14 07:57 - 2016-05-14 07:58 - 01222144 _____ C:\Users\Honza23\Downloads\RSITx64.exe
2016-05-11 17:05 - 2016-05-14 08:01 - 00000000 ____D C:\Program Files (x86)\trend micro
2016-05-19 21:28 - 2015-02-10 11:33 - 00000000 ____D C:\AdwCleaner
2016-05-14 08:02 - 2015-02-10 11:09 - 00000000 ____D C:\Program Files\trend micro
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2818EF84-13E5-4F6C-B7E5-735CAD0BB6B1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2818EF84-13E5-4F6C-B7E5-735CAD0BB6B1}" => key removed successfully
C:\windows\System32\Tasks\{C52F011B-8983-4AB7-9013-50A878EC80A0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C52F011B-8983-4AB7-9013-50A878EC80A0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{434F761C-9A6F-41B8-8073-C096168C0B83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{434F761C-9A6F-41B8-8073-C096168C0B83}" => key removed successfully
C:\windows\System32\Tasks\{19494ED3-405A-4563-9276-5DC6A3BAD89A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{19494ED3-405A-4563-9276-5DC6A3BAD89A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CFFD3A0-4EB2-42E8-A063-68A27BC97162}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CFFD3A0-4EB2-42E8-A063-68A27BC97162}" => key removed successfully
C:\windows\System32\Tasks\{50848112-E467-4994-94B2-9141DBF125AD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{50848112-E467-4994-94B2-9141DBF125AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D08DD06-415A-4D14-9307-847537CBC604}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D08DD06-415A-4D14-9307-847537CBC604}" => key removed successfully
C:\windows\System32\Tasks\{075FCC47-23E3-4B64-976A-3D8A23CAB056} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{075FCC47-23E3-4B64-976A-3D8A23CAB056}" => key removed successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99E56821-A8DF-4896-8CB1-66BFC0CEBF53} => value removed successfully
"HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dc9cb8e-967e-11e3-867b-50465ddb6ba6}" => key removed successfully
HKCR\CLSID\{2dc9cb8e-967e-11e3-867b-50465ddb6ba6} => key not found.
"HKU\S-1-5-21-1544955830-4211015516-3942192515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3f99195e-c7a7-11e2-9436-50465ddb6ba6}" => key removed successfully
HKCR\CLSID\{3f99195e-c7a7-11e2-9436-50465ddb6ba6} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => not found.
C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => not found.
c:\progra~2\mcafee\msc\npmcsn~1.dll => not found.
C:\mbamlog 20.5.txt => moved successfully
C:\mbam log.txt => moved successfully
C:\Users\Honza23\Desktop\adwcleaner_5.116.exe => moved successfully
C:\Users\Honza23\Downloads\Addition.txt => moved successfully
C:\Users\Honza23\Downloads\FRST.txt => moved successfully
C:\Users\Honza23\Downloads\RSIT.exe => moved successfully
C:\Users\Honza23\Downloads\RSITx64.exe => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
C:\AdwCleaner => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 866 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:41:47 ====