easydialsearch+odinstalovanevanie spyhunter4

[kocure]

prosim o pomoc.

prvy problem je easydialsearch v google chrome,ktory som sa snazil odstranit spyhunterom 4.spy hunter ponuka
odstranenie easydialsearch iba pri registracii.chcel som ho odinstalovat ale nedari sa.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ladislav at 2016-06-11 04:52:05
Microsoft Windows 10 Home
System drive C: has 830 GB (91%) free of 911 GB
Total RAM: 3979 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:52:23, on 11.06.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladislav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [NokiaPCInternetAccess] "C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe" /b
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [BingSvc] C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:7f6edac6ad7b6bc80c11f6dd372366bb] "C:\Users\Ladislav\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Ladislav\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted IP range: http://195.28.70.134
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13139 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8d26a935-c0c1-41f9-be77-2fa866462a5e -SystemEventPortName:HostProcess-a2d0c8c3-9129-44ac-a193-1200da1103b6 -IoCancelEventPortName:HostProcess-818b1504-450f-4773-95de-862b7e13ba0f -NonStateChangingEventPortName:HostProcess-fa99f607-e696-4374-b91d-f48f2040e138 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c3a8704d-41de-4440-96c5-9625e7a6a284 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
dashost.exe {24961801-cf2d-4e1f-89b7b40954b5493e}
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\windows\system32\HPSIsvc.exe
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
igfxEM.exe
igfxHK.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\system32\wbem\wmiprvse.exe
service

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.84 --handshake-handle=0x1c8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/CrossDevicePromo/Control/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Disabled/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_65/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="724.0.253543412\1474515522" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4276 --mojo-platform-channel-handle=1424 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/*PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_65/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=FE78FAF649ECAF713044ED3D1A721EAA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="724.13.1220139003\1477909506" --mojo-platform-channel-handle=4000 /prefetch:1
taskeng.exe {7E8164D6-A1DA-453F-977F-96C12E8C8A28}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/*PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_65/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=38E2BEAFCBF710ED6E987EC5CB8E9EF2 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="724.15.1678517062\255285504" --mojo-platform-channel-handle=3880 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 608 612 620 8192 616
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,*UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Default/*PreRead/Default/*QUIC/EnabledMaxBandwidthResumption/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_65/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=B3B2BA79FD486DC6A265FD6B55F892A8 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="724.17.1379137910\328808988" --mojo-platform-channel-handle=6108 /prefetch:1
"C:\Users\Ladislav\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0e4806b4e67da.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0f478b5a27cb5.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d13112c03b0340.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d1628cbc57e26b.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d1ab468c9ed99c.job - C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe /c

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-02-27 6340312]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-14 2233632]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-27 3945672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NokiaPCInternetAccess"=C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [2009-05-26 651264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-06-01 8722136]
"Google Update"=C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
"OneDrive"=C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-24 554184]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-05-17 23496872]
"BingSvc"=C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2016-02-23 144008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"SeznamInstall-uninstall:7f6edac6ad7b6bc80c11f6dd372366bb"=C:\Users\Ladislav\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2016-06-11 534528]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-11 7405752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-11 04:52:05 ----D---- C:\rsit
2016-06-11 03:58:31 ----HD---- C:\OneDriveTemp
2016-06-02 15:51:24 ----SHD---- C:\Config.Msi
2016-05-21 08:31:05 ----A---- C:\WINDOWS\system32\drivers\zamguard64.sys
2016-05-21 08:31:02 ----D---- C:\Program Files (x86)\Zemana AntiMalware
2016-05-21 07:03:55 ----D---- C:\Users\Ladislav\AppData\Roaming\Enigma Software Group
2016-05-21 07:03:35 ----D---- C:\sh4ldr
2016-05-21 07:02:18 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2016-05-21 07:02:05 ----D---- C:\Program Files\Enigma Software Group
2016-05-21 06:22:03 ----A---- C:\WINDOWS\system32\drivers\hitmanpro37.sys
2016-05-21 06:21:41 ----D---- C:\ProgramData\HitmanPro
2016-05-21 05:51:53 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-05-21 05:51:27 ----D---- C:\ProgramData\Malwarebytes
2016-05-21 05:39:37 ----D---- C:\AdwCleaner
2016-05-15 09:17:48 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-05-15 09:17:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-05-15 09:17:18 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-06-11 04:52:12 ----D---- C:\Program Files\trend micro
2016-06-11 04:48:19 ----D---- C:\WINDOWS\Prefetch
2016-06-11 04:28:08 ----D---- C:\WINDOWS\System32
2016-06-11 04:28:08 ----D---- C:\WINDOWS\INF
2016-06-11 04:28:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-11 04:25:57 ----D---- C:\WINDOWS\Temp
2016-06-11 04:25:42 ----D---- C:\Users\Ladislav\AppData\Roaming\Seznam.cz
2016-06-11 04:25:09 ----D---- C:\Program Files (x86)\Seznam.cz
2016-06-11 04:23:05 ----D---- C:\Windows
2016-06-11 04:04:54 ----D---- C:\WINDOWS\debug
2016-06-11 03:57:17 ----D---- C:\WINDOWS\system32\sru
2016-06-10 20:23:57 ----HD---- C:\Program Files\WindowsApps
2016-06-10 20:23:57 ----D---- C:\WINDOWS\AppReadiness
2016-06-10 18:13:24 ----HD---- C:\ProgramData
2016-06-09 17:44:05 ----D---- C:\WINDOWS\system32\config
2016-06-09 17:36:44 ----D---- C:\WINDOWS\system32\DriverStore
2016-06-09 17:35:18 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-05 18:04:52 ----SHD---- C:\System Volume Information
2016-06-02 15:51:40 ----SHD---- C:\WINDOWS\Installer
2016-05-21 10:42:24 ----D---- C:\WINDOWS\system32\drivers
2016-05-21 09:39:00 ----D---- C:\Program Files\Adware-Removal-Tool
2016-05-21 08:31:02 ----RD---- C:\Program Files (x86)
2016-05-21 07:03:50 ----D---- C:\WINDOWS\system32\Tasks
2016-05-21 07:02:05 ----RD---- C:\Program Files
2016-05-21 06:34:27 ----D---- C:\WINDOWS\system32\WDI
2016-05-21 06:12:10 ----D---- C:\WINDOWS\appcompat
2016-05-21 06:11:26 ----D---- C:\Users\Ladislav\AppData\Roaming\FlvtoConverter
2016-05-21 05:29:21 ----D---- C:\WINDOWS\rescache
2016-05-21 05:22:54 ----D---- C:\WINDOWS\WinSxS
2016-05-16 19:24:44 ----D---- C:\WINDOWS\SysWOW64
2016-05-15 17:03:52 ----RSD---- C:\WINDOWS\assembly
2016-05-15 12:37:54 ----D---- C:\WINDOWS\system32\catroot2
2016-05-15 09:17:29 ----D---- C:\ProgramData\AVAST Software
2016-05-14 22:55:36 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-05-14 22:55:36 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-05-14 22:55:36 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\sk-SK
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\oobe
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\migration
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\en-US
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-05-14 22:55:35 ----D---- C:\WINDOWS\system32\appraiser
2016-05-14 22:55:33 ----D---- C:\WINDOWS\Provisioning
2016-05-14 22:55:33 ----D---- C:\WINDOWS\bcastdvr
2016-05-14 22:55:32 ----D---- C:\WINDOWS\AppPatch
2016-05-14 22:55:32 ----D---- C:\Program Files\Windows Journal
2016-05-14 22:55:32 ----D---- C:\Program Files\Internet Explorer
2016-05-14 22:55:32 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-14 12:19:15 ----D---- C:\WINDOWS\CbsTemp
2016-05-14 03:55:59 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-15 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-05-15 287528]
R0 MBI;@oem46.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-05-15 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-05-15 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-15 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-05-15 465792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-15 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-15 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-05-15 166432]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 ACPIVPC;@oem14.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-04-23 84992]
R3 CnxtHdAudService;@oem58.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-05-19 1543912]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2016-05-21 15920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-24 3797424]
R3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem60.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-23 11142984]
R3 rt640x64;@oem57.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RtkBtFilter;@oem59.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-03-11 593624]
R3 RTSUER;@oem52.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
R3 rtsuvc;@oem5.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-02-27 9109720]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 3445248]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-27 42696]
R3 SynTP;@oem63.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-07-27 618696]
R3 TXEIx64;@oem25.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-15 88592]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-04-23 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-20 117248]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-05-21 22704]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [2016-05-21 46960]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;@oem47.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-05-21 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-15 243296]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CxAudMsg;Conexant Audio Message Service; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-24 328616]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-25 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-14 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-14 16894752]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 OneSyncSvc_493ef;Sync Host_493ef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\syswow64\SAsrv.exe [2011-09-01 447104]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-07-27 246472]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-24 290224]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 PimIndexMaintenanceSvc_493ef;Contact Data_493ef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_17649e2;Sync Host_17649e2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2c9d511;Sync Host_2c9d511; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_b30a8;Sync Host_b30a8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2016-05-21 1072296]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_17649e2;MessagingService_17649e2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2c9d511;MessagingService_2c9d511; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_493ef;MessagingService_493ef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_b30a8;MessagingService_b30a8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_17649e2;Contact Data_17649e2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2c9d511;Contact Data_2c9d511; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_b30a8;Contact Data_b30a8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[kocure]

# AdwCleaner v5.119 - Logfile created 11/06/2016 at 08:52:07
# Updated 30/05/2016 by Xplode
# Database : 2016-06-10.1 [Server]
# Operating system : Windows 10 Home (X64)
# Username : Ladislav - LADISLAV
# Running from : C:\Users\Ladislav\Desktop\adwcleaner_5.119.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.so-v.com_0.localstorage
[-] File Deleted : C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.so-v.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.so-v.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\so-v.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.so-v.com
[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\so-v.com

***** [ Web browsers ] *****

[-] [C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : google

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2563 bytes] - [21/05/2016 05:44:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [2474 bytes] - [11/06/2016 08:52:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [2622 bytes] - [21/05/2016 05:39:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [2538 bytes] - [11/06/2016 08:46:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2693 bytes] ##########

[kocure]

problem pretrváva

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[kocure]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
Ran by Ladislav (administrator) on LADISLAV (12-06-2016 10:10:08)
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Platform: Windows 10 Home Version 1511 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google Inc.) C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(© 2015 Microsoft Corporation) C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.41141.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2233632 2014-01-14] (NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-11] (AVAST Software)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [NokiaPCInternetAccess] => C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe [651264 2009-05-26] (Nokia)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [Google Update] => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc.)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [BingSvc] => C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-23] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\RunOnce: [Uninstall C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-15] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{02e16ad8-c94d-43c5-a45f-ba1ee67acb56}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a650544a-5292-4dd9-9b44-3131a3416f10}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww
hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin HKU\S-1-5-21-1677144030-1501987465-2753303347-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-1677144030-1501987465-2753303347-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-15]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-11]
CHR Extension: (Dokumenty Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-11]
CHR Extension: (Disk Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-11]
CHR Extension: (YouTube) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-11]
CHR Extension: (Avast SafePrice) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-06-11]
CHR Extension: (Tabuľky Google) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-11]
CHR Extension: (Avast Online Security) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-11]
CHR Extension: (Gmail) - C:\Users\Ladislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-11]
CHR HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-15] (AVAST Software)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-09-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-25] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16894752 2014-01-14] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-05-21] (Enigma Software Group USA, LLC.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-15] (AVAST Software)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-05-21] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-21] ()
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [46960 2016-05-21] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-21] (Malwarebytes)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-27] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [202656 2016-05-21] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 10:10 - 2016-06-12 10:10 - 00021678 _____ C:\Users\Ladislav\Desktop\FRST.txt
2016-06-12 09:53 - 2016-06-12 09:53 - 00000000 _____ C:\Users\Ladislav\Downloads\FRSTLauncher.exe.8gz25p6.partial
2016-06-12 09:52 - 2016-06-12 10:10 - 00000000 ____D C:\FRST
2016-06-12 09:51 - 2016-06-12 09:52 - 02385408 _____ (Farbar) C:\Users\Ladislav\Desktop\FRST64.exe
2016-06-12 09:50 - 2016-06-12 09:50 - 02385408 _____ (Farbar) C:\Users\Ladislav\Downloads\Nepotvrdené 145724.crdownload
2016-06-11 08:45 - 2016-06-11 08:46 - 03677248 _____ C:\Users\Ladislav\Desktop\adwcleaner_5.119.exe
2016-06-11 08:08 - 2016-06-11 08:08 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-11 08:08 - 2016-06-11 08:08 - 00002359 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-11 08:06 - 2016-06-11 08:06 - 00987728 _____ (Google Inc.) C:\Users\Ladislav\Downloads\ChromeSetup (1).exe
2016-06-11 08:05 - 2016-06-11 08:05 - 00001395 _____ C:\Users\Ladislav\Desktop\Google.lnk
2016-06-11 05:15 - 2016-06-11 05:15 - 00000000 ____D C:\Users\Ladislav\AppData\Local\CEF
2016-06-11 04:52 - 2016-06-11 04:52 - 00000000 ____D C:\rsit
2016-06-11 04:51 - 2016-06-11 04:51 - 01222144 _____ C:\Users\Ladislav\Downloads\RSITx64.exe
2016-06-11 04:06 - 2016-06-11 04:07 - 06893008 _____ (Piriform Ltd) C:\Users\Ladislav\Downloads\ccsetup518.exe
2016-06-11 03:58 - 2016-06-11 03:58 - 00000000 ___HD C:\OneDriveTemp
2016-06-04 06:15 - 2016-06-04 06:15 - 00143089 _____ C:\Users\Ladislav\Downloads\KBU_Sikagard 703 W.pdf
2016-05-21 08:31 - 2016-06-11 10:05 - 00000119 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-05-21 08:31 - 2016-05-29 07:09 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-05-21 08:31 - 2016-05-21 10:42 - 00079806 _____ C:\WINDOWS\ZAM.krnl.trace
2016-05-21 08:31 - 2016-05-21 08:31 - 00202656 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-05-21 08:30 - 2016-05-21 08:30 - 05479312 _____ ( ) C:\Users\Ladislav\Downloads\Zemana.AntiMalware.Setup.exe
2016-05-21 08:30 - 2016-05-21 08:30 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Zemana
2016-05-21 07:03 - 2016-05-21 10:41 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Enigma Software Group
2016-05-21 07:03 - 2016-05-21 10:39 - 00002616 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-05-21 07:03 - 2016-05-21 07:03 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-05-21 07:03 - 2016-05-21 07:03 - 00000000 ____D C:\sh4ldr
2016-05-21 07:02 - 2016-05-21 07:02 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-05-21 07:02 - 2016-05-21 07:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-05-21 07:00 - 2016-05-21 07:01 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Ladislav\Downloads\SpyHunter-Installer.exe
2016-05-21 06:48 - 2016-05-21 06:48 - 06882192 _____ (Piriform Ltd) C:\Users\Ladislav\Downloads\ccsetup517 (1).exe
2016-05-21 06:33 - 2016-05-21 06:33 - 00001126 _____ C:\WINDOWS\system32\.crusader
2016-05-21 06:22 - 2016-05-21 06:35 - 00046960 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-05-21 06:21 - 2016-05-21 06:34 - 00000000 ____D C:\ProgramData\HitmanPro
2016-05-21 06:21 - 2016-05-21 06:21 - 11438608 _____ (SurfRight B.V.) C:\Users\Ladislav\Downloads\hitmanpro_x64.exe
2016-05-21 06:16 - 2016-05-21 06:17 - 06882192 _____ (Piriform Ltd) C:\Users\Ladislav\Downloads\ccsetup517.exe
2016-05-21 05:51 - 2016-05-21 06:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-21 05:51 - 2016-05-21 05:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-21 05:49 - 2016-05-21 05:50 - 22851472 _____ (Malwarebytes ) C:\Users\Ladislav\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-21 05:39 - 2016-06-11 10:04 - 00000000 ____D C:\AdwCleaner
2016-05-21 05:38 - 2016-05-21 05:39 - 03651136 _____ C:\Users\Ladislav\Downloads\adwcleaner_5.117.exe
2016-05-15 09:20 - 2016-05-15 09:20 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1463296801
2016-05-15 09:20 - 2016-05-15 09:20 - 00001093 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-05-15 09:20 - 2016-05-15 09:20 - 00001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-05-15 09:18 - 2016-05-15 09:18 - 00001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-05-15 09:17 - 2016-05-15 09:17 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-05-15 09:17 - 2016-05-15 09:17 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-05-15 09:17 - 2016-05-15 09:17 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-05-13 14:31 - 2016-05-13 14:31 - 00455680 _____ C:\Users\Ladislav\Downloads\BD_VLCEK_SITUACIA1.dgn

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 09:51 - 2016-02-20 14:28 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-12 09:51 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-12 09:51 - 2014-12-25 16:39 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67378135-B651-4680-ADF8-469C87A4F7B7}
2016-06-12 09:49 - 2015-09-17 20:06 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-12 09:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-11 14:57 - 2014-12-25 16:33 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Packages
2016-06-11 14:56 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-11 10:07 - 2016-02-20 15:50 - 00000000 ___RD C:\Users\Ladislav\Disk Google
2016-06-11 10:07 - 2014-12-25 16:38 - 00000000 __RDO C:\Users\Ladislav\OneDrive
2016-06-11 10:06 - 2015-09-17 20:06 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-11 10:05 - 2016-02-20 14:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-11 10:04 - 2016-02-20 14:04 - 00000000 ____D C:\Users\Ladislav
2016-06-11 10:04 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-11 08:08 - 2014-12-25 16:40 - 00000000 ____D C:\Users\Ladislav\AppData\Local\Google
2016-06-11 08:08 - 2014-12-25 16:40 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-11 07:41 - 2015-02-01 20:54 - 00001154 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-06-11 04:52 - 2015-09-05 05:34 - 00000000 ____D C:\Program Files\trend micro
2016-06-11 04:25 - 2016-04-09 10:55 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-06-11 04:25 - 2015-02-02 20:03 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\Seznam.cz
2016-06-11 04:22 - 2014-12-25 16:33 - 00000000 __SHD C:\Users\Ladislav\IntelGraphicsProfiles
2016-06-11 04:07 - 2015-01-03 10:45 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-02 15:51 - 2016-02-20 15:48 - 00002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-06-02 15:51 - 2016-02-20 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-28 03:27 - 2015-02-15 08:09 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-05-24 12:58 - 2016-02-20 14:57 - 00002391 _____ C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-21 09:39 - 2015-02-14 19:24 - 00000000 ____D C:\Program Files\Adware-Removal-Tool
2016-05-21 06:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-05-21 06:11 - 2015-11-10 04:54 - 00000000 ____D C:\Users\Ladislav\AppData\Roaming\FlvtoConverter
2016-05-21 05:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-15 09:17 - 2015-02-15 08:09 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-05-15 09:17 - 2015-02-15 08:09 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-05-15 09:17 - 2015-02-15 08:01 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-15 05:07 - 2014-12-25 16:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-14 22:55 - 2015-10-30 11:07 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 22:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-14 22:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-14 22:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-14 22:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-14 22:54 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-14 12:19 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2015-09-05 22:50 - 2016-02-20 13:03 - 0282838 _____ () C:\Users\Ladislav\AppData\Local\BTServer.log
2015-01-04 10:41 - 2015-01-15 17:38 - 0004608 _____ () C:\Users\Ladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-20 13:59 - 2016-02-20 13:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Ladislav\CommonControls.dll
C:\Users\Ladislav\CommonUtils.dll
C:\Users\Ladislav\DirectShowLib-2008.dll
C:\Users\Ladislav\DownloadManager.dll
C:\Users\Ladislav\FlvtoYoutubeDownloader.exe
C:\Users\Ladislav\Hardcodet.Wpf.TaskbarNotification.dll
C:\Users\Ladislav\ICSharpCode.SharpZipLib.dll
C:\Users\Ladislav\Id3Lib.dll
C:\Users\Ladislav\MediaLibrary.dll
C:\Users\Ladislav\Mp3Lib.dll
C:\Users\Ladislav\msvcp100.dll
C:\Users\Ladislav\msvcr100.dll
C:\Users\Ladislav\Newtonsoft.Json.dll
C:\Users\Ladislav\setup.exe
C:\Users\Ladislav\UninstallFlvtoYoutubeDownloader.exe
C:\Users\Ladislav\VideoHostsExtractor.dll
C:\Users\Ladislav\WpfLocalization.dll
C:\Users\Ladislav\Xceed.Wpf.Toolkit.dll
C:\Users\Ladislav\YoutubeExtractor.dll


Some files in TEMP:
====================
C:\Users\Ladislav\AppData\Local\Temp\libeay32.dll
C:\Users\Ladislav\AppData\Local\Temp\msvcr120.dll
C:\Users\Ladislav\AppData\Local\Temp\sqlite3.dll
C:\Users\Ladislav\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2016-06-02 10:24

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-06-2016
Ran by Ladislav (2016-06-12 10:11:28)
Running from C:\Users\Ladislav\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-20 12:43:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1677144030-1501987465-2753303347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1677144030-1501987465-2753303347-503 - Limited - Disabled)
Guest (S-1-5-21-1677144030-1501987465-2753303347-501 - Limited - Disabled)
Ladislav (S-1-5-21-1677144030-1501987465-2753303347-1001 - Administrator - Enabled) => C:\Users\Ladislav

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
AutoCAD Drawing Viewer (HKLM-x32\...\ST6UNST #1) (Version: - )
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.0 - Corel Corporation) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Spoločnosť Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10264 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Nokia PC Internet Access (HKLM-x32\...\Nokia PC Internet Access) (Version: 2.0.1.3 - Nokia)
Nokia PC Internet Access (x32 Version: 2.0.1.3 - Nokia) Hidden
NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.38 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.38 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 1.7.203 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
WinRAR 5.21 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XVM verzia 6.2.0.1 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.2.0.1 - XVM team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ladislav\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {002737FB-BB0C-4F5C-A538-87D772ACFC6F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {092CC3C0-3EC0-49B7-A0E9-65B3E907453F} - System32\Tasks\SafeZone scheduled Autoupdate 1463296801 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {0C0AC770-1480-4C51-B9E1-4EFD2FB5A6EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {142DC307-519B-45C0-85FE-619526781360} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {18805E3F-50F9-491C-80C4-521A774C5955} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {2A2B7C07-DC97-474F-B608-8AD4048CE876} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-27] (Synaptics Incorporated)
Task: {4FFB7E57-B65B-4C47-995F-9A4A995EC7A7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {553521DC-9C95-4A8E-B24E-C3CCAA3E67FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B48C26F-A56D-4AD9-A1D7-34B1E0206CBF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-15] (AVAST Software)
Task: {6955023A-9C54-4D4F-8FCA-92AC889FBA14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {749FDADC-2F15-4E2E-9428-C1CB97D418E8} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-05-21] (Enigma Software Group USA, LLC.)
Task: {8C0E69C9-E9EC-4203-82B1-EC8B5403016B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8C724E94-1130-434E-8842-0CE0F97A5191} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {99E4D608-B41E-423B-80E1-2CB7402213CE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C102050-196B-4BCA-B515-2447E4D6A625} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E1A7B20-605D-47B1-8AE7-BB1C6E87B01C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A5B2AA2C-E621-4105-96A2-01A299AC45BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B1A90900-B96F-4D29-A024-C970A41BD9BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B50A9FE1-AC23-4087-A5D0-6D56CFD53DC7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C736A42E-5914-4F50-83D1-98A0C6867D49} - System32\Tasks\Google Update => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {DBFE2204-FB23-464B-8AB3-F872C6826344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E293A3B8-EC33-4A69-8605-A1CA947EA4AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {E87E684C-ABD9-4779-B9B6-5B7304D8DAB1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F46CD340-A041-4B43-8F03-29DE1D1F14D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F5929B43-BC2E-45BB-9F7E-2F057166F4EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0e4806b4e67da.job => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d0f478b5a27cb5.job => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d13112c03b0340.job => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d1628cbc57e26b.job => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1677144030-1501987465-2753303347-1001Core1d1ab468c9ed99c.job => C:\Users\Ladislav\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-20 14:00 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-01-05 22:45 - 2012-09-29 14:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-01-05 22:44 - 2012-09-29 14:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2016-01-05 22:44 - 2012-09-29 14:26 - 03120128 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2016-01-05 22:44 - 2012-09-29 14:53 - 01038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2014-08-25 23:23 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-04-12 22:38 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 22:38 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-24 12:58 - 2016-05-24 12:58 - 00959168 _____ () C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-19 03:31 - 2016-04-19 03:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-20 22:45 - 2016-02-20 22:45 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 08:09 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 08:13 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 08:12 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 08:13 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 08:13 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-08-25 22:32 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-06-01 20:15 - 2016-06-01 20:15 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-06-04 05:37 - 2016-06-04 05:38 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-04 05:37 - 2016-06-04 05:38 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-04 05:37 - 2016-06-04 05:38 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-04 13:10 - 2016-03-04 13:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-05 22:44 - 2012-09-29 14:25 - 00363008 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210sd.dll
2016-05-15 09:17 - 2016-05-15 09:17 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-15 09:17 - 2016-05-15 09:17 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-10 19:13 - 2016-06-10 19:13 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061001\algo.dll
2016-05-15 09:17 - 2016-05-15 09:17 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-15 09:17 - 2016-05-15 09:17 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-12 09:49 - 2016-06-12 09:49 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061101\algo.dll
2016-04-19 03:31 - 2016-04-19 03:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 03:31 - 2016-04-19 03:31 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-24 12:57 - 2016-05-24 12:57 - 00679624 _____ () C:\Users\Ladislav\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-12-13 05:42 - 2015-12-13 05:42 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-11 10:07 - 2016-06-11 10:07 - 00098816 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32api.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00110080 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\pywintypes27.dll
2016-06-11 10:07 - 2016-06-11 10:07 - 00364544 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\pythoncom27.dll
2016-06-11 10:07 - 2016-06-11 10:07 - 00320512 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32com.shell.shell.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00776704 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_hashlib.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 01176576 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._core_.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00806400 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._gdi_.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00816128 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._windows_.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 01067008 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._controls_.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00733184 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._misc_.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00682496 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\pysqlite2._sqlite.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00088064 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_ctypes.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00119808 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32file.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00108544 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32security.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00007168 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\hashobjs_ext.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00017920 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\thumbnails_ext.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00088064 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\usb_ext.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00012288 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\common.time34.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00018432 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32event.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00167936 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32gui.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00046080 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_socket.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 01208320 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_ssl.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00128512 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_elementtree.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00127488 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\pyexpat.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00038912 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32inet.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00036864 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_psutil_windows.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00525208 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\windows._lib_cacheinvalidation.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00011264 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32crypt.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00077312 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._html2.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00027136 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_multiprocessing.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00020480 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\_yappi.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00035840 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32process.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00686080 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\unicodedata.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00078848 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._animate.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00123392 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\wx._wizard.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00024064 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32pipe.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00010240 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\select.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00025600 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32pdh.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00017408 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32profile.pyd
2016-06-11 10:07 - 2016-06-11 10:07 - 00022528 ____R () C:\Users\Ladislav\AppData\Local\Temp\_MEI52322\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\katasterportal.sk -> hxxp://www.katasterportal.sk
IE trusted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\katasterportal.sk -> hxxps://www.katasterportal.sk
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-09-05 22:14 - 2015-09-07 17:23 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ladislav\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\StartupApproved\Run: => "NokiaPCInternetAccess"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{2B94B3F0-4748-4805-9127-90F893864230}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{9CAE0FE6-CF68-461E-9AE4-CD9F68FF448A}C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ladislav\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{40F937D7-8C6D-400F-B488-10343DBC7261}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{2161B431-31C5-4D25-A6FC-C674DFF1F442}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{41E64A06-8920-475C-AC8C-5B8130396C66}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{CBC8D34A-C1CF-4560-BE1D-22EC45C5003E}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{354F9358-20DA-4C4E-8DAB-FD554C0078B3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C976B1DB-E2FB-4858-A3DD-72FE520D2D1B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6E0C5685-496E-43CB-A728-FEECB84AFF20}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9D04A933-1003-4C81-8F65-D9A719664F6F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9AA3066F-4A8A-49FC-993B-A0B00FE83896}] => (Allow) LPort=55100
FirewallRules: [{860FCD43-0780-432C-88D8-7D9E6E8E852B}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{0DC581B8-C38A-43AD-9437-0D4F4EF3FC75}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{35BEED16-F9AE-4C33-974D-C8A125514BE0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{1CA92CCB-F625-4509-8B5A-9AEE1F87DE76}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{EF9731A8-E133-4B57-A65A-DB8A1407DDE2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{612A805C-7A28-4581-868A-E66DDCFB4965}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F4F04205-DC95-4EE5-8213-C2212BAD77B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6E7C8B7F-CEFE-4723-B97F-F4445EAA41CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{85367422-9981-44CC-9F3E-D55516E5518C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DB882316-2FFC-4B04-88C1-3B29FCEA43AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3EE7EDEB-989D-431B-8C65-204B998DEEFD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-05-2016 06:32:06 Bod obnovy HitmanPro
29-05-2016 05:00:39 Scheduled Checkpoint
05-06-2016 18:04:13 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2016 10:05:32 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]

Error: (06/11/2016 10:05:32 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to load Audio DLL [126]

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application

Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (06/11/2016 08:54:32 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search sa zastavuje, pretože sa vyskytol problém s indexovaním, The catalog is corrupt.

Details:
The content index catalog is corrupt. 0xc0041801 (0xc0041801)

Error: (06/11/2016 08:54:16 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhľadávacia služba zistila v indexe {id=4810 - base\appmodel\search\search\ytrip\common\util\jetutil.cpp (203)} súbory s poškodenými údajmi. Služba sa pokúsi o automatické opravenie tohto problému opätovným vytvorením indexu.

Details:
0x8e5e0210 (0x8e5e0210)

Error: (06/11/2016 08:54:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (4828) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00026.log.


System errors:
=============
Error: (06/11/2016 10:08:58 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (06/11/2016 10:04:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba User Data Access_4ec28 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:04:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba User Data Storage_4ec28 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:04:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Contact Data_4ec28 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:04:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sync Host_4ec28 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:04:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/11/2016 10:04:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (06/11/2016 10:04:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:03:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/11/2016 10:03:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Protexis Licensing V2 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===================================
Date: 2016-05-15 13:21:51.879
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-15 05:06:28.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-14 18:11:00.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-13 13:51:39.872
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-11 11:49:22.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-16 05:58:01.346
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-14 23:00:27.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-14 11:16:20.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-24 14:42:54.790
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-13 18:20:04.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 45%
Total physical RAM: 3979.21 MB
Available physical RAM: 2176.89 MB
Total Virtual: 4235.21 MB
Available Virtual: 2033.08 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.43 GB) (Free:808.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A76D023E)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [BingSvc] => C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-23] (© 2015 Microsoft Corporation)
C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc
GroupPolicy: Restriction - Chrome <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Ladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Ladislav\CommonControls.dll
C:\Users\Ladislav\CommonUtils.dll
C:\Users\Ladislav\DirectShowLib-2008.dll
C:\Users\Ladislav\DownloadManager.dll
C:\Users\Ladislav\FlvtoYoutubeDownloader.exe
C:\Users\Ladislav\Hardcodet.Wpf.TaskbarNotification.dll
C:\Users\Ladislav\ICSharpCode.SharpZipLib.dll
C:\Users\Ladislav\Id3Lib.dll
C:\Users\Ladislav\MediaLibrary.dll
C:\Users\Ladislav\Mp3Lib.dll
C:\Users\Ladislav\msvcp100.dll
C:\Users\Ladislav\msvcr100.dll
C:\Users\Ladislav\Newtonsoft.Json.dll
C:\Users\Ladislav\setup.exe
C:\Users\Ladislav\UninstallFlvtoYoutubeDownloader.exe
C:\Users\Ladislav\VideoHostsExtractor.dll
C:\Users\Ladislav\WpfLocalization.dll
C:\Users\Ladislav\Xceed.Wpf.Toolkit.dll
C:\Users\Ladislav\YoutubeExtractor.dll
C:\Users\Ladislav\AppData\Local\Temp
Task: {0C0AC770-1480-4C51-B9E1-4EFD2FB5A6EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {553521DC-9C95-4A8E-B24E-C3CCAA3E67FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6955023A-9C54-4D4F-8FCA-92AC889FBA14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8C0E69C9-E9EC-4203-82B1-EC8B5403016B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {99E4D608-B41E-423B-80E1-2CB7402213CE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C102050-196B-4BCA-B515-2447E4D6A625} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E1A7B20-605D-47B1-8AE7-BB1C6E87B01C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A5B2AA2C-E621-4105-96A2-01A299AC45BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B50A9FE1-AC23-4087-A5D0-6D56CFD53DC7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DBFE2204-FB23-464B-8AB3-F872C6826344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E87E684C-ABD9-4779-B9B6-5B7304D8DAB1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F46CD340-A041-4B43-8F03-29DE1D1F14D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[kocure]

tu je log.vyzera ze problem sa vyriesil.dakujem pekne

Fix result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by Ladislav (2016-06-13 13:55:32) Run:1
Running from C:\Users\Ladislav\Desktop
Loaded Profiles: Ladislav (Available Profiles: Ladislav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\...\Run: [BingSvc] => C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-23] (© 2015 Microsoft Corporation)
C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc
GroupPolicy: Restriction - Chrome <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Ladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Ladislav\CommonControls.dll
C:\Users\Ladislav\CommonUtils.dll
C:\Users\Ladislav\DirectShowLib-2008.dll
C:\Users\Ladislav\DownloadManager.dll
C:\Users\Ladislav\FlvtoYoutubeDownloader.exe
C:\Users\Ladislav\Hardcodet.Wpf.TaskbarNotification.dll
C:\Users\Ladislav\ICSharpCode.SharpZipLib.dll
C:\Users\Ladislav\Id3Lib.dll
C:\Users\Ladislav\MediaLibrary.dll
C:\Users\Ladislav\Mp3Lib.dll
C:\Users\Ladislav\msvcp100.dll
C:\Users\Ladislav\msvcr100.dll
C:\Users\Ladislav\Newtonsoft.Json.dll
C:\Users\Ladislav\setup.exe
C:\Users\Ladislav\UninstallFlvtoYoutubeDownloader.exe
C:\Users\Ladislav\VideoHostsExtractor.dll
C:\Users\Ladislav\WpfLocalization.dll
C:\Users\Ladislav\Xceed.Wpf.Toolkit.dll
C:\Users\Ladislav\YoutubeExtractor.dll
C:\Users\Ladislav\AppData\Local\Temp
Task: {0C0AC770-1480-4C51-B9E1-4EFD2FB5A6EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {553521DC-9C95-4A8E-B24E-C3CCAA3E67FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6955023A-9C54-4D4F-8FCA-92AC889FBA14} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8C0E69C9-E9EC-4203-82B1-EC8B5403016B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {99E4D608-B41E-423B-80E1-2CB7402213CE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C102050-196B-4BCA-B515-2447E4D6A625} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E1A7B20-605D-47B1-8AE7-BB1C6E87B01C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A5B2AA2C-E621-4105-96A2-01A299AC45BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B50A9FE1-AC23-4087-A5D0-6D56CFD53DC7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DBFE2204-FB23-464B-8AB3-F872C6826344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E87E684C-ABD9-4779-B9B6-5B7304D8DAB1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F46CD340-A041-4B43-8F03-29DE1D1F14D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************

HKU\S-1-5-21-1677144030-1501987465-2753303347-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Ladislav\AppData\Local\Microsoft\BingSvc => moved successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Ladislav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Ladislav\CommonControls.dll => moved successfully
C:\Users\Ladislav\CommonUtils.dll => moved successfully
C:\Users\Ladislav\DirectShowLib-2008.dll => moved successfully
C:\Users\Ladislav\DownloadManager.dll => moved successfully
C:\Users\Ladislav\FlvtoYoutubeDownloader.exe => moved successfully
C:\Users\Ladislav\Hardcodet.Wpf.TaskbarNotification.dll => moved successfully
C:\Users\Ladislav\ICSharpCode.SharpZipLib.dll => moved successfully
C:\Users\Ladislav\Id3Lib.dll => moved successfully
C:\Users\Ladislav\MediaLibrary.dll => moved successfully
C:\Users\Ladislav\Mp3Lib.dll => moved successfully
C:\Users\Ladislav\msvcp100.dll => moved successfully
C:\Users\Ladislav\msvcr100.dll => moved successfully
C:\Users\Ladislav\Newtonsoft.Json.dll => moved successfully
C:\Users\Ladislav\setup.exe => moved successfully
C:\Users\Ladislav\UninstallFlvtoYoutubeDownloader.exe => moved successfully
C:\Users\Ladislav\VideoHostsExtractor.dll => moved successfully
C:\Users\Ladislav\WpfLocalization.dll => moved successfully
C:\Users\Ladislav\Xceed.Wpf.Toolkit.dll => moved successfully
C:\Users\Ladislav\YoutubeExtractor.dll => moved successfully

"C:\Users\Ladislav\AppData\Local\Temp" folder move:

Could not move "C:\Users\Ladislav\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C0AC770-1480-4C51-B9E1-4EFD2FB5A6EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0AC770-1480-4C51-B9E1-4EFD2FB5A6EE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{553521DC-9C95-4A8E-B24E-C3CCAA3E67FF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553521DC-9C95-4A8E-B24E-C3CCAA3E67FF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6955023A-9C54-4D4F-8FCA-92AC889FBA14}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6955023A-9C54-4D4F-8FCA-92AC889FBA14}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C0E69C9-E9EC-4203-82B1-EC8B5403016B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C0E69C9-E9EC-4203-82B1-EC8B5403016B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99E4D608-B41E-423B-80E1-2CB7402213CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99E4D608-B41E-423B-80E1-2CB7402213CE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C102050-196B-4BCA-B515-2447E4D6A625}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C102050-196B-4BCA-B515-2447E4D6A625}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1A7B20-605D-47B1-8AE7-BB1C6E87B01C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1A7B20-605D-47B1-8AE7-BB1C6E87B01C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5B2AA2C-E621-4105-96A2-01A299AC45BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B2AA2C-E621-4105-96A2-01A299AC45BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B50A9FE1-AC23-4087-A5D0-6D56CFD53DC7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B50A9FE1-AC23-4087-A5D0-6D56CFD53DC7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBFE2204-FB23-464B-8AB3-F872C6826344}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBFE2204-FB23-464B-8AB3-F872C6826344}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E87E684C-ABD9-4779-B9B6-5B7304D8DAB1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E87E684C-ABD9-4779-B9B6-5B7304D8DAB1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F46CD340-A041-4B43-8F03-29DE1D1F14D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F46CD340-A041-4B43-8F03-29DE1D1F14D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-13 13:59:22)

C:\Users\Ladislav\AppData\Local\Temp => moved successfully

==== End of Fixlog 13:59:26 ====

[Rudy]

Ano, vše bylo smazáno.