Procesor vytížen na 100%

Zpráva

djkarer1994 · #1 Příspěvek od **djkarer1994** » 02 říj 2016 08:54

Prosím o pomoc.
Počítač má nyní neustále vytížen procesor na 100%.
Posílám screen.
Pořád mi procesor využívá csrss.exe a conhost.exe a makecab.exe

#2 Příspěvek od **Rudy** » 02 říj 2016 10:42

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

djkarer1994 · #3 Příspěvek od **djkarer1994** » 02 říj 2016 11:33

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2016
Ran by Reichlovi (administrator) on REICHLOVI-PC (02-10-2016 12:09:13)
Running from C:\Users\Reichlovi\Desktop
Loaded Profiles: Reichlovi (Available Profiles: Reichlovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(VoyagerSoft, LLC) C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(forum.viry.cz) C:\Users\Reichlovi\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-15] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [BitTorrent] => C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe [2142920 2016-09-11] (BitTorrent Inc.)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: {acb2e8f6-8403-11e1-9c1c-742f68f79091} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-15] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicy: Restriction - Windows Degender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com127.0.0.1 clients2.google.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{075C9805-CA72-4677-80AC-4106DD951ED9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4FC55DA9-B0FF-4039-9D81-D9C409799856}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58D541B3-2804-490A-B5B5-07C609DC4120}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5D9CCA1D-2EC4-45EB-A794-39E9E4FC95CC}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195758167415&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759557495&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759667501&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKLM-x32 -> Default = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Solid Converter PDF -> {259F616C-A300-44F5-B04A-ED001A26C85C} -> C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02] (VoyagerSoft, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-09] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-21] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Native Client) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Google Update) - C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default [2016-08-02]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-04-07]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-09]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-07-09]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-08]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-07-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-27]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-27]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-27]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-28]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-27]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-27]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-09-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-09-15]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-15]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-09-15]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile [2016-05-21]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-13]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\REICHL~1\AppData\Local\Temp\ccex.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-15] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-08] (BlueStack Systems, Inc.)
S2 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-08] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-08] (BlueStack Systems, Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-06-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-06-07] ()
R2 ScReadSpool; C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [184320 2006-11-02] (VoyagerSoft, LLC) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-10-02] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-08] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2014-12-24] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-02] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S1 NetworkX; C:\Windows\SysWOW64\ckldrv.sys [24608 2000-02-03] () [File not signed]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2016-07-08] () [File not signed]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 12:09 - 2016-10-02 12:13 - 00036048 _____ C:\Users\Reichlovi\Desktop\FRST.txt
2016-10-02 12:03 - 2016-10-02 12:06 - 00112640 _____ (forum.viry.cz) C:\Users\Reichlovi\Desktop\FRSTLauncher.exe
2016-10-02 12:01 - 2016-10-02 12:01 - 02404352 _____ (Farbar) C:\Users\Reichlovi\Desktop\FRST64.exe
2016-10-02 10:21 - 2016-08-13 00:48 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAD21.tmp
2016-10-02 10:21 - 2016-03-09 21:25 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9132.tmp
2016-10-02 10:21 - 2016-03-09 21:25 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA023.tmp
2016-10-02 10:21 - 2016-02-23 19:22 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswAB1D.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswB0E9.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9900.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA5FE.tmp
2016-10-02 10:21 - 2016-02-13 09:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9D55.tmp
2016-10-02 10:21 - 2013-03-07 01:33 - 00022600 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8A10.tmp
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\Program Files\7-Zip
2016-10-02 10:15 - 2016-10-02 10:16 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe
2016-10-02 10:11 - 2016-10-02 10:11 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe.part
2016-10-02 10:00 - 2016-10-02 09:54 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-02 09:56 - 2016-10-02 10:08 - 3004727059 _____ C:\Users\Reichlovi\Downloads\zasilka-KZXS7HUIAXA5H5FP.zip
2016-10-02 09:45 - 2016-10-02 09:45 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-08 07:21 - 2016-10-02 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-02 12:13 - 2011-12-25 17:18 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\BitTorrent
2016-10-02 12:09 - 2014-07-09 19:31 - 00000000 ____D C:\FRST
2016-10-02 10:44 - 2016-09-01 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\LocalLow\BitTorrent
2016-10-02 10:34 - 2011-12-24 20:44 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-10-02 10:34 - 2011-12-24 20:44 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-10-02 10:33 - 2012-07-04 21:18 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-02 09:54 - 2014-04-22 17:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-02 09:54 - 2014-01-01 15:27 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147539729794410
2016-10-02 09:54 - 2011-12-24 20:44 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-02 09:53 - 2012-02-25 11:36 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-02 09:43 - 2013-03-02 20:31 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-02 09:43 - 2011-12-24 20:44 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147539729156307
2016-10-02 09:43 - 2011-12-24 20:44 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-02 09:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-02 09:30 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-02 09:14 - 2016-08-14 21:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-02 09:13 - 2012-05-05 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-02 09:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-11 13:19 - 2015-09-20 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\ViberPC
2016-09-08 06:13 - 2012-02-29 19:24 - 00000000 ____D C:\ProgramData\Skype
2016-09-08 06:02 - 2011-02-19 07:36 - 00684126 _____ C:\Windows\system32\perfh005.dat
2016-09-08 06:02 - 2011-02-19 07:36 - 00147216 _____ C:\Windows\system32\perfc005.dat
2016-09-08 06:02 - 2009-07-14 07:13 - 01623974 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-08 06:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-08 06:00 - 2012-02-29 19:25 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2012-07-13 11:50 - 2012-07-13 11:50 - 4024320 _____ () C:\Program Files (x86)\GUT70AD.tmp
2012-01-03 21:15 - 2012-01-03 21:15 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-02-15 20:47 - 2015-11-17 12:28 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileIn.cns
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileOut.cns
2014-10-07 21:27 - 2014-10-07 21:27 - 0000048 _____ () C:\Users\Reichlovi\AppData\Roaming\guid.ini
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guides
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitar
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitars
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Hybrid Chords
2014-02-13 11:05 - 2014-02-13 11:42 - 0099384 _____ () C:\Users\Reichlovi\AppData\Roaming\inst.exe
2015-06-25 01:13 - 2015-06-25 01:13 - 0000343 _____ () C:\Users\Reichlovi\AppData\Roaming\mplex-log.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0007859 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.cat
2014-02-13 11:05 - 2014-02-13 11:42 - 0001167 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.inf
2014-02-13 11:05 - 2014-02-13 11:42 - 0000055 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0082816 _____ (VSO Software) C:\Users\Reichlovi\AppData\Roaming\pcouffin.sys
2012-04-27 22:50 - 2012-04-27 22:53 - 0000272 _____ () C:\Users\Reichlovi\AppData\Local\custom_colors.cfg
2012-09-11 16:29 - 2015-10-18 14:56 - 0009216 _____ () C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-25 21:26 - 2016-06-05 12:24 - 0007596 _____ () C:\Users\Reichlovi\AppData\Local\Resmon.ResmonCfg
2014-07-31 12:34 - 2014-07-31 12:34 - 0000000 _____ () C:\Users\Reichlovi\AppData\Local\{C3AB7AE0-D472-42BB-AFD2-55554DEE0BBC}
2015-06-23 18:40 - 2015-06-23 18:40 - 0004128 _____ () C:\ProgramData\bqeojehc.wbx
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Halftone
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\ProgramData\Help
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Helper Scripts
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\ProgramData\Image Capture
2014-01-28 23:04 - 2016-07-31 09:05 - 0019873 _____ () C:\ProgramData\LmeUSB.log
2014-01-28 23:04 - 2016-07-31 09:05 - 0019479 _____ () C:\ProgramData\LmeZJSW.log
2014-01-29 16:12 - 2016-07-31 09:05 - 0019428 _____ () C:\ProgramData\LSDmbTH.log
2014-06-26 09:02 - 2014-06-26 09:02 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-06-26 09:07 - 2014-06-26 09:07 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-06-26 09:05 - 2014-06-26 09:17 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-06-26 09:05 - 2014-06-26 09:05 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2011-10-23 06:59 - 2011-10-23 07:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-10-23 06:59 - 2011-10-23 06:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

Multiple Image Resizer .NET 4 (HKLM-x32\...\Multiple Image Resizer .NET 4) (Version: 4.0.0.3 - Acumen Business Systems Ltd)
Multiple Image Resizer .NET 4 (x32 Version: 4.0.0.3 - Acumen Business Systems Ltd) Hidden

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Reichlovi\Desktop" je 2375 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON S22 Series
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGEE.EXE /FU "C:\Windows\TEMP\E_S3F50.tmp" /EF "HKCU" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GetGoDM
C:\Users\Reichlovi\GetGo Download Manager\GetGo.exe /minimized: [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Photos Backup
"C:\Users\Reichlovi\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_4F20997116D7B4318C66A8D21250CAD8
"C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder
"C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe" StartMinimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe
"C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxMoniter
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk
C:\PROGRA~2\WONDER~1\MOBILE~1\MOBILE~1.EXE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Rudy** » 02 říj 2016 12:06

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

djkarer1994 · #5 Příspěvek od **djkarer1994** » 02 říj 2016 14:42

# AdwCleaner v6.020 - Logfile created 02/10/2016 at 15:13:12
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-01.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Reichlovi - REICHLOVI-PC
# Running from : C:\Users\Reichlovi\Desktop\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\WinZiper
[-] Key deleted: HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [10665 Bytes] - [02/08/2016 22:16:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [964 Bytes] - [02/10/2016 15:13:12]
C:\AdwCleaner\AdwCleaner[R0].txt - [51209 Bytes] - [10/07/2014 11:48:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [51684 Bytes] - [10/07/2014 11:50:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [11763 Bytes] - [02/08/2016 22:13:25]
C:\AdwCleaner\AdwCleaner[S2].txt - [1530 Bytes] - [02/10/2016 15:12:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1331 Bytes] ##########

#6 Příspěvek od **Rudy** » 02 říj 2016 16:25

Dejte nový log FRST.

djkarer1994 · #7 Příspěvek od **djkarer1994** » 03 říj 2016 21:48

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2016
Ran by Reichlovi (administrator) on REICHLOVI-PC (03-10-2016 22:28:36)
Running from C:\Users\Reichlovi\Desktop
Loaded Profiles: Reichlovi (Available Profiles: Reichlovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
(BitTorrent Inc.) C:\Users\Reichlovi\AppData\Roaming\BitTorrent\updates\7.9.8_42577\utorrentie.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(VoyagerSoft, LLC) C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Bluestack System Inc. ) C:\Program Files (x86)\BlueStacks\BstkSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(forum.viry.cz) C:\Users\Reichlovi\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-08-11] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-10-02] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [BitTorrent] => C:\Users\Reichlovi\AppData\Roaming\BitTorrent\BitTorrent.exe [2142920 2016-09-11] (BitTorrent Inc.)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: {acb2e8f6-8403-11e1-9c1c-742f68f79091} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-02] (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com127.0.0.1 clients2.google.com
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{075C9805-CA72-4677-80AC-4106DD951ED9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4FC55DA9-B0FF-4039-9D81-D9C409799856}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{58D541B3-2804-490A-B5B5-07C609DC4120}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5D9CCA1D-2EC4-45EB-A794-39E9E4FC95CC}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195758167415&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759557495&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130951195759667501&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKLM-x32 -> Default = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-02] (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Solid Converter PDF -> {259F616C-A300-44F5-B04A-ED001A26C85C} -> C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll [2006-11-02] (VoyagerSoft, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-09] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: x98b9xdi.default
FF ProfilePath: C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default [2016-10-03]
FF Extension: (Firefox Hotfix) - C:\Users\Reichlovi\AppData\Roaming\Mozilla\Firefox\Profiles\x98b9xdi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-02] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-02] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-4126292724-816047313-1187439271-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-10-29] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Native Client) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Google Update) - C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default [2016-08-02]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-04-07]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-09]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-07-09]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-08]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-07-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-27]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-27]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-27]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-28]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-27]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-28]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-27]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-05-21]
CHR Extension: (Prezentace Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (Dokumenty Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Disk Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-09-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-09-15]
CHR Extension: (YouTube) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-15]
CHR Extension: (Tabulky Google) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-15]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-09-15]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Gmail) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR Profile: C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile [2016-05-21]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\REICHL~1\AppData\Local\Temp\ccex.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-02] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-08] (BlueStack Systems, Inc.)
R2 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-08] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-08] (BlueStack Systems, Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [52224 2000-06-29] (Kenonic Controls Ltd.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-06-07] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-06-07] ()
R2 ScReadSpool; C:\Program Files (x86)\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [184320 2006-11-02] (VoyagerSoft, LLC) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-10-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-10-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-10-02] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-08] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-07-21] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2014-12-24] (ITE )
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-03] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S1 NetworkX; C:\Windows\SysWOW64\ckldrv.sys [24608 2000-02-03] () [File not signed]
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [28624 2016-07-08] () [File not signed]
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-03 22:28 - 2016-10-03 22:34 - 00033998 _____ C:\Users\Reichlovi\Desktop\FRST.txt
2016-10-03 22:26 - 2016-10-03 22:26 - 00000000 ____D C:\Users\Reichlovi\Desktop\FRST-OlderVersion
2016-10-02 15:36 - 2016-10-02 09:54 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-10-02 15:32 - 2016-10-03 22:00 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475415144
2016-10-02 15:32 - 2016-10-02 15:32 - 00001005 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-10-02 15:32 - 2016-10-02 15:32 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-10-02 15:31 - 2016-10-02 15:31 - 00000000 ____D C:\Users\Reichlovi\AppData\Local\CEF
2016-10-02 15:02 - 2016-10-02 15:03 - 03861056 _____ C:\Users\Reichlovi\Desktop\adwcleaner_6.020.exe
2016-10-02 12:01 - 2016-10-03 22:26 - 02404864 _____ (Farbar) C:\Users\Reichlovi\Desktop\FRST64.exe
2016-10-02 11:09 - 2016-10-02 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-02 10:16 - 2016-10-02 10:16 - 00000000 ____D C:\Program Files\7-Zip
2016-10-02 10:15 - 2016-10-02 10:16 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe
2016-10-02 10:11 - 2016-10-02 10:11 - 01381179 _____ (Igor Pavlov) C:\Users\Reichlovi\Downloads\7z1603-x64.exe.part
2016-10-02 09:56 - 2016-10-02 10:08 - 3004727059 _____ C:\Users\Reichlovi\Downloads\zasilka-KZXS7HUIAXA5H5FP.zip
2016-10-02 09:45 - 2016-10-02 09:45 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-03 22:35 - 2011-12-25 17:18 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\BitTorrent
2016-10-03 22:05 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-03 22:05 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-03 21:55 - 2016-08-14 21:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-03 21:54 - 2016-09-01 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\LocalLow\BitTorrent
2016-10-03 21:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-02 17:09 - 2012-01-01 18:29 - 00000000 ____D C:\Users\Reichlovi\AppData\Local\Adobe
2016-10-02 16:04 - 2012-04-01 18:19 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-02 16:04 - 2011-12-28 22:04 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-02 16:03 - 2011-12-28 22:04 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-02 16:03 - 2011-04-01 11:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-02 15:38 - 2015-11-17 11:20 - 00001884 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-10-02 15:37 - 2012-07-04 21:18 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-02 15:28 - 2012-05-05 13:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-02 15:13 - 2014-07-10 11:48 - 00000000 ____D C:\AdwCleaner
2016-10-02 12:09 - 2014-07-09 19:31 - 00000000 ____D C:\FRST
2016-10-02 10:34 - 2011-12-24 20:44 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-10-02 10:34 - 2011-12-24 20:44 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-10-02 09:54 - 2014-04-22 17:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-02 09:54 - 2014-01-01 15:27 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-10-02 09:54 - 2013-03-02 20:31 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147539729794410
2016-10-02 09:54 - 2011-12-24 20:44 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-02 09:54 - 2011-12-24 20:44 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-02 09:53 - 2012-02-25 11:36 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-02 09:43 - 2013-03-02 20:31 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-02 09:43 - 2011-12-24 20:44 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147539729156307
2016-10-02 09:43 - 2011-12-24 20:44 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-11 13:19 - 2015-09-20 20:16 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\ViberPC
2016-09-08 06:13 - 2012-02-29 19:24 - 00000000 ____D C:\ProgramData\Skype
2016-09-08 06:02 - 2011-02-19 07:36 - 00684126 _____ C:\Windows\system32\perfh005.dat
2016-09-08 06:02 - 2011-02-19 07:36 - 00147216 _____ C:\Windows\system32\perfc005.dat
2016-09-08 06:02 - 2009-07-14 07:13 - 01623974 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-08 06:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-08 06:00 - 2012-02-29 19:25 - 00000000 ____D C:\Users\Reichlovi\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2012-07-13 11:50 - 2012-07-13 11:50 - 4024320 _____ () C:\Program Files (x86)\GUT70AD.tmp
2012-01-03 21:15 - 2012-01-03 21:15 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-02-15 20:47 - 2015-11-17 12:28 - 0000132 _____ () C:\Users\Reichlovi\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileIn.cns
2012-07-20 20:02 - 2012-08-25 23:56 - 0000000 _____ () C:\Users\Reichlovi\AppData\Roaming\FileOut.cns
2014-10-07 21:27 - 2014-10-07 21:27 - 0000048 _____ () C:\Users\Reichlovi\AppData\Roaming\guid.ini
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guides
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitar
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Guitars
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\Users\Reichlovi\AppData\Roaming\Hybrid Chords
2014-02-13 11:05 - 2014-02-13 11:42 - 0099384 _____ () C:\Users\Reichlovi\AppData\Roaming\inst.exe
2015-06-25 01:13 - 2015-06-25 01:13 - 0000343 _____ () C:\Users\Reichlovi\AppData\Roaming\mplex-log.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0007859 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.cat
2014-02-13 11:05 - 2014-02-13 11:42 - 0001167 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.inf
2014-02-13 11:05 - 2014-02-13 11:42 - 0000055 _____ () C:\Users\Reichlovi\AppData\Roaming\pcouffin.log
2014-02-13 11:05 - 2014-02-13 11:42 - 0082816 _____ (VSO Software) C:\Users\Reichlovi\AppData\Roaming\pcouffin.sys
2012-04-27 22:50 - 2012-04-27 22:53 - 0000272 _____ () C:\Users\Reichlovi\AppData\Local\custom_colors.cfg
2012-09-11 16:29 - 2015-10-18 14:56 - 0009216 _____ () C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-25 21:26 - 2016-06-05 12:24 - 0007596 _____ () C:\Users\Reichlovi\AppData\Local\Resmon.ResmonCfg
2014-07-31 12:34 - 2014-07-31 12:34 - 0000000 _____ () C:\Users\Reichlovi\AppData\Local\{C3AB7AE0-D472-42BB-AFD2-55554DEE0BBC}
2015-06-23 18:40 - 2015-06-23 18:40 - 0004128 _____ () C:\ProgramData\bqeojehc.wbx
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Halftone
2014-06-26 09:07 - 2014-06-26 09:07 - 0000268 ___RH () C:\ProgramData\Help
2014-06-26 09:05 - 2014-06-26 09:05 - 0000268 ___RH () C:\ProgramData\Helper Scripts
2014-06-26 09:02 - 2014-06-26 09:02 - 0000268 ___RH () C:\ProgramData\Image Capture
2014-01-28 23:04 - 2016-07-31 09:05 - 0019873 _____ () C:\ProgramData\LmeUSB.log
2014-01-28 23:04 - 2016-07-31 09:05 - 0019479 _____ () C:\ProgramData\LmeZJSW.log
2014-01-29 16:12 - 2016-07-31 09:05 - 0019428 _____ () C:\ProgramData\LSDmbTH.log
2014-06-26 09:02 - 2014-06-26 09:02 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-06-26 09:07 - 2014-06-26 09:07 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-06-26 09:05 - 2014-06-26 09:17 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-06-26 09:05 - 2014-06-26 09:05 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2011-10-23 06:59 - 2011-10-23 07:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-10-23 06:59 - 2011-10-23 06:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Reichlovi\AppData\Local\Temp\libeay32.dll
C:\Users\Reichlovi\AppData\Local\Temp\msvcr120.dll
C:\Users\Reichlovi\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

Multiple Image Resizer .NET 4 (HKLM-x32\...\Multiple Image Resizer .NET 4) (Version: 4.0.0.3 - Acumen Business Systems Ltd)
Multiple Image Resizer .NET 4 (x32 Version: 4.0.0.3 - Acumen Business Systems Ltd) Hidden

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Reichlovi\Desktop" je 2377 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON S22 Series
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGEE.EXE /FU "C:\Windows\TEMP\E_S3F50.tmp" /EF "HKCU" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GetGoDM
C:\Users\Reichlovi\GetGo Download Manager\GetGo.exe /minimized: [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Photos Backup
"C:\Users\Reichlovi\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Reichlovi\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_4F20997116D7B4318C66A8D21250CAD8
"C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder
"C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Reichlovi\AppData\Local\Viber\Viber.exe" StartMinimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe
"C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxMoniter
"C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk
C:\PROGRA~2\WONDER~1\MOBILE~1\MOBILE~1.EXE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Rudy** » 04 říj 2016 16:16

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: {acb2e8f6-8403-11e1-9c1c-742f68f79091} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Google Update) - C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\REICHL~1\AppData\Local\Temp\ccex.crx <not found>
C:\Program Files (x86)\GUT70AD.tmp
C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\bqeojehc.wbx
C:\Users\Reichlovi\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Reichlovi\Desktop" je 2377 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Reichlovi novou složku a přesuňte do ní všechna data z plochy (kromě zástupců). Na plochu si pak pro snazší přístup dejte zástupce té složky.

djkarer1994 · #9 Příspěvek od **djkarer1994** » 07 říj 2016 10:36

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2016
Ran by Reichlovi (07-10-2016 11:27:11) Run:1
Running from C:\Users\Reichlovi\Desktop
Loaded Profiles: Reichlovi (Available Profiles: Reichlovi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\...\MountPoints2: {acb2e8f6-8403-11e1-9c1c-742f68f79091} - G:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicy: Restriction - Windows Defender <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4126292724-816047313-1187439271-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Skype Toolbars) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Facebook Desktop) - C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
CHR Plugin: (Google Update) - C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (Quick Searcher) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa [2016-05-09]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR Extension: (No Name) - C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka [2016-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\REICHL~1\AppData\Local\Temp\ccex.crx <not found>
C:\Program Files (x86)\GUT70AD.tmp
C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\bqeojehc.wbx
C:\Users\Reichlovi\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKU\S-1-5-21-4126292724-816047313-1187439271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-4126292724-816047313-1187439271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => key removed successfully
"HKU\S-1-5-21-4126292724-816047313-1187439271-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{acb2e8f6-8403-11e1-9c1c-742f68f79091}" => key removed successfully
HKCR\CLSID\{acb2e8f6-8403-11e1-9c1c-742f68f79091} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
HKU\S-1-5-21-4126292724-816047313-1187439271-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4126292724-816047313-1187439271-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}" => key removed successfully
HKCR\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => not found.
C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => not found.
C:\Users\Reichlovi\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => not found.
C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll => not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll => not found.
C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll => not found.
C:\Users\Reichlovi\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => not found.
C:\Users\Reichlovi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => not found.
C:\Users\Reichlovi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => not found.
C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\piaphheklodiededmbmgfcfbcagncgka => moved successfully
C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\acoiihnnfofnpbnofdcgcapbjlcopifa => moved successfully
C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piaphheklodiededmbmgfcfbcagncgka => moved successfully
C:\Users\Reichlovi\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\piaphheklodiededmbmgfcfbcagncgka => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid" => key removed successfully
C:\Program Files (x86)\GUT70AD.tmp => moved successfully
C:\Users\Reichlovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\bqeojehc.wbx => moved successfully

"C:\Users\Reichlovi\AppData\Local\Temp" folder move:

Could not move "C:\Users\Reichlovi\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-10-2016 11:29:00)

C:\Users\Reichlovi\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:29:01 ====

#10 Příspěvek od **Rudy** » 07 říj 2016 17:03

Smazáno. Nastala nějaká změna?

djkarer1994 · #11 Příspěvek od **djkarer1994** » 08 říj 2016 05:46

Zdravím. Bohužel nenastala žádná změna. Počítač extrémně pomalý, plné vytížení. Přikládám screen.

#12 Příspěvek od **Rudy** » 08 říj 2016 16:54

Na zkoušku vypněte aut. aktualizace, příp. přeinstalujte antivir.

VIRY.CZ

Procesor vytížen na 100%

Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%

Re: Procesor vytížen na 100%