problem s adwarom

Zpráva

patrik52 · #1 Příspěvek od **patrik52** » 04 led 2017 18:37

Ahoj, mám problém s adwarom, keď som na internete, vyhadzuje mi samovoľne stránky s reklamami. Tu je log z programu.
Logfile of random's system information tool 1.14 (written by random/random)
Run by Patrik at 2017-01-04 18:33:06
Microsoft Windows 10 Home
System drive C: has 238 GB (33%) free of 715 GB
Total RAM: 3327 MB (34% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:33:27, on 4.1.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17146)
Boot mode: Normal

Running processes:
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
C:\Program Files\GOG Galaxy\GalaxyClient.exe
C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\WerFault.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Patrik\Downloads\RSIT.exe
C:\Program Files\trend micro\Patrik_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avast.com/AV772/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avast.com/AV772/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 34.195.153.94 www.google-analytics.com
O1 - Hosts: 34.195.153.94 google-analytics.com
O1 - Hosts: 34.195.153.94 mc.yandex.ru
O1 - Hosts: 34.195.153.94 top-fwz1.mail.ru
O1 - Hosts: 34.195.153.94 site.yandex.net
O1 - Hosts: 34.195.153.94 pagead2.googlesyndication.com
O1 - Hosts: 34.195.153.94 ad.mail.ru
O1 - Hosts: 34.195.153.94 ads.adfox.ru
O1 - Hosts: 34.195.153.94 ads.pubmatic.com
O1 - Hosts: 34.195.153.94 apis.google.com
O1 - Hosts: 34.195.153.94 autocontext.begun.ru
O1 - Hosts: 34.195.153.94 b.scorecardresearch.com
O1 - Hosts: 34.195.153.94 c.amazon-adsystem.com
O1 - Hosts: 34.195.153.94 cdn.admixer.net
O1 - Hosts: 34.195.153.94 cdn.cxense.com
O1 - Hosts: 34.195.153.94 cdn.livefyre.com
O1 - Hosts: 34.195.153.94 cdn.onthe.io
O1 - Hosts: 34.195.153.94 cdn.optimizely.com
O1 - Hosts: 34.195.153.94 cdn.prom.st
O1 - Hosts: 34.195.153.94 cdn.pushwoosh.com
O1 - Hosts: 34.195.153.94 cdn.tt.omtrdc.net
O1 - Hosts: 34.195.153.94 cdn1.graphiq.com
O1 - Hosts: 34.195.153.94 content.adriver.ru
O1 - Hosts: 34.195.153.94 d134l0cdryxgwa.cloudfront.net
O1 - Hosts: 34.195.153.94 gaua.hit.gemius.pl
O1 - Hosts: 34.195.153.94 gde-default.hit.gemius.pl
O1 - Hosts: 34.195.153.94 img.imgsmail.ru
O1 - Hosts: 34.195.153.94 img7.auto.ria.com
O1 - Hosts: 34.195.153.94 js-agent.newrelic.com
O1 - Hosts: 34.195.153.94 js.revsci.net
O1 - Hosts: 34.195.153.94 kamradamnaradost.ru
O1 - Hosts: 34.195.153.94 kpmediagaua.hit.gemius.pl
O1 - Hosts: 34.195.153.94 level1cdn.com
O1 - Hosts: 34.195.153.94 mc.yandex.ru
O1 - Hosts: 34.195.153.94 mtrx.go.sonobi.com
O1 - Hosts: 34.195.153.94 ninja.onap.io
O1 - Hosts: 34.195.153.94 odb.outbrain.com
O1 - Hosts: 34.195.153.94 optimize-stats.voxmedia.com
O1 - Hosts: 34.195.153.94 p.d.0fmm.com
O1 - Hosts: 34.195.153.94 pagead2.googlesyndication.com
O1 - Hosts: 34.195.153.94 pixel.vihub.ru
O1 - Hosts: 34.195.153.94 psma02.com
O1 - Hosts: 34.195.153.94 px.adhigh.net
O1 - Hosts: 34.195.153.94 rtax.criteo.com
O1 - Hosts: 34.195.153.94 rum-static.pingdom.net
O1 - Hosts: 34.195.153.94 s.ytimg.com
O1 - Hosts: 34.195.153.94 s1.olx.ua
O1 - Hosts: 34.195.153.94 sb.scorecardresearch.com
O1 - Hosts: 34.195.153.94 secure.whisla.com
O1 - Hosts: 34.195.153.94 securepubads.g.doubleclick.net
O1 - Hosts: 34.195.153.94 source.mmi.bemobile.ua
O1 - Hosts: 34.195.153.94 ssl.luxup.ru
O1 - Hosts: 34.195.153.94 ssp.rambler.ru
O1 - Hosts: 34.195.153.94 st.top100.ru
O1 - Hosts: 34.195.153.94 stat.media
O1 - Hosts: 34.195.153.94 static.censor.net.ua
O1 - Hosts: 34.195.153.94 static.criteo.net
O1 - Hosts: 34.195.153.94 static.dynamicyield.com
O1 - Hosts: 34.195.153.94 static.gazeta.ru
O1 - Hosts: 34.195.153.94 stats.g.doubleclick.net
O1 - Hosts: 34.195.153.94 stats.tmtm.ru
O1 - Hosts: 34.195.153.94 t2.korrespondent.net
O1 - Hosts: 34.195.153.94 tag.digitaltarget.ru
O1 - Hosts: 34.195.153.94 tag.marinsm.com
O1 - Hosts: 34.195.153.94 target.smi2.net
O1 - Hosts: 34.195.153.94 top-fwz1.mail.ru
O1 - Hosts: 34.195.153.94 tracker.bigl.ua
O1 - Hosts: 34.195.153.94 ua.hit.gemius.pl
O1 - Hosts: 34.195.153.94 www.google.com
O1 - Hosts: 34.195.153.94 www.googleadservices.com
O1 - Hosts: 34.195.153.94 www.googletagmanager.com
O1 - Hosts: 34.195.153.94 www.googletagservices.com
O1 - Hosts: 34.195.153.94 www.gstatic.com
O1 - Hosts: 34.195.153.94 www.tns-counter.ru
O1 - Hosts: 34.195.153.94 yastatic.net
O1 - Hosts: 34.195.153.94 z.moatads.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files\Origin\OriginWebHelperService.exe
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 14138 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job - C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job - C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Norton Security Scan for Patrik.job - C:\PROGRA~1\NORTON~2\Engine\372~1.5\Nss.exe /scan-quick /scheduled
C:\WINDOWS\tasks\UCBrowserUpdater.job - C:\Program Files\UCBrowser\Application\update_task.exe /update
C:\WINDOWS\tasks\UCBrowserUpdaterCore.job - C:\Program Files\UCBrowser\Application\update_task.exe /task=1
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Automatic troubleshooting - C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\Drickbokerther Center - "C:\Program Files\Sumitainwosupy\zzuse.exe" 07021c74-6723-4d6f-a8af-bcda21c7e09e
C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Patrik) - C:\Program Files\IObit\Driver Booster\4.1.0\DriverBooster.exe /skipuac
C:\WINDOWS\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core - C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA - C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core1d12f8f91b2ed31 - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA1d12f8f91e54b9b - C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Java Update Scheduler - C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\tasks\Norton Security Scan for Patrik - C:\PROGRA~1\NORTON~2\Engine\372~1.5\Nss.exe /scan-quick /scheduled
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Program Manager - C:\Program Files\Common Files\ProgramManager\ProgramManager.exe start
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1483426516 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance - C:\Program Files\TuneUp Utilities 2010\OneClick.exe $(Arg0)
C:\WINDOWS\system32\tasks\UCBrowserSecureUpdater - "C:\Program Files\UCBrowser\Security\uclauncher.exe" --update-config
C:\WINDOWS\system32\tasks\UCBrowserUpdater - C:\Program Files\UCBrowser\Application\update_task.exe /update
C:\WINDOWS\system32\tasks\UCBrowserUpdaterCore - C:\Program Files\UCBrowser\Application\update_task.exe /task=1
C:\WINDOWS\system32\tasks\{018C0DF3-6676-4B2B-A33D-3016078AF366} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/5.1.0.112/en/a ... velpresent
C:\WINDOWS\system32\tasks\{1A76A497-383D-48E9-826D-F43D058016BD} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/4.2.0.166/cs/a ... adedefault
C:\WINDOWS\system32\tasks\{2AE716BB-7A4D-42FA-98A7-C7F60F7289B8} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/6.11.0.102/sk/ ... age=tsMain
C:\WINDOWS\system32\tasks\{62D3D986-2130-4D25-896D-06439C0AE6A9} - C:\Windows\system32\pcalua.exe -a F:\EASetup.exe -d F:\
C:\WINDOWS\system32\tasks\{7AA9A4DF-742F-4728-9BEE-299A2ADF8D0F} - C:\Windows\system32\pcalua.exe -a "D:\Counter Strike 1.6\Counter Strike 1.6 install non Steam\cs16.exe" -d "D:\Counter Strike 1.6\Counter Strike 1.6 install non Steam"
C:\WINDOWS\system32\tasks\{A66C58D3-62D4-4DFC-9A59-04A76BDC5537} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/6.6.0.106/cs/a ... age=tsBing
C:\WINDOWS\system32\tasks\{AE00F677-534E-4484-805E-B9BC1F27C912} - C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\tasks\{AE6684D7-409F-45DE-B467-C9E8B17EFE41} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/5.5.0.113/en/a ... velpresent
C:\WINDOWS\system32\tasks\{B4215818-37A9-41A7-8A58-1A20FCA19521} - "c:\program files\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.2.0.103/da/a ... age=tsMain
C:\WINDOWS\system32\tasks\{B97A40B5-3D0D-4384-900D-927627460BC6} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/6.6.0.106/cs/a ... age=tsBing
C:\WINDOWS\system32\tasks\{C7B0BAF9-0CBD-4B5F-A378-A243034669F6} - "c:\users\patrik\firefox.exe" http://ui.skype.com/ui/0/6.6.0.106/cs/a ... age=tsMain
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-3766570800-902452796-2261291597-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - C:\WINDOWS\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Hadron5:{}
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetry -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000

prefs.js - "browser.startup.homepage" - "https://search.avast.com/AV772/"
prefs.js - "keyword.URL" - "https://search.avast.com/AV772/search/w ... earchTerms}"

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll

C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\searchplugins\
4vc5oxze.xml
avast-search.xml
google-avast.xml

C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\addons.json

C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\extensions.json
DivX Plus Web Player HTML5 <video> - extension - {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Fast search - extension - amcontextmenu@loucypher - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\extensions\amcontextmenu@loucypher
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF

C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\pluginreg.dat
Plugin - Adobe Acrobat - 9.4.0.195 - C:\Programy\Acrobat Reader\Reader\browser\nppdf32.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U51 - 11.51.2.16 - C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.510.16 - 11.51.2.16 - C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll
Plugin - Google Earth Plugin - 7.1.5.1557 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Plugin - DivX VOD Helper Plug-in - 1.1.0.6 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
Plugin - DivX Plus Web Player - 2.2.0.52 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
Plugin - Shockwave Flash - 24.0.0.186 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll
Plugin - Google Update - 1.3.32.7 - C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - Facebook Video Calling Plugin - 3.1.0.521 - C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
Plugin - Google Talk Plugin - 5.41.3.0 - C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
Plugin - Google Talk Plugin Video Renderer - 5.41.3.0 - C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npo1d.dll

=========Google Chrome=========

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm]
"Path"=C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}]
"URL"=https://search.avast.com/AV772/search/w ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?bcutc=sp- ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2015-06-24 12214528]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"COMODO Internet Security"=C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2010-06-01 2039240]
"GrooveMonitor"=C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-01-03 9080768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Google Update"=C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [2016-12-17 601752]
"Steam"=C:\Program Files\Steam\steam.exe [2016-12-20 2876704]
"OneDrive"=C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-12-09 1517280]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-11-15 27230168]
"BingSvc"=C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
"GalaxyClient"=C:\Program Files\GOG Galaxy\GalaxyClient.exe [2016-12-21 3971648]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-12-22 3777728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programy\Acrobat Reader\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5]
C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programy\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2016-11-15 27230168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{A8ABC946-CB66-11E6-AFB3-64006A5CFC23}"=C:\Users\Patrik\AppData\Roaming\Arerbetionthumuph\Positynedersp.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{65122CB0-EA0F-47DF-A953-017170ED12F9}]
"StubPath"="C:\Program Files\UCBrowser\Application\6.0.1121.13\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files\UCBrowser"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.ACDV"=ACDV.dll
"msacm.siren"=sirenacm.dll
"vidc.XVID"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-01-04 12:04:23 ----D---- C:\AdwCleaner
2017-01-03 07:54:58 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-01-03 07:50:22 ----D---- C:\Users\Patrik\AppData\Roaming\AVAST Software
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswvmm.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-01-03 07:41:30 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2017-01-03 07:40:47 ----A---- C:\WINDOWS\ucrtbase.dll
2017-01-03 07:40:47 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-01-03 07:40:22 ----A---- C:\WINDOWS\avastSS.scr
2017-01-03 07:38:55 ----D---- C:\Program Files\AVAST Software
2017-01-03 07:38:30 ----D---- C:\ProgramData\AVAST Software
2017-01-03 06:53:09 ----D---- C:\Program Files\6WEMZ50K62
2017-01-03 06:48:03 ----D---- C:\Program Files\UCBrowser
2017-01-03 06:45:31 ----D---- C:\Program Files\baidu
2017-01-03 06:44:58 ----D---- C:\ProgramData\ProductData
2017-01-03 06:44:53 ----D---- C:\WINDOWS\IObit
2017-01-03 06:44:42 ----D---- C:\ProgramData\IObit
2017-01-03 06:44:39 ----A---- C:\WINDOWS\system32\drivers\HWiNFO32.SYS
2017-01-03 06:43:11 ----D---- C:\Users\Patrik\AppData\Roaming\IObit
2017-01-03 06:42:25 ----HD---- C:\ProgramData\954998v2a958h53
2017-01-03 06:38:20 ----D---- C:\Program Files\Gezetainghajaied Nodifier
2017-01-03 06:36:23 ----D---- C:\Users\Patrik\AppData\Roaming\Arerbetionthumuph
2017-01-03 06:36:17 ----D---- C:\Users\Patrik\AppData\Roaming\Profiles
2017-01-03 06:36:14 ----D---- C:\Program Files\Sumitainwosupy
2017-01-01 19:17:11 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2017-01-01 19:17:02 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2017-01-01 19:16:46 ----D---- C:\Program Files\DAEMON Tools Lite
2016-12-24 12:01:55 ----D---- C:\Program Files\Common Files\Skype
2016-12-23 13:46:43 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2017-01-04 18:33:13 ----D---- C:\Program Files\trend micro
2017-01-04 18:32:47 ----D---- C:\WINDOWS\Prefetch
2017-01-04 17:53:13 ----D---- C:\Program Files\Steam
2017-01-04 17:48:51 ----D---- C:\Users\Patrik\AppData\Roaming\Skype
2017-01-04 17:47:45 ----D---- C:\WINDOWS\system32\sru
2017-01-04 17:47:30 ----D---- C:\WINDOWS\Temp
2017-01-04 17:47:21 ----D---- C:\WINDOWS\System32
2017-01-04 14:00:02 ----D---- C:\WINDOWS\Tasks
2017-01-04 14:00:02 ----D---- C:\WINDOWS\system32\Tasks
2017-01-04 13:49:32 ----D---- C:\WINDOWS\INF
2017-01-04 12:16:00 ----D---- C:\Windows
2017-01-04 12:15:53 ----SHD---- C:\WINDOWS\Installer
2017-01-04 12:15:52 ----D---- C:\Program Files\Common Files
2017-01-04 12:15:51 ----RD---- C:\Program Files
2017-01-04 12:13:52 ----D---- C:\ProgramData\ICQ
2017-01-04 12:13:51 ----HD---- C:\ProgramData
2017-01-04 12:12:15 ----D---- C:\WINDOWS\AppReadiness
2017-01-04 12:12:13 ----HD---- C:\Program Files\WindowsApps
2017-01-04 11:55:22 ----AD---- C:\WINDOWS\system32\drivers
2017-01-03 09:25:07 ----SHD---- C:\Config.Msi
2017-01-03 09:03:32 ----SHD---- C:\System Volume Information
2017-01-03 08:16:53 ----D---- C:\Users\Patrik\AppData\Roaming\Adobe
2017-01-03 07:40:57 ----D---- C:\WINDOWS\system32\config
2017-01-03 07:40:53 ----D---- C:\WINDOWS\WinSxS
2017-01-03 07:25:51 ----D---- C:\WINDOWS\debug
2017-01-03 06:56:39 ----D---- C:\Users\Patrik\AppData\Roaming\uTorrent
2017-01-03 06:43:15 ----SD---- C:\ProgramData\Microsoft
2017-01-01 19:18:12 ----D---- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
2017-01-01 19:17:13 ----D---- C:\WINDOWS\system32\DriverStore
2016-12-31 21:24:48 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-30 21:01:25 ----D---- C:\Program Files\Google
2016-12-24 12:02:03 ----D---- C:\ProgramData\Skype
2016-12-24 12:01:55 ----RD---- C:\Program Files\Skype
2016-12-23 21:55:00 ----D---- C:\Program Files\McAfee Security Scan
2016-12-23 16:21:21 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-12-22 18:40:27 ----D---- C:\Program Files\Common Files\Steam
2016-12-21 00:37:17 ----D---- C:\Program Files\GOG Galaxy
2016-12-15 18:23:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-13 21:02:13 ----D---- C:\WINDOWS\system32\Macromed

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-01-03 60424]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-01-03 224752]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2002-07-17 16877]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-01-03 35096]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-01-03 91232]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-01-03 735488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-01-03 433768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-06-04 224240]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS [2017-01-03 23840]
R1 ucdrv;ucdrv; \??\C:\Program Files\UCBrowser\Security:ucdrv-x86.sys []
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-01-03 92256]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-01-03 118664]
R2 Parvdm;Parvdm; C:\WINDOWS\System32\drivers\parvdm.sys [2015-07-10 9216]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-01-13 10070016]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-01-13 290304]
R3 btkrnl;@oem22.inf,%btkrnl.SVCDESC%;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602]
R3 dtlitescsibus;@oem32.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-01-01 26168]
R3 dtliteusbbus;@oem33.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-01-01 40504]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-08-11 130048]
R3 PAC207;@oem8.inf,%str_Description%;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2010-06-26 10368]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x86.sys [2015-07-10 492032]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S0 amdagp;@machine.inf,%amdagp_svcdesc%;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\drivers\amdagp.sys [2015-07-10 55648]
S0 sisagp;@machine.inf,%sisagp_svcdesc%;SIS AGP Bus Filter; C:\WINDOWS\System32\drivers\sisagp.sys [2015-07-10 54112]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-12 691696]
S1 inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\system32\DRIVERS\inspect.sys [2010-06-01 75944]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-01-03 34008]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2015-07-10 19456]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 KMWDFILTERx86;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 25088]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2015-07-10 80384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-01-13 217088]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-01-03 197128]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-01 1778480]
R2 ezGOSvc;Easybits GO Services for Windows; C:\Windows\system32\svchost.exe -k netsvcs;"ServiceDll"=C:\Windows\system32\ezGOSvc.dll
R2 Gufetnegury;Gufetnegury; %SystemRoot%\system32\svchost.exe -k Gufetnegury;"ServiceDll"=C:\Program Files\Sumitainwosupy\HggEng.dll
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-08-11 24576]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2016-10-16 2209296]
R2 RosettaStoneDaemon;RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-06 3291008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-12-22 1142464]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc_Session27;Hostitel synchronizace_Session27; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-06-26 72704]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-11-13 1045256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files\GOG Galaxy\GalaxyClientService.exe [2016-12-21 284224]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2016-11-12 6625856]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [2016-12-14 272136]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-23 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2016-10-16 2142728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 PimIndexMaintenanceSvc_Session27;Data kontaktů_Session27; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-10 435016]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-07-10 45240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 04 led 2017 19:08

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

patrik52 · #3 Příspěvek od **patrik52** » 04 led 2017 19:43

# AdwCleaner v6.041 - Log vytvořen 04/01/2017 v 19:37:03
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2017-01-03.1 [Místní]
# Operační systém : Windows 10 Home (X86)
# Uživatelské jméno : Patrik - PATRIK-PC
# Spuštěno z : C:\Users\Patrik\Downloads\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

[-] Služba smazána: ucdrv

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha smazána: UCBrowserUpdaterCore

***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\UCBrowser
[-] Klíč smazán: HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\UCBrowserPID
[#] Klíč smazán po restartu: HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Software\UCBrowser
[#] Klíč smazán po restartu: HKCU\Software\UCBrowser
[#] Klíč smazán po restartu: HKCU\Software\UCBrowserPID
[-] Klíč smazán: HKLM\SOFTWARE\UCBrowser
[-] Klíč smazán: HKLM\SOFTWARE\UCBrowserPID

***** [ Prohlížeče ] *****

[-] [C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Smazáno: youndoo

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [39857 Bajty] - [04/01/2017 12:17:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1608 Bajty] - [04/01/2017 13:47:15]
C:\AdwCleaner\AdwCleaner[C3].txt - [1653 Bajty] - [04/01/2017 19:37:03]
C:\AdwCleaner\AdwCleaner[S0].txt - [38179 Bajty] - [04/01/2017 12:11:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [1818 Bajty] - [04/01/2017 13:46:04]
C:\AdwCleaner\AdwCleaner[S2].txt - [2099 Bajty] - [04/01/2017 19:36:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1946 Bajty] ##########

#4 Příspěvek od **Rudy** » 04 led 2017 19:58

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

patrik52 · #5 Příspěvek od **patrik52** » 04 led 2017 21:37

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2017
Ran by Patrik (04-01-2017 21:32:54)
Running from C:\Users\Patrik\Desktop
Microsoft Windows 10 Home (X86) (2015-08-11 08:31:25)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3766570800-902452796-2261291597-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3766570800-902452796-2261291597-503 - Limited - Disabled)
Guest (S-1-5-21-3766570800-902452796-2261291597-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3766570800-902452796-2261291597-1002 - Limited - Enabled)
Patrik (S-1-5-21-3766570800-902452796-2261291597-1000 - Administrator - Enabled) => C:\Users\Patrik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: COMODO Defense+ (Disabled - Up to date) {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.0.2 - )
123 DVD Converter (HKLM\...\123 DVD Converter_is1) (Version: - DVDVideoTool.Com)
ACDSee Pro (HKLM\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.1.99 - ACD Systems Ltd.)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader 9.4.0 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III (HKLM\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires Online (HKLM\...\GFWL_{4D530FA3-9B89-4186-98B7-F51000000100}) (Version: 1.0.0000.1 - Microsoft Studios)
Age of Empires Online (Version: 1.0.0000.1 - Microsoft Studios) Hidden
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Ancient Wars - Sparta (HKLM\...\{554532CE-43E2-4B4F-BBDE-27742A32C236}) (Version: 1.00.0000 - PlayLogic)
Anki (HKLM\...\Anki) (Version: - )
Audacity 1.3.12 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform)
COMODO Internet Security (HKLM\...\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}) (Version: 4.1.19277.920 - COMODO Group Inc.)
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Czech Soccer Manager 2002 FE (HKLM\...\Czech Soccer Manager 2002 FE) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)
DiRT2 (HKLM\...\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}) (Version: 1.00.0000 - Codemasters)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
EasyBits GO (HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Game Organizer) (Version: - EasyBits Media)
Europa Universalis IV (HKLM\...\Europa Universalis IV_is1) (Version: - Paradox Interactive)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 3.9 (HKLM\...\FastStone Image Viewer) (Version: 3.9 - FastStone Soft)
FIFA 10 (HKLM\...\{11202615-E557-4ECF-9B86-F59C81E52909}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Fritz 12 (HKLM\...\{4F4182DA-3D58-41E3-913D-480F8DA5C863}) (Version: 12.0.0 - ChessBase)
Fritz 12 (Version: 12.0.0 - ChessBase) Hidden
GOG Galaxy (HKLM\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Spoločnosť Google Inc.)
Google Chrome (HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Google Chrome) (Version: 55.0.2883.87 - Spoločnosť Google Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
GotClip Downloader (HKLM\...\GotClip) (Version: - )
Grand Ages - Medieval (HKLM\...\1442498547_is1) (Version: 2.4.0.7 - GOG.com)
Grand Theft Auto IV (HKLM\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Guitar Pro 6 (HKLM\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
HAM (HKLM\...\HAM) (Version: 7.2.128.269 - Loke Software)
Harry Potter a Fénixův řád™ (HKLM\...\{B69F28DF-CBB1-41B7-008A-210E4D0518FC}) (Version: - )
Harry Potter a Princ Dvojí Krve™ (HKLM\...\{FD1B1980-8CAB-4474-89F8-1245AF657AD1}) (Version: 1.0.0.0 - Electronic Arts)
Hattrick Organizer (remove only) (HKLM\...\Hattrick Organizer) (Version: - )
HP Deskjet 2050 J510 series Nápověda (HKLM\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.55.55 - Hewlett Packard)
iMindMap 8 (HKLM\...\{6EFA887C-24EE-4720-8E5C-EB8A16D84A10}) (Version: 8.0.438 - ThinkBuzan)
Inkscape 0.48.0 (HKLM\...\Inkscape) (Version: 0.48.0 - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
LAME v3.98.3 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - )
Magic 2015 (HKLM\...\Steam App 255420) (Version: - Stainless Games)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.474.2 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 sk) (HKLM\...\Mozilla Firefox 34.0.5 (x86 sk)) (Version: 34.0.5 - Mozilla)
Mozilla Firefox 41.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed™ Carbon (HKLM\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Nero 9 Essentials (HKLM\...\{609d9d4c-5477-47ed-98ff-918e01e9c0fe}) (Version: - Nero AG)
NFS: Most Wanted CZ (HKLM\...\NFS: Most Wanted) (Version: CZ - Sub - Zero)
NHL® 09 (HKLM\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.84.0.0 - )
Norton Security Scan (HKLM\...\NSS) (Version: 3.7.2.5 - Symantec Corporation)
NVIDIA PhysX (HKLM\...\{8AAB4176-A747-493A-A42C-B63CFADFD8E3}) (Version: 9.09.0010 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
Opera 12.00 (HKLM\...\Opera 12.00.1467) (Version: 12.00.1467 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.)
PC Translator (HKLM\...\PC Translator) (Version: - )
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Pro Evolution Soccer 2010 (HKLM\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
Rapture3D 2.3.22 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform)
Rome - Total War(TM) (HKLM\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Activision)
Rome - Total War(TM) (Version: 1.0 - Activision) Hidden
Rosetta Stone Language Training (HKLM\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meiers Civilization VI (HKLM\...\Sid Meiers Civilization VI_is1) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SopCast 3.0.3 (HKLM\...\SopCast) (Version: 3.0.3 - SopCast.com)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 Deluxe (HKLM\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
System Requirements Lab (HKLM\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM\...\{F93ADC68-775D-4894-9EE2-5B4A7D442D84}) (Version: 6.1.5.0 - Husdawg, LLC)
The Battle for Middle-earth (tm) II (HKLM\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Godfather™ The Game (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - )
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
The Lord of the Rings - Conquest™ (HKLM\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts)
TheBrain 7 (HKLM\...\1190-3857-8766-9166) (Version: 7.0.4.5 - TheBrain Technologies)
Total War Attila verze 1.2.1 (HKLM\...\{1CF4A93B-8D5B-45D0-A283-D45B952074DC}_is1) (Version: 1.2.1 - SEGA)
Total War Rome II [v1.9.0.9414 + 6xDLC] - Repack by Danik1B9 (HKLM\...\Total War Rome II [v1.9.0.9414 + 6xDLC] - Repack~27A8CDF1_is1) (Version: 1.0. - Danik1B9)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version: - Creative Assembly)
Train Simulator 2015 (HKLM\...\Train Simulator 2015_is1) (Version: - )
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.2000.10 - TuneUp Software)
TuneUp Utilities (Version: 9.0.2000.10 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (Version: 9.0.2000.10 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateAssistant (Version: 1.3.0.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{3F4EC965-28EF-45C3-B063-04B25D4E9679}) (Version: 4.0.1.3500 - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
XMind 6 (v3.5.1) (HKLM\...\XMind_is1) (Version: 3.5.1.201411201906 - XMind Ltd.)
Xvid 1.1.3 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
YTD Toolbar v26.7 (HKLM\...\{C33B04C9-A298-48C0-9D1A-CE514C1C720E}) (Version: 26.7 - Spigot, Inc.) <==== ATTENTION
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}) (Version: 20.0.771.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Easybits GO\ezGameXN.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3766570800-902452796-2261291597-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04941CF3-4AC9-4AF8-820F-C5AA4BC0D06F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0A94903C-ED15-46E8-9608-F9245502F33F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {0D55B041-4E47-433B-8A07-A895E4FB6ABB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core1d12f8f91b2ed31 => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {0F9B02C2-C50F-4627-BA39-A2F16B5EE94F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {157B25A1-7DBA-4F11-9EBF-D4B5EC958CB4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17C6E9E8-4B44-488E-836A-ED96223C9131} - System32\Tasks\{AE00F677-534E-4484-805E-B9BC1F27C912} => C:\Program Files\Skype\Phone\Skype.exe [2016-11-15] (Skype Technologies S.A.)
Task: {197FC6DB-BCC5-49F1-BDF9-C183E87E5846} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19D40B0A-CBE6-48F2-B573-E38E1F92EE7B} - System32\Tasks\{A66C58D3-62D4-4DFC-9A59-04A76BDC5537} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {1AD1AB46-3C15-4645-A8A0-BF5C845307EB} - System32\Tasks\Norton Security Scan for Patrik => C:\Program Files\Norton Security Scan\Engine\3.7.2.5\Nss.exe [2012-04-03] (Symantec Corporation)
Task: {1E854161-137C-4951-90BB-D0EF73D1AD4C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {1F3CEF0F-EA78-402D-95F0-AC832C941D93} - System32\Tasks\{AE6684D7-409F-45DE-B467-C9E8B17EFE41} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.113/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;systemlevelpresent
Task: {23BFE143-564A-4186-B414-D107F97D5948} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {25507443-8B58-4EB2-9555-EA686A0BC00F} - System32\Tasks\UCBrowserUpdater => C:\Program Files\UCBrowser\Application\update_task.exe [2016-12-27] (UCWeb Inc) <==== ATTENTION
Task: {260BF71C-B2E6-4479-B288-A92E3DF8F347} - System32\Tasks\{C7B0BAF9-0CBD-4B5F-A378-A243034669F6} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsMain
Task: {26ADE692-AC2C-4073-812E-F74DB40D105C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2FD49E98-BDA2-4F43-86AE-0FA5AA8061E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {355FFC5D-9302-47DE-928B-CF1407813F48} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {36371497-E730-4660-BC35-01DC977E53DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {39B01EF7-F0A7-49CE-AFBB-8FF40F88DC9C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B871F3D-1240-448D-BBB7-E5D88FADD476} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CDE6A2A-3DD8-463D-BB21-6EB0BFE900AA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3EFB0F55-AB5E-403E-A4BD-4BB1B26E03EE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3FD790F7-626E-4FDD-9811-5D246A583B81} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {407403E3-0F24-47AD-BDBC-F14451E33B58} - System32\Tasks\{B4215818-37A9-41A7-8A58-1A20FCA19521} => Firefox.exe hxxp://ui.skype.com/ui/0/7.2.0.103/da/abandoninstall?page=tsMain
Task: {41306DF7-40EA-4989-86F4-C6F43EE9168E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-03] (AVAST Software)
Task: {42FB543E-9303-4220-B6AF-FFFC51DB48C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {452A6D7D-343A-4413-A58B-7E0F1C0E63A5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4696CB22-CD04-4663-A7C7-71965E00D378} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AB54E27-A565-4BC4-9149-9CAFC3A40DC1} - System32\Tasks\{62D3D986-2130-4D25-896D-06439C0AE6A9} => pcalua.exe -a F:\EASetup.exe -d F:\
Task: {5143E457-6C3A-4DC5-9726-BC4565DE2335} - System32\Tasks\{1A76A497-383D-48E9-826D-F43D058016BD} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166/cs/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {5D4E9EF9-BD37-4495-B62A-957C686CBDC1} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files\UCBrowser\Security\uclauncher.exe [2017-01-03] (UC Web Inc.) <==== ATTENTION
Task: {64B665A7-0EF1-4C8F-883A-0A3A48DD8971} - System32\Tasks\{2AE716BB-7A4D-42FA-98A7-C7F60F7289B8} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/sk/abandoninstall?page=tsMain
Task: {688EEA41-5A42-4E8F-B43A-DB1584619F97} - System32\Tasks\SafeZone scheduled Autoupdate 1483426516 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {6A5EB93D-1049-47AE-AC19-748876978B81} - System32\Tasks\Automatic troubleshooting => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-29] (TuneUp Software)
Task: {6C72E898-A913-4D2E-AEF5-101C0093DA9C} - System32\Tasks\Drickbokerther Center => C:\Program Files\Sumitainwosupy\zzuse.exe [2017-01-03] (Glarysoft Ltd)
Task: {7B510ACC-8AA8-47E7-875F-D631F56E6B98} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7E2D6B53-D913-4D2B-B21A-27A04C326F17} - System32\Tasks\Driver Booster SkipUAC (Patrik) => C:\Program Files\IObit\Driver Booster\4.1.0\DriverBooster.exe
Task: {7FA54F54-E536-4579-ACA3-1DC22051AA56} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {83DB50AD-4877-44D6-951D-E60B02E42B83} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {933FE42F-7B41-4376-B387-AA7BD34E3957} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {955E81F3-4276-45D9-BD34-5F47B9D7B43D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA1d12f8f91e54b9b => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9F4AFC27-4480-4CC1-AD9D-582093733FCB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A0D75436-432E-4658-8A1D-51BF2F3B7192} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A33C7115-CA3C-45A9-A301-AD6525B1120D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AC33D0BA-4E07-4B37-82BA-C11F39D01BBA} - System32\Tasks\{B97A40B5-3D0D-4384-900D-927627460BC6} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsBing
Task: {AD5D5AEE-65EB-45B7-8CF5-F0111261B9D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {AEA4023E-F856-4AC9-BEDE-862A78BC6550} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF7A97BF-CD40-4A8D-8D68-DEE371F498E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B8F6169A-79E9-4442-8EFE-D3EDC94B5D66} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C119F655-C3EE-40BC-A5B6-4CF1B0395AD9} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {C2992F57-0523-4C9E-9BFA-BF4556DCDEB2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C31458E0-2493-4525-A39A-202CD2C67C4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C3763125-A98F-4477-8DF8-D2BFAF85BC5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CC25A083-1846-4213-B9EC-EF33C32631DE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D37A5FAE-CB54-4F9A-B69B-7E28FD3276DD} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {DAB9EA97-B572-4273-84E2-2C6F254D73E3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2016-09-12] (Microsoft Corporation)
Task: {DB3BDE56-C146-447F-9FAB-5AD93CB297F0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DE396BDB-9692-4941-A9E3-3A1F25522E77} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe [2009-10-29] (TuneUp Software)
Task: {EA346881-27C8-4FBF-9737-6CC366A019A1} - System32\Tasks\Program Manager => C:\Program Files\Common Files\ProgramManager\ProgramManager.exe
Task: {EE1B2CD8-6C76-4610-888E-EA8A367B1813} - System32\Tasks\{7AA9A4DF-742F-4728-9BEE-299A2ADF8D0F} => pcalua.exe -a "D:\Counter Strike 1.6\Counter Strike 1.6 install non Steam\cs16.exe" -d "D:\Counter Strike 1.6\Counter Strike 1.6 install non Steam"
Task: {F0E4629B-91F4-4A5B-A38A-549AF6C664B9} - System32\Tasks\{018C0DF3-6676-4B2B-A33D-3016078AF366} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;systemlevelpresent
Task: {F31D7EF8-31AF-4E29-B9A4-6152E173C5CA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {F4367001-2204-4A41-B303-BCDFA8B93EC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9682F41-EE2A-4856-AEC2-0B897E31314C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FB492F0B-F181-4002-8D1F-17F7BCF9FB25} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FC23A279-0B42-4C3A-91F8-DEEE1D482A09} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF717C51-8C50-4250-A7D4-33DB651503CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job => C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Patrik.job => C:\PROGRA~1\NORTON~2\Engine\372~1.5\Nss.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files\UCBrowser\Application\update_task.exe <==== ATTENTION

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Patrik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2015-08-11 09:58 - 2015-08-11 09:58 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2017-01-03 07:40 - 2017-01-03 07:40 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-04 11:56 - 2017-01-04 11:56 - 03069952 _____ () C:\Program Files\AVAST Software\Avast\defs\17010301\algo.dll
2017-01-03 07:40 - 2017-01-03 07:40 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-04 21:26 - 2017-01-04 21:26 - 03132936 _____ () C:\Program Files\AVAST Software\Avast\defs\17010400\algo.dll
2017-01-03 06:38 - 2017-01-03 06:38 - 00278016 ____H () C:\Program Files\Gezetainghajaied Nodifier\local32spl.dll
2015-08-19 21:01 - 2015-08-11 09:53 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2017-01-03 06:36 - 2017-01-03 06:36 - 00179200 _____ () c:\program files\sumitainwosupy\hggeng.dll
2016-10-16 14:21 - 2016-10-16 14:20 - 02493440 _____ () C:\Program Files\Origin\libGLESv2.dll
2016-10-12 20:23 - 2016-09-30 05:24 - 01766496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-12 20:23 - 2016-09-30 05:24 - 01766496 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-09 21:06 - 2016-12-09 21:06 - 01244376 _____ () C:\Users\Patrik\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2010-05-12 22:58 - 2010-02-10 17:10 - 00141824 _____ () C:\Programy\Winrar\rarext.dll
2016-09-22 20:33 - 2016-09-07 05:01 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-22 20:35 - 2016-09-07 04:54 - 04317696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 20:57 - 2015-11-25 04:58 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 20:20 - 2016-09-30 04:10 - 01183232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-22 20:36 - 2016-09-07 04:51 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2017-01-03 07:40 - 2017-01-03 07:40 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-12-30 21:01 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-30 21:01 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-10-20 23:29 - 2016-10-19 16:21 - 53018112 _____ () C:\Program Files\GOG Galaxy\libcef.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00507968 _____ () C:\Program Files\GOG Galaxy\PocoUtil.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 01076800 _____ () C:\Program Files\GOG Galaxy\PocoNet.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 01854528 _____ () C:\Program Files\GOG Galaxy\PocoData.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00393280 _____ () C:\Program Files\GOG Galaxy\PocoDataSQLite.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 01589312 _____ () C:\Program Files\GOG Galaxy\PocoFoundation.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00307776 _____ () C:\Program Files\GOG Galaxy\PocoNetSSL.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00330816 _____ () C:\Program Files\GOG Galaxy\PocoJSON.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00104000 _____ () C:\Program Files\GOG Galaxy\zlib.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00520768 _____ () C:\Program Files\GOG Galaxy\PocoXML.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00272448 _____ () C:\Program Files\GOG Galaxy\PocoZip.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00680000 _____ () C:\Program Files\GOG Galaxy\sqlite.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00425536 _____ () C:\Program Files\GOG Galaxy\pcre.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00157760 _____ () C:\Program Files\GOG Galaxy\PocoCrypto.dll
2016-10-20 23:29 - 2016-12-21 00:37 - 00152128 _____ () C:\Program Files\GOG Galaxy\expat.dll
2016-10-20 23:29 - 2016-10-19 16:21 - 01738752 _____ () C:\Program Files\GOG Galaxy\libglesv2.dll
2016-10-20 23:29 - 2016-10-19 16:21 - 00078848 _____ () C:\Program Files\GOG Galaxy\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x86.sys [19812]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]
AlternateDataStreams: C:\ProgramData\TEMP:1EE00E38 [111]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-01-03 06:50 - 00003722 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 www.google-analytics.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.scorecardresearch.com
34.195.153.94 c.amazon-adsystem.com
34.195.153.94 cdn.admixer.net
34.195.153.94 cdn.cxense.com
34.195.153.94 cdn.livefyre.com
34.195.153.94 cdn.onthe.io
34.195.153.94 cdn.optimizely.com
34.195.153.94 cdn.prom.st
34.195.153.94 cdn.pushwoosh.com

There are 55 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Programy\Acrobat Reader\Reader\Reader_sl.exe"
MSCONFIG\startupreg: avast5 => "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: RGSC => C:\Hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => LPort=808
FirewallRules: [{C87BAE7B-AA22-42C6-A133-A6D9E1573667}] => C:\Program Files\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F8A0D504-0334-47FC-ACE9-FFD453CD35E5}] => C:\Program Files\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{181949D2-03A1-4516-B6B3-F8D5E104327D}] => C:\Program Files\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{953DF639-78BE-4B48-AACB-21D862C7B611}] => C:\Program Files\Steam\steamapps\common\Magic 2015\DotP_D15.exe
FirewallRules: [{66E3062E-42F1-4BEE-827D-62C32463A556}] => C:\Program Files\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{FB70A786-6779-4C80-B6AC-165393E71C9B}] => C:\Program Files\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C7DCDB2A-3597-4B48-9C8C-D0EFB996F052}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{E3230AF7-9E64-4038-939B-7DA8D6F3E446}] => C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{715CCAB2-28D3-4C61-A648-F47E284DA254}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{9CD4CD92-6619-4FEA-9160-66801C412D28}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{9CB84CCF-E65F-48CD-BF92-529B0DD6D2A3}] => C:\Users\Patrik\Desktop\HRY\pes2010.exe
FirewallRules: [{F4BBDBBD-FBFB-4073-A655-0B4C765F57D0}] => C:\Users\Patrik\Desktop\HRY\pes2010.exe
FirewallRules: [{F806EBB6-694D-4548-996A-1A2834139D9C}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E581A25E-A776-43D8-B408-35729BEC6F91}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{33BFF766-F41A-4256-8222-9DB9929EB00C}] => C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{5D5FBDBD-26B3-4A75-AF54-12DE8121A837}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{2600E093-BDB1-4328-B228-3A39D9FE4822}] => C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{43D1F9CB-03EE-4E0D-A08B-39F9F4AC9AD5}] => C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{74F3C65F-9C91-434F-86EC-CD1ACDF74679}] => C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{FBAE1B38-D4C9-4DE8-B971-4DDAEE9040BB}] => C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{14C9568D-B21A-4934-AF2F-77A15872BAFA}] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{BEA206D7-E0B6-4903-81A8-FD59347DC58E}] => C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{73AFC4C4-F162-43F5-B1EA-48326ACC5AC9}] => C:\Windows\System32\msiexec.exe
FirewallRules: [{C6FF5370-FC86-4AE4-B3AC-5302E94D1507}] => C:\Windows\System32\msiexec.exe
FirewallRules: [{8FEE7F8B-06D1-4C13-A69E-DAE32256FB8F}] => C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{5794D9FD-9849-4557-A815-394F8D8ED617}] => C:\Users\Patrik\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{A7C73071-67F5-4BD0-93A0-52B652C33F19}] => C:\Program Files\Opera\opera.exe
FirewallRules: [{E301F430-E84D-4EBE-8DAB-2A1A9A4DE6FB}] => C:\Program Files\Opera\opera.exe
FirewallRules: [{B6B4A837-8ED3-4E56-BC10-C770ECF6038B}] => C:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe
FirewallRules: [{D2998DBF-E89C-4072-96E7-22458791ECDC}] => C:\Program Files\Microsoft Games\Age of Empires Online\Spartan.exe
FirewallRules: [{35D735AB-4966-4080-9C0E-4F23E8F22C66}] => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{9983D82F-BCB8-4038-A524-EBFAC1EE5FFF}] => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{752803ED-1C83-4BF7-A958-A4F9F5C0ECEC}] => LPort=1900
FirewallRules: [{DEA6683A-31EA-4766-9F5E-5961C68742E4}] => LPort=2869
FirewallRules: [{87244EE5-617B-4418-9FCA-C6F9B6BFDEBF}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5EA81270-7AF3-4011-A1BA-75A093EDF4C8}] => C:\Hry\Dirt 2\dirt2_game.exe
FirewallRules: [{583CADA6-7FF2-4759-8008-61C71C18B4A6}] => C:\Hry\Dirt 2\dirt2_game.exe
FirewallRules: [{7E925117-491E-46E6-B53C-EE5310BD735A}] => C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{3584BBBB-3C76-451D-849E-00E36EE1EF8E}] => C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{6411ED7E-F65E-42D7-ADB4-41656E5952B7}] => C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{8B8FFF9A-6325-4CE3-879E-EEA1AAB1A7D0}] => C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{07E348F5-F5F2-4EBF-BEEE-8FE768008BF1}] => svchost.exe
FirewallRules: [{ACEB1AE1-D1AD-4750-A678-36183ACF987C}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6A65FBCF-EB02-4160-98D4-58DFAA900D4C}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{EB73D64A-01C6-4C89-B6B2-8CF2365D83F4}] => C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0145F806-8363-44CD-ADE5-32A6E690CD9A}] => LPort=3724
FirewallRules: [UDP Query User{980FB578-1DEF-4FC9-98E6-C25DFEB1BB93}C:\hry\world of warcraft\launcher.exe] => C:\hry\world of warcraft\launcher.exe
FirewallRules: [TCP Query User{39B58280-C2BC-4389-900F-6F72F9598C00}C:\hry\world of warcraft\launcher.exe] => C:\hry\world of warcraft\launcher.exe
FirewallRules: [{C5489B5E-F686-4BE6-9F50-D64BBEFC8634}] => C:\hry\nhl 09\nhl2009.exe
FirewallRules: [{77E950BF-2F14-4B5B-87DC-196F0A7D930C}] => C:\hry\nhl 09\nhl2009.exe
FirewallRules: [UDP Query User{84425E1E-0190-4773-85A1-86BDA2450771}C:\hry\nhl 09\nhl2009.exe] => C:\hry\nhl 09\nhl2009.exe
FirewallRules: [TCP Query User{5FD9ACF3-E04F-4477-B0D2-4860C88A8875}C:\hry\nhl 09\nhl2009.exe] => C:\hry\nhl 09\nhl2009.exe
FirewallRules: [{FF7A5776-C02C-422F-A2D3-498F5C45AFFF}] => C:\users\patrik\desktop\hry\fifa10.exe
FirewallRules: [{DE54DB54-32D9-4917-A59D-472AF991E8C4}] => C:\users\patrik\desktop\hry\fifa10.exe
FirewallRules: [UDP Query User{50D4B7F3-72AE-43D5-AF76-237F2DA4DB3C}C:\users\patrik\desktop\hry\fifa10.exe] => C:\users\patrik\desktop\hry\fifa10.exe
FirewallRules: [TCP Query User{D836436E-A3FE-47E7-A71C-D90BFD8309DB}C:\users\patrik\desktop\hry\fifa10.exe] => C:\users\patrik\desktop\hry\fifa10.exe
FirewallRules: [{6FA13C22-EB59-481B-B5C4-71E94EF71BBE}] => C:\Program Files\Opera\opera.exe
FirewallRules: [{ACA59B61-6626-4A04-A3E2-A83F857E51CB}] => C:\Program Files\Opera\opera.exe
FirewallRules: [UDP Query User{615ED79F-4701-4CC7-BC3D-2B7A10F5BFB1}C:\hry\rome total war\rometw.exe] => C:\hry\rome total war\rometw.exe
FirewallRules: [TCP Query User{9A41FD2C-EAE8-4CB9-A5AD-944AB44F42B3}C:\hry\rome total war\rometw.exe] => C:\hry\rome total war\rometw.exe
FirewallRules: [{FC0D149D-FD41-47E7-BBE5-B35DCE7C5D1D}] => C:\Programy\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{F3A729A7-7DBC-4E91-8B6C-BE7D10410232}] => C:\Programy\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{FD4D937B-FE79-40D8-A193-96F93B01DDE6}] => C:\Programy\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{51D8682F-0B4E-4ADC-AFF4-5AF9C06554E1}] => C:\Programy\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{6F98DD6E-3BD0-4B02-9F5F-A563E2812068}] => C:\Programy\Microsoft Office\Office12\outlook.exe
FirewallRules: [{C12F123A-325C-41B1-A7A4-6FD6346B7045}] => C:\Programy\Torent\uTorrent.exe
FirewallRules: [{AAFC3BBF-9EB2-491F-B049-E677724B179C}] => C:\Programy\Torent\uTorrent.exe
FirewallRules: [UDP Query User{F776BE02-098C-469F-AA49-011840136993}C:\hry\age of empires iii\age3.exe] => C:\hry\age of empires iii\age3.exe
FirewallRules: [TCP Query User{8FDFB959-8016-4730-AF77-E53D81690A41}C:\hry\age of empires iii\age3.exe] => C:\hry\age of empires iii\age3.exe
FirewallRules: [UDP Query User{E83783B2-A460-4AE2-B171-195D0374804E}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{422EB361-0563-49C9-9920-72CFF3AE48F7}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{8C792174-9324-48A3-AC71-CE5BF47BCE9C}] => C:\Hry\The Battle for Middle-earth 2\game.dat
FirewallRules: [{C41F620E-1EB0-4EC6-83C8-6AC57A667003}] => C:\Hry\The Battle for Middle-earth 2\game.dat
FirewallRules: [{B4252D59-BACA-44B0-BF60-CDC172370D4F}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{A833E80A-A7A0-4281-AE4F-D4B84A1795C7}C:\program files\total war rome ii [v1.9.0.9414 + 6xdlc] - repack by danik1b9\rome2.exe] => C:\program files\total war rome ii [v1.9.0.9414 + 6xdlc] - repack by danik1b9\rome2.exe
FirewallRules: [UDP Query User{04900415-9EAC-43A3-A2EB-058FCDE92E15}C:\program files\total war rome ii [v1.9.0.9414 + 6xdlc] - repack by danik1b9\rome2.exe] => C:\program files\total war rome ii [v1.9.0.9414 + 6xdlc] - repack by danik1b9\rome2.exe
FirewallRules: [TCP Query User{1EAB4598-6A96-485B-B517-2CE8EC29AB4B}C:\program files\total war attila\attila.exe] => C:\program files\total war attila\attila.exe
FirewallRules: [UDP Query User{F7701CE8-FFDC-42B7-B7AB-CC6C06A72E64}C:\program files\total war attila\attila.exe] => C:\program files\total war attila\attila.exe
FirewallRules: [{15B8A6B0-8D59-4E73-9D3A-9A35E6C86C5D}] => C:\Program Files\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{91357098-0B36-4084-B0FB-1389C74AC0E2}] => C:\Program Files\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [TCP Query User{1162963A-CF5D-4C9E-B101-486EE958BA3C}C:\program files\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{EFCCE7E1-2B98-4C80-962A-6F55D690910F}C:\program files\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{E186C619-EA83-4FD7-84DF-6101AF4682B2}] => C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{0BCA93F4-0A7F-45F2-A67C-09542362B4F3}] => C:\Program Files\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{D1127DC2-D228-41EF-94A7-5E62CEF92505}] => C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C243D337-1E6F-4BD6-8058-F18FE0A2156B}] => C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80FAD2C2-69AF-408C-96EE-259F3C46687D}] => C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{B42C9593-1049-484D-B7A1-8CB3BA1ECFD6}] => C:\Program Files\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{E6362E44-54D8-4162-A2A6-372A908FD4DD}] => C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{3C7A8259-5E8F-43F7-81B6-ECC9DD783DFC}] => C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [TCP Query User{E8DE745A-6ADF-4619-AFAF-2D7EA63941C9}C:\program files\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{63495DBD-BA4E-4A28-8F8D-BA6C526B2207}C:\program files\steam\steamapps\common\total war rome ii\rome2.exe] => C:\program files\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{C66FF249-0A73-4DBA-8B48-73EBF58ACD58}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32AE10C8-2A7C-49F1-9A13-7DA52C090B60}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5F5284F4-E31D-4666-B7D9-18663281D418}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{52867621-3233-4CF8-95B7-3097F47DAA6D}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{FB614A8D-FC3C-4E41-B2EF-CCD7F4EFDCD5}] => C:\Program Files\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{21D3450E-2910-4506-B853-7AAF0D099245}] => C:\Users\Patrik\AppData\Local\Temp\inst_buychannel_06.exe
FirewallRules: [{C3F0C17A-8447-430D-8D55-A94CE9220DA9}] => C:\Users\Patrik\AppData\Local\Temp\inst_buychannel_06.exe
FirewallRules: [{F960B3EC-F5BB-4077-B454-5CF014C1878F}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{B16D6D73-7A0A-44C3-B9BB-4CE943D258C6}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{03902516-3059-4176-A497-E10DAAB7B2FE}] => C:\Program Files\Maoha\MaohaAP\MaohaWifiSvr.exe

==================== Restore Points =========================

03-01-2017 09:02:09 Removed Traffic Exchange

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2017 07:53:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Patrik-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/04/2017 07:31:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Patrik-PC)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/04/2017 07:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rome2.exe, verze: 2.2.0.0, časové razítko: 0x55f84447
Název chybujícího modulu: Rome2.dll, verze: 2.2.0.0, časové razítko: 0x55f8446a
Kód výjimky: 0xc0000409
Posun chyby: 0x00d20519
ID chybujícího procesu: 0x1e80
Čas spuštění chybující aplikace: 0x01d266b3e1c45f11
Cesta k chybující aplikaci: C:\Program Files\Steam\steamapps\common\Total War Rome II\rome2.exe
Cesta k chybujícímu modulu: C:\Program Files\Steam\steamapps\common\Total War Rome II\Rome2.dll
ID zprávy: b4f45757-c7d8-40e2-bff4-64bc6fc13ec5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2017 06:56:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rome2.exe, verze: 2.2.0.0, časové razítko: 0x55f84447
Název chybujícího modulu: Rome2.dll, verze: 2.2.0.0, časové razítko: 0x55f8446a
Kód výjimky: 0xc0000409
Posun chyby: 0x00d2053b
ID chybujícího procesu: 0x1914
Čas spuštění chybující aplikace: 0x01d266b323bf352b
Cesta k chybující aplikaci: C:\Program Files\Steam\steamapps\common\Total War Rome II\rome2.exe
Cesta k chybujícímu modulu: C:\Program Files\Steam\steamapps\common\Total War Rome II\Rome2.dll
ID zprávy: dd590607-1aeb-4f08-a8bd-403021977fd2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2017 06:25:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rome2.exe, verze: 2.2.0.0, časové razítko: 0x55f84447
Název chybujícího modulu: Rome2.dll, verze: 2.2.0.0, časové razítko: 0x55f8446a
Kód výjimky: 0xc0000409
Posun chyby: 0x00d20519
ID chybujícího procesu: 0x1398
Čas spuštění chybující aplikace: 0x01d266aaa2adf0cc
Cesta k chybující aplikaci: C:\Program Files\Steam\steamapps\common\Total War Rome II\rome2.exe
Cesta k chybujícímu modulu: C:\Program Files\Steam\steamapps\common\Total War Rome II\Rome2.dll
ID zprávy: 2d3f7507-13a8-41ca-a066-85c3de02bae7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2017 05:49:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Patrik-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/04/2017 05:49:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 1.0.1611.18000 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 18cc

Čas spuštění: 01d266aa381bd6d8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: bd626838-d29d-11e6-9413-4061867cc46d

Úplný název balíčku s chybou: Microsoft.Windows.Photos_16.1118.10000.0_x86__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (01/04/2017 02:05:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Patrik-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/04/2017 12:22:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe_954998v2a958h53.dll, verze: 10.0.10240.16384, časové razítko: 0x559f3c5a
Název chybujícího modulu: 954998v2a958h53.dll, verze: 0.0.0.0, časové razítko: 0x585e98a8
Kód výjimky: 0x40000015
Posun chyby: 0x001f591d
ID chybujícího procesu: 0x728
Čas spuštění chybující aplikace: 0x01d2667ca9d3aa2b
Cesta k chybující aplikaci: C:\WINDOWS\system32\rundll32.exe
Cesta k chybujícímu modulu: C:\ProgramData\954998v2a958h53\954998v2a958h53.dll
ID zprávy: ba358188-8638-41db-8d40-a8374667b527
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/04/2017 12:13:20 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Procedura Collect pro službu C:\Windows\System32\winspool.drv v knihovně DLL Spooler generovala výjimku nebo vrátila neplatný stav. Výkonnostní data vrácená knihovnou DLL čítačů nebudou vrácena v bloku výkonnostních dat. Kód výjimky nebo stavu obsahují první čtyři bajty (DWORD) v datové části.

System errors:
=============
Error: (01/04/2017 07:53:12 PM) (Source: DCOM) (EventID: 10010) (User: Patrik-PC)
Description: Server CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2017 07:53:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/04/2017 07:38:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (01/04/2017 07:38:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba TuneUp Theme Extension neuspěla při spuštění v důsledku následující chyby:
Spustitelný program, ve kterém má tato služba podle konfigurace běžet, službu neimplementuje.

Error: (01/04/2017 07:37:51 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (01/04/2017 07:37:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (01/04/2017 07:37:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/04/2017 07:36:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/04/2017 07:36:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/04/2017 07:36:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

CodeIntegrity:
===================================
Date: 2017-01-03 09:15:13.909
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe that did not meet the Microsoft signing level requirements.

Date: 2017-01-02 17:06:49.523
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:49.418
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:49.317
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:48.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:48.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:48.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:45.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:45.089
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-02 17:06:44.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 59%
Total physical RAM: 3327.24 MB
Available physical RAM: 1338.59 MB
Total Virtual: 6655.24 MB
Available Virtual: 4347.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698 GB) (Free:224.69 GB) NTFS
Drive d: (Knihy) (CDROM) (Total:4.38 GB) (Free:0 GB) CDFS
Drive g: (Sid Meiers Civilization VI) (CDROM) (Total:4.86 GB) (Free:0 GB) UDF
Drive h: (Sid Meiers Civilization VI) (CDROM) (Total:5.46 GB) (Free:0 GB) UDF
Drive i: (Cossacks 3) (CDROM) (Total:1.28 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 8594B064)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 04 led 2017 22:07

Toto je pouze Addition. Potřebuji ještě log FRST.

patrik52 · #7 Příspěvek od **patrik52** » 05 led 2017 13:01

Nech sa páči, predtým mi to nešlo zobraziť

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017
Ran by Patrik (administrator) on PATRIK-PC (05-01-2017 12:55:08)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik & DefaultAppPool)
Platform: Microsoft Windows 10 Home (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Electronic Arts) C:\Program Files\Origin\OriginWebHelperService.exe
(Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\OneClickStarter.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\OneClickStarter.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Microsoft Corporation) C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
(GOG.com) C:\Program Files\GOG Galaxy\GalaxyClient.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
(GOG.com) C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files\GOG Galaxy\GalaxyClient Helper.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Microsoft Corporation) C:\Windows\System32\SIHClient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Glarysoft Ltd) C:\Program Files\Sumitainwosupy\zzuse.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.62\SZBrowser_autoupdate.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cfp.exe [2039240 2010-06-01] (COMODO)
HKLM\...\Run: [GrooveMonitor] => C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-03] (AVAST Software)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Facebook Update] => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Google Update] => C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [BingSvc] => C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [GalaxyClient] => C:\Program Files\GOG Galaxy\GalaxyClient.exe [3971648 2016-12-21] (GOG.com)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3777728 2016-12-22] (Disc Soft Ltd)
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {5be3e0b8-ce9c-11e6-940a-4061867cc46d} - "G:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c1d8-d16a-11e6-940a-4061867cc46d} - "H:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c271-d16a-11e6-940a-4061867cc46d} - "I:\setup.exe"
HKU\S-1-5-18\...\Run: [] => 0
HKLM\...\Providers\4rtc6mbf: C:\Program Files\Gezetainghajaied Nodifier\local32spl.dll [278016 2017-01-03] ()
AppInit_DLLs: C:\Windows\system32\guard32.dll => C:\Windows\system32\guard32.dll [278288 2010-06-01] (COMODO)
ShellExecuteHooks: No Name - {A8ABC946-CB66-11E6-AFB3-64006A5CFC23} - C:\Users\Patrik\AppData\Roaming\Arerbetionthumuph\Positynedersp.dll -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-01-03] (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-12-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{30ca40bf-276f-48dc-8a34-4f606edbc187}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
SearchScopes: HKLM -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {08AEFAE6-12FD-4299-AE5D-773C8FECF987} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
DPF: {CAFEEFAC-0018-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_51-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 [2017-01-05]
FF NewTab: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> Avast Search
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> Avast Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> Avast Search
FF Homepage: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> hxxps://search.avast.com/AV772/
FF Keyword.URL: Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000 -> hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF SearchPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\searchplugins\4vc5oxze.xml [2017-01-03]
FF SearchPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\searchplugins\avast-search.xml [2017-01-03]
FF SearchPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\31b84lh0.default-1461385000000\searchplugins\google-avast.xml [2017-01-03]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: (DivX Plus Web Player HTML5 &video&) - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-10] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3766570800-902452796-2261291597-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Patrik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3766570800-902452796-2261291597-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3766570800-902452796-2261291597-1000: @talk.google.com/O1DPlugin -> C:\Users\Patrik\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3766570800-902452796-2261291597-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3766570800-902452796-2261291597-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Patrik\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Patrik\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Patrik\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms} ... 45&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-05] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-15]
CHR Extension: (Dokumenty Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-15]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Google Search) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Avast SafePrice) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-04]
CHR Extension: (Tabuľky Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-15]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-19]
CHR Extension: (Avast Online Security) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-13]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-09-15]
CHR Extension: (Fast search) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-03]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-15]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-26] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-03] (AVAST Software)
R2 cmdAgent; C:\Programy\Comodo Firewall\COMODO\COMODO Internet Security\cmdagent.exe [1778480 2010-06-01] (COMODO)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1142464 2016-12-22] (Disc Soft Ltd)
U2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-29] ()
S3 GalaxyClientService; C:\Program Files\GOG Galaxy\GalaxyClientService.exe [284224 2016-12-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-12] (GOG.com)
R2 Gufetnegury; C:\Program Files\Sumitainwosupy\HggEng.dll [179200 2017-01-03] () [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [272136 2016-12-14] (McAfee, Inc.)
S3 Microsoft Office Groove Audit Service; C:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2142728 2016-10-16] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2209296 2016-10-16] (Electronic Arts)
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646608 2012-06-19] (Rosetta Stone Ltd.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-06] (Skype Technologies S.A.)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435016 2010-07-10] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1021256 2009-10-29] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2016-09-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ASPI32; C:\WINDOWS\system32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2017-01-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2017-01-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2017-01-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2017-01-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2017-01-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2017-01-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2017-01-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118664 2017-01-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224752 2017-01-03] (AVAST Software)
R3 btkrnl; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [1342602 2006-05-12] (Broadcom Corporation.) [File not signed]
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [224240 2010-06-04] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [30112 2010-06-01] (COMODO)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2017-01-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2017-01-01] (Disc Soft Ltd)
S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2017-01-03] (REALiX(tm))
S1 inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [75944 2010-06-01] (COMODO)
S3 KMWDFILTERx86; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R3 PAC207; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2010-06-26] (Padus, Inc.) [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2010-05-12] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2009-10-14] (TuneUp Software)
U1 ucdrv; C:\Program Files\UCBrowser\Security:ucdrv-x86.sys [19812 ] (UC Web Inc.) <==== ATTENTION
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-05 12:49 - 2017-01-05 12:49 - 00000000 ____D C:\Program Files\4vc5oxze
2017-01-05 12:46 - 2017-01-05 12:46 - 00016148 _____ C:\WINDOWS\system32\PATRIK-PC_Patrik_HistoryPrediction.bin
2017-01-04 21:32 - 2017-01-05 12:55 - 00026241 _____ C:\Users\Patrik\Desktop\FRST.txt
2017-01-04 21:32 - 2017-01-04 21:34 - 00073068 _____ C:\Users\Patrik\Desktop\Addition.txt
2017-01-04 21:29 - 2017-01-04 21:34 - 00092902 _____ C:\Users\Patrik\Desktop\FRST3.txt
2017-01-04 21:27 - 2017-01-05 12:55 - 00000000 ____D C:\FRST
2017-01-04 21:22 - 2017-01-04 21:26 - 01760256 _____ (Farbar) C:\Users\Patrik\Desktop\FRST.exe
2017-01-04 18:32 - 2017-01-04 18:32 - 01201664 _____ C:\Users\Patrik\Downloads\RSIT.exe
2017-01-04 12:04 - 2017-01-04 19:37 - 00000000 ____D C:\AdwCleaner
2017-01-04 12:02 - 2017-01-04 12:04 - 03977168 _____ C:\Users\Patrik\Downloads\adwcleaner_6.041.exe
2017-01-03 09:11 - 2017-01-03 09:11 - 00000000 ____D C:\Users\Patrik\AppData\Local\AdvinstAnalytics
2017-01-03 07:55 - 2017-01-03 08:54 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-03 07:55 - 2017-01-03 07:55 - 00001197 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-01-03 07:54 - 2017-01-03 07:54 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-03 07:50 - 2017-01-03 07:50 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-03 07:50 - 2017-01-03 07:50 - 00002148 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-01-03 07:50 - 2017-01-03 07:50 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\AVAST Software
2017-01-03 07:41 - 2017-01-03 07:45 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-01-03 07:41 - 2017-01-03 07:44 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-01-03 07:41 - 2017-01-03 07:43 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-01-03 07:41 - 2017-01-03 07:40 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-03 07:41 - 2017-01-03 07:40 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-03 07:41 - 2017-01-03 07:40 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-03 07:41 - 2017-01-03 07:40 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-03 07:41 - 2017-01-03 07:40 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-03 07:40 - 2017-01-03 07:40 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2017-01-03 07:40 - 2017-01-03 07:40 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-03 07:40 - 2017-01-03 07:40 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-03 07:38 - 2017-01-03 07:54 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-03 07:38 - 2017-01-03 07:54 - 00000000 ____D C:\Program Files\AVAST Software
2017-01-03 07:02 - 2017-01-03 07:02 - 06334848 _____ (AVAST Software) C:\Users\Patrik\Downloads\avast_free_antivirus_setup_online.exe
2017-01-03 06:55 - 2017-01-03 06:58 - 00001559 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2017-01-03 06:55 - 2017-01-03 06:58 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2017-01-03 06:53 - 2017-01-03 08:16 - 00000000 ____D C:\Program Files\6WEMZ50K62
2017-01-03 06:52 - 2017-01-04 19:00 - 00000466 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-01-03 06:52 - 2017-01-03 06:52 - 00000000 ____D C:\Users\Patrik\AppData\Local\UCBrowser
2017-01-03 06:49 - 2017-01-03 06:49 - 00000000 _____ C:\TOSTACK
2017-01-03 06:48 - 2017-01-03 08:09 - 00000000 ____D C:\Program Files\UCBrowser
2017-01-03 06:45 - 2017-01-03 09:21 - 00000000 ____D C:\Program Files\baidu
2017-01-03 06:44 - 2017-01-03 08:59 - 00000000 ____D C:\ProgramData\ProductData
2017-01-03 06:44 - 2017-01-03 06:46 - 00000000 ____D C:\Users\Patrik\AppData\LocalLow\IObit
2017-01-03 06:44 - 2017-01-03 06:44 - 00023840 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS
2017-01-03 06:44 - 2017-01-03 06:44 - 00000000 ____D C:\WINDOWS\IObit
2017-01-03 06:44 - 2017-01-03 06:44 - 00000000 ____D C:\ProgramData\IObit
2017-01-03 06:43 - 2017-01-03 07:38 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\IObit
2017-01-03 06:42 - 2017-01-04 13:00 - 00000000 ___HD C:\ProgramData\954998v2a958h53
2017-01-03 06:40 - 2017-01-03 06:40 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-03 06:40 - 2017-01-03 06:40 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-03 06:38 - 2017-01-03 06:38 - 00000000 ____D C:\Program Files\Gezetainghajaied Nodifier
2017-01-03 06:36 - 2017-01-05 12:51 - 00000000 ____D C:\Program Files\Sumitainwosupy
2017-01-03 06:36 - 2017-01-03 09:25 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\Arerbetionthumuph
2017-01-03 06:36 - 2017-01-03 09:16 - 00000000 ____D C:\Users\Patrik\AppData\Local\Csotain
2017-01-03 06:20 - 2017-01-03 06:26 - 00000000 ____D C:\Users\Patrik\Downloads\Cossacks 3-CODEX
2017-01-03 06:16 - 2017-01-03 06:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sid Meiers Civilization VI
2017-01-03 05:27 - 2017-01-03 05:33 - 00000000 ____D C:\Users\Patrik\Downloads\Sid.Meiers.Civilization.VI-CODEX
2017-01-02 16:58 - 2017-01-02 16:58 - 00000000 ____D C:\Users\Patrik\Downloads\Kbang---Bang-online
2017-01-02 16:55 - 2017-01-02 16:57 - 28481946 _____ C:\Users\Patrik\Downloads\Kbang---Bang-online.zip
2017-01-01 19:21 - 2017-01-01 19:21 - 00000000 ____D C:\Users\Patrik\AppData\Local\Disc_Soft_Ltd
2017-01-01 19:17 - 2017-01-01 19:17 - 00040504 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-01-01 19:17 - 2017-01-01 19:17 - 00026168 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-01-01 19:17 - 2017-01-01 19:17 - 00001995 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2017-01-01 19:17 - 2017-01-01 19:17 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-01-01 19:17 - 2017-01-01 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-01-01 19:16 - 2017-01-01 19:17 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-01-01 18:52 - 2017-01-01 18:53 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Patrik\Downloads\DTLiteInstaller.exe
2017-01-01 18:13 - 2017-01-03 05:22 - 00000000 ____D C:\Users\Patrik\Downloads\Sid.Meiers.Civilization.VI.Proper-RELOADED
2016-12-30 21:01 - 2016-12-30 21:01 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-30 21:01 - 2016-12-30 21:01 - 00002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-30 21:00 - 2016-12-30 21:00 - 01065376 _____ (Google Inc.) C:\Users\Patrik\Downloads\ChromeSetup (3).exe
2016-12-27 13:30 - 2016-12-27 13:30 - 00098243 _____ C:\Users\Patrik\Downloads\c4074129783869c09a5a26aabc5e88d1.jpg
2016-12-24 12:01 - 2016-12-24 12:01 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-12-23 21:55 - 2016-12-23 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-12-23 16:08 - 2017-01-05 12:51 - 00000000 ____D C:\Users\Patrik\AppData\LocalLow\Mozilla
2016-12-23 13:46 - 2016-12-23 16:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-21 23:41 - 2016-12-21 23:41 - 00000000 ____D C:\Users\Patrik\AppData\Local\Chromium

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-05 12:56 - 2015-06-19 23:30 - 00000000 ____D C:\Program Files\Steam
2017-01-05 12:49 - 2010-05-12 19:12 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\Skype
2017-01-05 12:46 - 2015-07-10 09:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-04 19:38 - 2015-07-16 04:21 - 00000436 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-01-04 19:38 - 2015-07-10 10:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-04 19:37 - 2015-07-10 07:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-01-04 19:36 - 2012-01-03 22:27 - 00000986 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
2017-01-04 19:02 - 2012-07-08 21:27 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-04 19:01 - 2012-01-08 21:33 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
2017-01-04 18:33 - 2010-11-13 08:15 - 00000000 ____D C:\Program Files\trend micro
2017-01-04 13:49 - 2015-07-10 09:27 - 00000000 ____D C:\WINDOWS\INF
2017-01-04 12:13 - 2010-07-01 13:03 - 00000000 ____D C:\ProgramData\ICQ
2017-01-04 12:12 - 2015-07-10 09:28 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-03 09:16 - 2015-08-11 09:09 - 00000000 ____D C:\Users\Patrik
2017-01-03 08:22 - 2015-01-22 19:53 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-03 08:22 - 2012-07-04 08:36 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-03 08:16 - 2010-05-12 18:07 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\Adobe
2017-01-03 07:36 - 2012-01-03 22:26 - 00000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
2017-01-03 07:26 - 2010-05-16 19:08 - 00000000 ____D C:\Users\Patrik\Desktop\Programy
2017-01-03 06:56 - 2010-05-16 13:30 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\uTorrent
2017-01-01 19:18 - 2010-05-12 22:55 - 00000000 ____D C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
2016-12-31 21:46 - 2015-08-11 09:07 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{7f190bc0-26dc-11e5-80f2-e41d2d02cd60}.TMContainer00000000000000000002.regtrans-ms
2016-12-31 21:46 - 2015-08-11 09:07 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{7f190bc0-26dc-11e5-80f2-e41d2d02cd60}.TM.blf
2016-12-31 21:24 - 2015-07-10 09:28 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2016-12-31 09:06 - 2015-09-15 14:58 - 00002320 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-31 09:06 - 2015-09-15 14:58 - 00002290 _____ C:\Users\Patrik\Desktop\Google Chrome.lnk
2016-12-30 21:01 - 2010-11-13 17:00 - 00000000 ____D C:\Program Files\Google
2016-12-30 16:01 - 2012-01-08 21:33 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
2016-12-24 17:44 - 2012-06-10 15:18 - 00000438 ____H C:\WINDOWS\Tasks\Norton Security Scan for Patrik.job
2016-12-24 17:36 - 2015-07-10 09:28 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-24 12:02 - 2010-05-12 19:12 - 00000000 ____D C:\ProgramData\Skype
2016-12-24 12:01 - 2010-05-12 19:12 - 00000000 ___RD C:\Program Files\Skype
2016-12-23 21:55 - 2016-10-31 20:16 - 00002118 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-12-23 21:55 - 2015-11-20 21:51 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-12-23 21:55 - 2015-07-10 09:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2016-12-23 20:54 - 2015-08-11 09:07 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{7f190bc0-26dc-11e5-80f2-e41d2d02cd60}.TMContainer00000000000000000001.regtrans-ms
2016-12-23 16:21 - 2012-07-04 08:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-22 18:40 - 2015-06-19 23:31 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-12-21 23:41 - 2015-06-19 23:36 - 00000000 ____D C:\Users\Patrik\AppData\Local\Steam
2016-12-21 10:47 - 2010-11-13 17:00 - 00000000 ____D C:\Users\Patrik\AppData\Local\Google
2016-12-21 00:37 - 2016-10-20 23:29 - 00000000 ____D C:\Program Files\GOG Galaxy
2016-12-15 18:23 - 2015-08-11 09:07 - 00006764 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 18:23 - 2015-07-10 14:19 - 01049868 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-15 18:23 - 2015-07-10 14:19 - 00259042 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-15 18:23 - 2015-07-10 09:29 - 00888306 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-15 18:23 - 2015-07-10 09:29 - 00238378 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-13 21:02 - 2015-07-10 09:28 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-09 21:07 - 2015-08-11 09:38 - 00002429 _____ C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 21:07 - 2015-08-11 09:38 - 00000000 ___RD C:\Users\Patrik\OneDrive

==================== Files in the root of some directories =======

2011-04-18 19:12 - 2014-07-25 10:35 - 0018432 _____ () C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-11 09:05 - 2015-08-11 09:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-05-12 19:13 - 2010-05-12 19:13 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Files to move or delete:
====================
C:\Users\Patrik\webapp-uninstaller.exe
C:\Users\Patrik\webapprt-stub.exe
C:\Users\Patrik\wow_helper.exe
C:\Users\Patrik\xul.dll

Some files in TEMP:
====================
C:\Users\Patrik\AppData\Local\Temp\BB1A.tmp.exe
C:\Users\Patrik\AppData\Local\Temp\BBW0LFMT3I.exe
C:\Users\Patrik\AppData\Local\Temp\Browser_V6.0.1121.13_r_4648_(Build1612191708).exe
C:\Users\Patrik\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Patrik\AppData\Local\Temp\cubecc.exe
C:\Users\Patrik\AppData\Local\Temp\DAB8.tmp.exe
C:\Users\Patrik\AppData\Local\Temp\DBUpdater.exe
C:\Users\Patrik\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Patrik\AppData\Local\Temp\dxdiag.exe
C:\Users\Patrik\AppData\Local\Temp\frag.exe
C:\Users\Patrik\AppData\Local\Temp\g715D.tmp.exe
C:\Users\Patrik\AppData\Local\Temp\inst_buychannel_06.exe
C:\Users\Patrik\AppData\Local\Temp\libeay32.dll
C:\Users\Patrik\AppData\Local\Temp\ludashisetup.exe
C:\Users\Patrik\AppData\Local\Temp\msvcr120.dll
C:\Users\Patrik\AppData\Local\Temp\sqlite3.dll
C:\Users\Patrik\AppData\Local\Temp\wait.exe
C:\Users\Patrik\AppData\Local\Temp\windows.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-24 17:36

==================== End of FRST.txt ============================

#8 Příspěvek od **Rudy** » 05 led 2017 18:37

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Program Files\McAfee Security Scan
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Facebook Update] => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
C:\Users\Patrik\AppData\Local\Facebook\Update
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [BingSvc] => C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
C:\Users\Patrik\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {5be3e0b8-ce9c-11e6-940a-4061867cc46d} - "G:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c1d8-d16a-11e6-940a-4061867cc46d} - "H:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c271-d16a-11e6-940a-4061867cc46d} - "I:\setup.exe"
HKU\S-1-5-18\...\Run: [] => 0
HKLM\...\Providers\4rtc6mbf: C:\Program Files\Gezetainghajaied Nodifier\local32spl.dll [278016 2017-01-03] ()
C:\Program Files\Gezetainghajaied Nodifier
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {08AEFAE6-12FD-4299-AE5D-773C8FECF987} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms} ... 45&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-05] <==== ATTENTION
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-06] (Skype Technologies S.A.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files\4vc5oxze
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
C:\Program Files\6WEMZ50K62
C:\WINDOWS\Tasks\UCBrowserUpdater.job
C:\Users\Patrik\AppData\Local\UCBrowser
C:\Program Files\UCBrowser
C:\Program Files\baidu
C:\ProgramData\ProductData
C:\ProgramData\954998v2a958h53
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Patrik\webapp-uninstaller.exe
C:\Users\Patrik\webapprt-stub.exe
C:\Users\Patrik\wow_helper.exe
C:\Users\Patrik\xul.dll
C:\Users\Patrik\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

patrik52 · #9 Příspěvek od **patrik52** » 05 led 2017 18:58

Fix result of Farbar Recovery Scan Tool (x86) Version: 01-01-2017
Ran by Patrik (05-01-2017 18:41:00) Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik (Available Profiles: Patrik & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
C:\Program Files\McAfee Security Scan
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [Facebook Update] => C:\Users\Patrik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
C:\Users\Patrik\AppData\Local\Facebook\Update
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\Run: [BingSvc] => C:\Users\Patrik\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
C:\Users\Patrik\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {5be3e0b8-ce9c-11e6-940a-4061867cc46d} - "G:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c1d8-d16a-11e6-940a-4061867cc46d} - "H:\setup.exe"
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\...\MountPoints2: {d4a6c271-d16a-11e6-940a-4061867cc46d} - "I:\setup.exe"
HKU\S-1-5-18\...\Run: [] => 0
HKLM\...\Providers\4rtc6mbf: C:\Program Files\Gezetainghajaied Nodifier\local32spl.dll [278016 2017-01-03] ()
C:\Program Files\Gezetainghajaied Nodifier
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe (McAfee, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {08AEFAE6-12FD-4299-AE5D-773C8FECF987} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3766570800-902452796-2261291597-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms} ... 45&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-05] <==== ATTENTION
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-06] (Skype Technologies S.A.)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files\4vc5oxze
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???.lnk
C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
C:\Program Files\6WEMZ50K62
C:\WINDOWS\Tasks\UCBrowserUpdater.job
C:\Users\Patrik\AppData\Local\UCBrowser
C:\Program Files\UCBrowser
C:\Program Files\baidu
C:\ProgramData\ProductData
C:\ProgramData\954998v2a958h53
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job
C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Patrik\webapp-uninstaller.exe
C:\Users\Patrik\webapprt-stub.exe
C:\Users\Patrik\wow_helper.exe
C:\Users\Patrik\xul.dll
C:\Users\Patrik\AppData\Local\Temp

EmptyTemp:
End
*****************

"C:\Program Files\McAfee Security Scan" folder move:

Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully.
C:\Users\Patrik\AppData\Local\Facebook\Update => moved successfully
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully.
C:\Users\Patrik\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5be3e0b8-ce9c-11e6-940a-4061867cc46d} => key removed successfully.
HKCR\CLSID\{5be3e0b8-ce9c-11e6-940a-4061867cc46d} => key not found.
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4a6c1d8-d16a-11e6-940a-4061867cc46d} => key removed successfully.
HKCR\CLSID\{d4a6c1d8-d16a-11e6-940a-4061867cc46d} => key not found.
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4a6c271-d16a-11e6-940a-4061867cc46d} => key removed successfully.
HKCR\CLSID\{d4a6c271-d16a-11e6-940a-4061867cc46d} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\4rtc6mbf => key removed successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order 4rtc6mbf => removed successfully.
C:\Program Files\Gezetainghajaied Nodifier => moved successfully
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key could not remove, key could be protected
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08AEFAE6-12FD-4299-AE5D-773C8FECF987} => key could not remove, key could be protected
HKCR\CLSID\{08AEFAE6-12FD-4299-AE5D-773C8FECF987} => key not found.
HKU\S-1-5-21-3766570800-902452796-2261291597-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key could not remove, key could be protected
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key removed successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key not found.
C:\Program Files\Skype\Toolbars => moved successfully
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
Chrome DefaultSearchURL => removed successfully.
Chrome DefaultSearchKeyword => removed successfully.
C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
Skype C2C Service => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\Skype C2C Service => key removed successfully.
Skype C2C Service => service removed successfully.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully.
idsvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\wpcsvc => key removed successfully.
wpcsvc => service removed successfully.
C:\Program Files\4vc5oxze => moved successfully
"C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???.lnk" => not found.
"C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???" => not found.
C:\Program Files\6WEMZ50K62 => moved successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully
C:\Users\Patrik\AppData\Local\UCBrowser => moved successfully

"C:\Program Files\UCBrowser" folder move:

Could not move "C:\Program Files\UCBrowser" => Scheduled to move on reboot.

C:\Program Files\baidu => moved successfully
C:\ProgramData\ProductData => moved successfully
C:\ProgramData\954998v2a958h53 => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000UA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3766570800-902452796-2261291597-1000Core.job => moved successfully
C:\Users\Patrik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Patrik\webapp-uninstaller.exe => moved successfully
C:\Users\Patrik\webapprt-stub.exe => moved successfully
C:\Users\Patrik\wow_helper.exe => moved successfully
C:\Users\Patrik\xul.dll => moved successfully

"C:\Users\Patrik\AppData\Local\Temp" folder move:

Could not move "C:\Users\Patrik\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 569579 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17589703 B
Java, Flash, Steam htmlcache => 93680257 B
Windows/system/drivers => 19765841 B
Edge => 8214077987 B
Chrome => 0 B
Firefox => 384584968 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 72372 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 22390631 B
LocalService => 99826 B
NetworkService => 138648860 B
Patrik => 386405524 B
DefaultAppPool => 72372 B

RecycleBin => 76826 B
EmptyTemp: => 8.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-01-2017 18:55:12)

C:\Program Files\McAfee Security Scan => is moved successfully
"C:\Program Files\UCBrowser" => Could not move
C:\Users\Patrik\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:55:23 ====

#10 Příspěvek od **Rudy** » 05 led 2017 19:08

Smazáno. Nastala nějaká změna?

patrik52 · #11 Příspěvek od **patrik52** » 06 led 2017 14:17

Bohužiaľ nie, stále vyhadzuje mi nežiadúce stránky s reklamami.

#12 Příspěvek od **Rudy** » 06 led 2017 18:14

Proveďte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

VIRY.CZ

problem s adwarom

problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom

Re: problem s adwarom