NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Zpráva

TePi · #1 Příspěvek od **TePi** » 04 bře 2017 10:23

Zdravím,

prosím o kontrolu logu a rady s řešením vyskytlých problémů.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-03-2017
Ran by uživatel (administrator) on TEREZKA (04-03-2017 09:55:32)
Running from C:\Users\uživatel\Desktop
Loaded Profiles: uživatel (Available Profiles: uživatel & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IEC) C:\Program Files (x86)\BikaQRss\BikaQ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Kephyr) C:\Program Files\FreeFixer\freefixer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [729088 2004-06-22] (Corel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\uživatel\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\MountPoints2: {7c971688-facc-11e6-8d96-a0b3cc6bae6e} - "I:\SETUP.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKLM\...\Providers\5u3iln5i: C:\Program Files (x86)\Aqering Launcher\local64spl.dll [306176 2017-02-28] ()
ShellExecuteHooks: No Name - {40B28EE4-FCD3-11E6-B8D8-64006A5CFC23} - C:\Program Files (x86)\Reosetherprutaent\Zopuck.dll [145920 2017-02-28] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2013-02-15]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2013-03-09]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5afb70c8-cdb5-40fa-9bbf-740a23511bc6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8a9e1336-47b2-4a9e-9ca2-a29c3d9bbd3d}: [DhcpNameServer] 10.0.0.1 10.0.0.2 10.0.0.3 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-2171009598-501426374-144545434-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKLM -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKLM-x32 -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=G3A0B1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {28793F6D-8A28-4058-B57F-F8DE69FFC5D1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN30423236243086517&UM=1
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-01-09] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-03] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-03] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-01-09] (pdfforge GbR)
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.startpageing123.com/?type=sc&ts=148 ... BBAKLHBBAX

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-28]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1227197.dll [2017-02-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
CHR StartupUrls: Profile 1 -> "hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX"
CHR DefaultSearchURL: Profile 1 -> hxxp://www.startpageing123.com/search/?type=ds ... earchTerms}
CHR DefaultSearchKeyword: Profile 1 -> startpageing123
CHR Plugin: (Shockwave Flash) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11]
CHR Extension: (Dokumenty Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-02]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Vyhledávání Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-11]
CHR Extension: (Tabulky Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-02]
CHR Extension: (AdBlock) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-28]
CHR Extension: (Avast Online Security) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-02]
CHR Extension: (FormApps Chrome Extension) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-28]
CHR Extension: (Citace PRO VUT) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pdhchaeklpanlniilpbkjddfiikjadih [2017-01-02]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-28]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-28]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-04]
CHR Extension: (Dokumenty Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast Passwords) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Avast Online Security) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-05]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.startpageing123.com/?type=sc&ts=148 ... BBAKLHBBAX

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-18] (Just Develop It) [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ssinstall; C:\WINDOWS\SysWoW64\ssins.exe [4696960 2016-12-27] (PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\uživatel\AppData\Roaming\WinSAPSvc\WinSAP.dll [184832 2017-03-03] (TODO: <Company name>) [File not signed]
R2 WinSnare; C:\Users\uživatel\AppData\Roaming\WinSnare\WinSnare.dll [776192 2017-03-03] (InterSect Alliance Pty Ltd) [File not signed]
S2 ed2kidle; "C:\Program Files (x86)\amuleCexx\ed2k.exe" -downloadwhenidle [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-28] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-10-16] (Disc Soft Ltd)
S3 iSafeKrnlBoot; C:\WINDOWS\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2015-03-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\WINDOWS\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-02-15] (Elex do Brasil Participações Ltda)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-04 09:55 - 2017-03-04 09:56 - 00037764 _____ C:\Users\uživatel\Desktop\FRST.txt
2017-03-04 09:55 - 2017-03-04 09:55 - 00000000 ____D C:\FRST
2017-03-04 09:50 - 2017-03-04 09:55 - 02423808 _____ (Farbar) C:\Users\uživatel\Desktop\FRST64.exe
2017-03-04 09:41 - 2017-03-04 09:41 - 02704615 _____ (Kephyr) C:\Users\uživatel\Downloads\freefixersetup.exe
2017-03-04 09:41 - 2017-03-04 09:41 - 00003066 _____ C:\WINDOWS\System32\Tasks\FreeFixer background scan
2017-03-04 09:41 - 2017-03-04 09:41 - 00000330 _____ C:\WINDOWS\Tasks\FreeFixer background scan.job
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Users\uživatel\AppData\Local\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Program Files\FreeFixer
2017-03-04 09:33 - 2017-03-04 09:33 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-03 22:23 - 2017-03-04 09:53 - 00000000 ____D C:\Program Files (x86)\amuleCexx
2017-03-03 22:23 - 2017-03-03 22:23 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
2017-03-03 22:23 - 2017-03-03 22:23 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\aMule
2017-03-03 22:22 - 2017-03-03 22:22 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.2.3)
2017-03-03 22:18 - 2017-03-03 22:18 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-03 17:58 - 2017-03-03 17:58 - 00000000 ____D C:\Users\uživatel\AppData\Local\AVAST Software
2017-03-03 16:03 - 2017-03-03 16:03 - 00000000 ___HD C:\$AV_ASW
2017-03-03 16:03 - 2017-03-03 16:03 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-01 17:02 - 2017-03-04 09:39 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Kyubey
2017-03-01 17:02 - 2017-03-03 22:23 - 00003640 _____ C:\WINDOWS\System32\Tasks\Milimili
2017-03-01 17:02 - 2017-03-03 22:22 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\WinSnare
2017-03-01 17:02 - 2017-03-03 22:22 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\WinSAPSvc
2017-03-01 17:02 - 2017-03-01 17:02 - 00003326 _____ C:\WINDOWS\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-03-01 17:02 - 2017-03-01 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
2017-03-01 17:02 - 2017-03-01 17:02 - 00000000 ____D C:\Program Files (x86)\MIO
2017-03-01 17:02 - 2017-03-01 17:02 - 00000000 ____D C:\Program Files (x86)\BikaQRss
2017-03-01 17:01 - 2017-03-01 17:01 - 00000000 ____D C:\Program Files (x86)\5u3iln5i
2017-02-28 15:10 - 2017-02-28 15:10 - 00004110 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_MS_Campus_2010 (1).txt
2017-02-28 14:03 - 2017-02-28 14:03 - 00002766 _____ C:\Users\uživatel\Desktop\Microsoft Outlook 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002798 _____ C:\Users\uživatel\Desktop\Microsoft Word 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002718 _____ C:\Users\uživatel\Desktop\Microsoft Excel 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002702 _____ C:\Users\uživatel\Desktop\Microsoft PowerPoint 2010.lnk
2017-02-28 13:57 - 2017-02-28 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-02-28 13:57 - 2017-02-28 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-28 13:57 - 2017-02-28 13:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-02-28 13:56 - 2017-02-28 13:56 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-28 13:52 - 2017-02-28 13:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-02-28 13:51 - 2017-02-28 13:57 - 00000000 ____D C:\WINDOWS\SHELLNEW
2017-02-28 13:51 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 __RHD C:\MSOCache
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Users\uživatel\AppData\Local\Disc_Soft_Ltd
2017-02-28 13:19 - 2017-02-28 13:22 - 00000000 ____D C:\Users\uﾞivatel\AppData\Local\Shihese
2017-02-28 13:19 - 2017-02-28 13:19 - 00006170 _____ C:\WINDOWS\System32\Tasks\Aqering Launcher
2017-02-28 13:19 - 2017-02-28 13:19 - 00000000 ____D C:\Users\uﾞivatel
2017-02-28 13:19 - 2017-02-28 13:19 - 00000000 ____D C:\Program Files (x86)\Aqering Launcher
2017-02-28 13:18 - 2017-03-01 17:02 - 00000000 ____D C:\Program Files (x86)\Reosetherprutaent
2017-02-28 13:18 - 2017-02-28 13:50 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\DAEMON Tools Lite
2017-02-28 13:18 - 2017-02-28 13:21 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-02-28 13:18 - 2017-02-28 13:18 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-02-28 13:18 - 2017-02-28 13:18 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-02-28 13:18 - 2017-02-28 13:18 - 00005122 _____ C:\WINDOWS\System32\Tasks\Jehity
2017-02-28 13:18 - 2017-02-28 13:18 - 00000000 ____D C:\Users\uživatel\AppData\Local\Shihese
2017-02-28 13:18 - 2017-02-28 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-02-28 13:17 - 2017-02-28 13:17 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-28 13:16 - 2017-02-28 13:16 - 00692072 _____ (Disc Soft Ltd.) C:\Users\uživatel\DTLiteInstaller.exe
2017-02-28 13:11 - 2017-02-28 13:13 - 00000000 ____D C:\Users\uživatel\Desktop\MAMKA
2017-02-28 13:06 - 2017-02-28 13:11 - 00000000 ____D C:\Users\uživatel\Desktop\různé dokumenty
2017-02-28 13:03 - 2017-02-28 13:12 - 00000000 ____D C:\Users\uživatel\Desktop\různé fotky
2017-02-28 13:03 - 2017-02-28 13:11 - 00000000 ____D C:\Users\uživatel\Desktop\ruční práce
2017-02-28 13:02 - 2017-02-28 13:09 - 00000000 ____D C:\Users\uživatel\Desktop\recepty
2017-02-28 12:55 - 2017-02-28 12:55 - 00004110 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_MS_Campus_2010.txt
2017-02-28 12:54 - 2017-02-28 13:09 - 806311936 _____ C:\Users\uživatel\Downloads\SW_DVD5_Office_Professional_Plus_2010_64Bit_Czech_MLF_X16-52577.ISO
2017-02-28 12:54 - 2017-02-28 12:54 - 00004186 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_Win7 a Office 2010.txt
2017-02-28 12:50 - 2017-02-28 12:56 - 238758432 _____ C:\Users\uživatel\Downloads\setup_av_eps.exe
2017-02-09 19:40 - 2017-03-03 22:19 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-09 19:40 - 2017-03-03 22:16 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-05 09:52 - 2017-02-05 09:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-05 09:52 - 2017-02-05 09:52 - 00000000 ____D C:\Program Files\Common Files\AV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-04 09:31 - 2016-01-30 19:24 - 00002584 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-04 09:30 - 2016-01-30 19:24 - 00002596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-04 09:29 - 2016-10-29 19:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 22:22 - 2016-10-29 20:39 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468519780
2017-03-03 22:22 - 2016-07-14 19:09 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-03 22:21 - 2016-10-29 20:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 22:21 - 2013-02-17 10:01 - 00000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForuživatel.job
2017-03-03 22:20 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 22:18 - 2015-03-19 21:30 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-03 22:17 - 2016-07-11 18:58 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-03 22:17 - 2015-03-19 21:30 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-03 22:16 - 2015-03-29 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-03 22:15 - 2015-03-29 09:18 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-03-03 22:15 - 2015-03-29 09:18 - 00000000 ____D C:\Program Files (x86)\Java
2017-03-03 22:12 - 2016-10-29 20:06 - 00000000 ____D C:\Users\uživatel
2017-03-03 19:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 18:01 - 2013-07-24 19:50 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2017-03-03 18:01 - 2011-10-22 01:33 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2017-03-03 15:56 - 2016-10-29 20:39 - 00003264 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForuživatel
2017-03-02 17:55 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 19:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-01 18:09 - 2013-02-12 20:26 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-28 18:44 - 2016-12-13 21:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 18:44 - 2015-10-11 11:09 - 00002433 _____ C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 18:44 - 2015-10-11 11:09 - 00000000 ___RD C:\Users\uživatel\OneDrive
2017-02-28 15:33 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-28 15:33 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
2017-02-28 14:04 - 2016-10-29 19:58 - 00356512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-28 13:57 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-28 13:55 - 2016-10-29 20:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-28 13:42 - 2015-10-11 11:02 - 00000000 ____D C:\Users\uživatel\AppData\Local\Packages
2017-02-28 13:41 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 13:35 - 2011-10-22 01:30 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-02-28 13:24 - 2013-10-06 07:06 - 00000000 ____D C:\Users\uživatel\Downloads\FILMY A SERIÁLY
2017-02-28 13:00 - 2015-03-19 21:27 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-25 09:30 - 2013-07-23 06:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-25 09:18 - 2013-02-15 14:10 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 21:04 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-18 16:40 - 2013-07-25 18:39 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\uTorrent
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-02-12 20:22 - 2013-02-12 20:25 - 97565024 _____ () C:\Program Files (x86)\avast_free_antivirus_setup.exe
2014-10-16 18:05 - 2014-03-10 14:43 - 1488486400 _____ () C:\Program Files (x86)\Corel-Draw-12-CZ-(plna-verze-CD1,CD2,CD3)-+-key.iso
2014-10-16 18:06 - 2014-10-16 18:07 - 19862734 _____ () C:\Program Files (x86)\DTLite-setup.exe
2015-06-19 17:43 - 2015-06-19 17:43 - 6402936 _____ (EXP Systems LLC) C:\Program Files (x86)\Install_PDFR_v226.exe
2014-10-25 09:31 - 2014-08-15 11:05 - 151255864 _____ (Malvern Instruments Ltd. ) C:\Program Files (x86)\Malvern-Zetasizer-Software-v703-PSS0012-34-EN-JP.exe
2013-02-17 18:14 - 2013-02-17 18:15 - 25321251 _____ () C:\Program Files (x86)\pdfcreator-setup.exe
2013-02-15 09:40 - 2013-02-15 10:02 - 806311936 _____ () C:\Program Files (x86)\SW_DVD5_Office_Professional_Plus_2010_64Bit_Czech_MLF_X16-52577.ISO
2013-07-25 18:38 - 2013-07-25 18:39 - 1158585 _____ (emc) C:\Program Files (x86)\utorrent-setup.exe
2015-03-18 21:02 - 2015-05-23 08:43 - 0000020 _____ () C:\Users\uživatel\AppData\Roaming\appdataFr3.bin

Files to move or delete:
====================
C:\Users\uživatel\dro_setup.exe
C:\Users\uživatel\DTLiteInstaller.exe
C:\Users\uživatel\HPSupportSolutionsFramework-12.0.30.81.exe
C:\Users\uživatel\sp59155.exe
C:\Users\uživatel\uTorrent221.exe

Some files in TEMP:
====================
2017-01-03 22:26 - 2016-12-01 09:31 - 0050720 _____ (HP Inc.) C:\Users\uživatel\AppData\Local\Temp\ACLMInstaller.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-01 06:49

==================== End of FRST.txt ============================

#2 Příspěvek od **altrok** » 04 bře 2017 10:59

Krasny den Vam preju

Jaka nahoda, ze se vetsina malwaru do PC dostala po nainstalovani Officu... cim to asi bude?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan (Skenovani), pote na Clean (Cisteni)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Nainstalujte MBAM 2.2 http://www.bleepingcomputer.com/downloa ... i-malware/
na konci instalace zruste zatrzitko u volby Povolit bezplatnou zkusebni verzi Malwarebytes Anti-Malware Premium
aktualizujte virovou databazi
na zalozce Sken vyberte moznost Sken hrozeb a spustte sken (vezme cca 30 minut)
do pristi odpovedi vlozte log s nalezy - dopredu nic nemazte.

TePi · #3 Příspěvek od **TePi** » 04 bře 2017 12:48

Děkuji za rychlou odpověď. Překvapující to samozřejmě není, jen jsem to nečekala, protože jsem si Office stahovala z firemních stránek.

nový log:
# AdwCleaner v6.044 - Log vytvořen 04/03/2017 v 12:41:05
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-02.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : uživatel - TEREZKA
# Spuštěno z : C:\Users\uživatel\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

[-] Služba smazána: BackupStack
[-] Služba smazána: iSafeKrnlBoot
[-] Služba smazána: iSafeNetFilter
[-] Služba smazána: WinSAPSvc
[-] Služba smazána: ed2kidle
[-] Služba smazána: WinSnare

***** [ Složky ] *****

[-] Složka smazána: C:\Program Files (x86)\WinSnare(4.2.3)
[-] Složka smazána: C:\ProgramData\665a022727675e03
[-] Složka smazána: C:\ProgramData\wwebssave
[-] Složka smazána: C:\ProgramData\{c79dffb1-3fbc-b34f-c79d-dffb13fbfec4}
[-] Složka smazána: C:\Users\uživatel\AppData\Local\AVG SafeGuard toolbar
[-] Složka smazána: C:\Users\uživatel\AppData\Local\Conduit
[-] Složka smazána: C:\Users\uživatel\AppData\Local\FileViewPro
[-] Složka smazána: C:\Users\uživatel\AppData\Local\Mobogenie
[-] Složka smazána: C:\Users\uživatel\AppData\LocalLow\AVG SafeGuard toolbar
[-] Složka smazána: C:\Users\uživatel\AppData\LocalLow\BS_Player
[-] Složka smazána: C:\Users\uživatel\AppData\LocalLow\Conduit
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\newnext.me
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\OpenCandy
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\Solvusoft
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\Systweak
[#] Složka smazána po restartu: C:\Users\uživatel\AppData\Roaming\Systweak\Advanced System Protector
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\WinSAPSvc
[#] Složka smazána po restartu: C:\Users\uživatel\AppData\Roaming\winsapsvc
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\aMule
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\WinSnare
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[-] Složka smazána: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Složka smazána: C:\ProgramData\AdPunisher
[-] Složka smazána: C:\ProgramData\AVG SafeGuard toolbar
[-] Složka smazána: C:\ProgramData\Systweak
[#] Složka smazána po restartu: C:\ProgramData\Systweak\Advanced System Protector
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BikaQ
[-] Složka smazána: C:\Program Files (x86)\Advanced System Protector
[-] Složka smazána: C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Složka smazána: C:\Program Files (x86)\Conduit
[-] Složka smazána: C:\Program Files (x86)\Mobogenie
[-] Složka smazána: C:\Program Files (x86)\MyPC Backup
[-] Složka smazána: C:\Program Files (x86)\StatMaker
[-] Složka smazána: C:\Program Files (x86)\amuleCexx
[-] Složka smazána: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Složka smazána: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Tencent
[#] Složka smazána po restartu: C:\Users\uživatel\AppData\Roaming\WinSnare
[-] Složka smazána: C:\Program Files (x86)\MIO

***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán: C:\WINDOWS\SysNative\roboot64.exe
[-] Soubor smazán: C:\WINDOWS\SysNative\sasnative64.exe
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\iSafeKrnlBoot.sys
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\iSafeNetFilter.sys
[-] Soubor smazán: C:\END
[-] Soubor smazán: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
[-] Soubor smazán: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

[-] Zástupce vyléčen: C:\Users\Public\Desktop\Google Chrome.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\It Girl!.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\mamka - Chrome.lnk
[-] Zástupce vyléčen: C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Tereza - Chrome.lnk

***** [ Naplánované úlohy ] *****

[-] Úloha smazána: Jehity
[-] Úloha smazána: Advanced System Protector_startup
[-] Úloha smazána: FreeFixer background scan
[-] Úloha smazána: RegClean Pro
[-] Úloha smazána: RegClean Pro_DEFAULT
[-] Úloha smazána: RegClean Pro_UPDATES
[-] Úloha smazána: Milimili
[-] Úloha smazána: BikaQ_FetchAndUpgrade_CanBeDel

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\447376a3-6eb7-9f45-29ef-d7569a086986
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r514-n-bc.exe
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Malvern.DTS.ZetaIonicProperties
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Malvern.DTS.ZetaIonicProperties.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicAdditive
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicAdditiveCollection
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicSolventData
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ResultInterfacePackage.IonicSpeciesIt.2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ResultInterfacePackage.IonicSpeciesItem
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Malvern.DTS.ZetaIonicProperties
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Malvern.DTS.ZetaIonicProperties.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicAdditive
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicAdditiveCollection
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Nova_Utilities_Package.IonicSolventData
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\PCSuiteContactsView
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ResultInterfacePackage.IonicSpeciesIt.2
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ResultInterfacePackage.IonicSpeciesItem
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Klíč smazán: HKCU\Software\Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[#] Klíč smazán po restartu: HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Klíč smazán: HKU\.DEFAULT\Software\Elex-tech
[-] Klíč smazán: HKU\.DEFAULT\Software\ecb`nl
[-] Klíč smazán: HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\BackgroundContainerV2
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Softonic
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\WinSnare
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\AppDataLow\Toolbar
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\AppDataLow\Software\BackgroundContainer
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\AppDataLow\Software\BackgroundContainerV2
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\AppDataLow\Software\ConduitSearchScopes
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Elex-tech
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\ecb`nl
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartu: HKCU\Software\BackgroundContainerV2
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Softonic
[#] Klíč smazán po restartu: HKCU\Software\WinSnare
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Klíč smazán: HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Klíč smazán: HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\systweak
[-] Klíč smazán: HKLM\SOFTWARE\ScreenShot
[-] Klíč smazán: HKLM\SOFTWARE\ecb`nl
[-] Klíč smazán: HKLM\SOFTWARE\startpageing123Software
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\BackgroundContainerV2
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Softonic
[#] Klíč smazán po restartu: [x64] HKCU\Software\WinSnare
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainer
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Klíč smazán: [x64] HKLM\SOFTWARE\ecb`nl
[-] Klíč smazán: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[-] Data obnovena: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\SearchScopes\{28793F6D-8A28-4058-B57F-F8DE69FFC5D1}
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč smazán: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{28793F6D-8A28-4058-B57F-F8DE69FFC5D1}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{28793F6D-8A28-4058-B57F-F8DE69FFC5D1}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[-] Data obnovena: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[-] Data obnovena: [x64] HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[-] Hodnota smazána: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Hodnota smazána: HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [BackgroundContainerV2]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Hodnota smazána: HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND [ADVANCED SYSTEM PROTECTOR.BAK]

***** [ Prohlížeče ] *****

[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: complete-system-tuneup.en.softonic.com
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: startpageing123
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1] [startup_urls] Smazáno: hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Smazáno: ogminpmldncgcmokldnmmapddoccmhfl
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1] [homepage] Smazáno: hxxp://www.startpageing123.com/?type=hp&ts=148 ... BBAKLHBBAX
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Smazáno: youndoo
[-] [C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Smazáno: hxxp://www.youndoo.com/?z=9d255dda6d3f606e3268 ... AX&type=hp

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [20075 Bajty] - [04/03/2017 12:41:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [21947 Bajty] - [04/03/2017 12:37:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [20223 Bajty] ##########

#4 Příspěvek od **altrok** » 04 bře 2017 13:16

Pustte tam jeste MBAM a pak se rozhodneme, co s tim dal

TePi · #5 Příspěvek od **TePi** » 04 bře 2017 16:29

Přikládám log mbam jako přílohu.

#6 Příspěvek od **altrok** » 04 bře 2017 21:09

Vsechny nalezy smazte/presunte do karanteny. Dejte pak nove logy FRST.txt a Addition.txt.

TePi · #7 Příspěvek od **TePi** » 05 bře 2017 18:14

Zdravím, provedla jsem, co jste psal. V logu FRST nic nebylo, log addition přikládám:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by uživatel (05-03-2017 18:08:24)
Running from C:\Users\uživatel\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-29 19:43:55)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2171009598-501426374-144545434-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2171009598-501426374-144545434-503 - Limited - Disabled)
Guest (S-1-5-21-2171009598-501426374-144545434-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2171009598-501426374-144545434-1002 - Limited - Enabled)
uživatel (S-1-5-21-2171009598-501426374-144545434-1000 - Administrator - Enabled) => C:\Users\uživatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.)
Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE - Adobe Systems, Inc.)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.7.197 - Adobe Systems, Inc.)
Advanced IP Scanner v1.4 (HKLM-x32\...\Advanced IP Scanner v1.4) (Version: - )
amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== ATTENTION
Apollo 2015.2.0 (HKLM-x32\...\Apollo - Informační Centrum VUT_is1) (Version: - CVIS, VUT v Brně)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ATTENTION
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.64.1073 - AB Team, d.o.o.)
Canon ScanGear Starter (HKLM-x32\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CDBurnerXP (HKLM-x32\...\{5932A5C4-BB44-4CFB-AD66-1B826F4D788B}) (Version: 4.3.8.2474 - Canneverbe Limited)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Digimax Master (HKLM-x32\...\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}) (Version: 1.0.35 - Samsung)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FormApps Plug-in (HKLM-x32\...\{9a1d8d96-8b6f-4b5e-9281-abf022feb360}) (Version: 1.8.1168.48 - Software602 a.s.)
FreeFixer (HKLM-x32\...\FreeFixer1.14) (Version: 1.14 - Kephyr)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{3D5C7E0E-AEC0-40EB-99D3-C40469738040}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{AF240B18-034B-4A82-B3FC-0B879C4BAE2E}) (Version: 4.5.1.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manual CanoScan LiDE 60 (HKLM-x32\...\{23B72D50-1C7E-491C-8086-9E060051D316}) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.62.1 - Nokia)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin85 (x32 Version: 8.50.000 - OriginLab) Hidden
OriginPro 8.5 (HKLM-x32\...\{E0E49070-F2C7-402A-9D36-C9B87CA2E09D}) (Version: 8.5 - OriginLab Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF reDirect (remove only) (HKLM-x32\...\PDF reDirect) (Version: v2.2.6 - EXP Systems LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayDance verze 1.0.979 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.979 - VISO SPORT s.r.o.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.02.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Samsung USB Driver (HKLM-x32\...\{86D6A20D-3910-4441-A3E5-EB6977251C86}) (Version: 1.0 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
StatMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995}) (Version: - Software Publisher) <==== ATTENTION
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinSnare (HKLM-x32\...\{A71B6796-662E-4FBD-BB43-A870F2EF514C}) (Version: 4.2.3 - WinSnare) <==== ATTENTION
Xvid Converter 1.3 (HKLM-x32\...\{6CDAFDDB-5931-4B91-9872-0567D80B1C46}_is1) (Version: - XvidConverter.com)
Zetasizer Software 7.03 (HKLM-x32\...\{03678E32-77F5-4A5E-8103-0A3786FDB962}_is1) (Version: 7.03 - Malvern Instruments Ltd.)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2171009598-501426374-144545434-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2171009598-501426374-144545434-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2171009598-501426374-144545434-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2171009598-501426374-144545434-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2171009598-501426374-144545434-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E4166A-D59D-4ADD-93BC-2A846583C7CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {0278651C-784B-4089-960B-701571E01F9F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {03023D72-6336-4250-8C20-700EF5EC0CE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0B81F835-A546-4ADB-8D74-A9DF2A43861C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {0FB93011-7A80-4B77-BC74-043CAFCCD371} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {21F4BDC5-AF7D-449C-A380-9C6C41285A64} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {271099C3-D1E2-41B0-8185-F43FC32BC325} - System32\Tasks\{5169C346-AF85-4543-A4B1-3D3D2C2DCDDB} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\StepMania\Program\StepMania.exe"
Task: {2A7E4B22-7913-4B4F-87D8-15C4F1BB1F37} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {35CA75F3-5772-440D-9363-6322D3B4D141} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-09-29] ()
Task: {3B240200-4A4C-4E2C-8F94-B249C0E93720} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3C5E34AA-0C92-484A-88BB-615A97FC252C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {407DD4DA-1281-40CB-AB94-F1DC583C7F28} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {41B3C391-51CD-4979-8688-2230CD827CEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {449ED87C-15E0-4253-8267-AF3B78B5A01D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4744EC93-13C3-4F66-B131-BAE5088DB8F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {4C6F3633-44F8-4F0C-8F68-84E1886071C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {52148B22-EFEE-4F93-8DBB-0A01EB6B1234} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\uživatel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {5529F405-0488-466C-8C74-8318C8DAF198} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {5857ADDF-B9F4-4A8E-B503-3EFDB0E7E586} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {595D901D-E0BF-4293-9E76-B9A4A39249FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5A15BE8A-4185-4AEE-8A85-66D4A7248271} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6D0057B5-1D4A-4720-A1DF-D9BB26E0151C} - System32\Tasks\{6AD50F0B-FE75-459C-B7B7-F97A58DCEB77} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {77AB034A-A275-4F39-B5EB-8B6914FDDF49} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {793F6AC8-D466-4870-9A2C-CF64EAF8B509} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7B44572D-6646-45B9-8C4F-299FEDA29345} - System32\Tasks\HPCeeScheduleForuživatel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7E80FC5A-AB52-4E4F-B079-ADA9C64DB7A2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-05] (AVAST Software)
Task: {82AA7364-1052-424A-AD92-E10791C75B3D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {83E45750-97A8-4F0B-A2F0-8D3D2E1BF965} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8AB2DD84-9EB8-4D61-A2EA-197FA0EF155B} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {8B4BD7D5-3113-40ED-8347-6A1FF09C10F5} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-24] (Adobe Systems Incorporated)
Task: {93AEEF83-F165-4E21-9E43-8EF3FDB77566} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {98F0205A-87E9-4C29-A7E5-E2AA717F31B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {99178FFF-150B-48E9-8CE6-06870FDDDCB4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {9A46B13B-11BF-43B9-9AA9-E5969490C032} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-03] (AVAST Software)
Task: {9CFE4CDE-5A3A-4D90-8856-BE3CADCE8520} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-29] (CyberLink)
Task: {A3B5E9A5-D3A5-4E20-B63A-1F45607EEAC0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A56AA62A-9930-47D8-8EE1-231491CF2097} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A5DBC690-4CCC-4BBA-9779-59BFD31F6710} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A66F9F7B-C8F2-41BF-99FF-BCEA8DEF67BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A973545D-7104-4814-A325-62EBA8787D3D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AD334D1D-98F6-41E6-AFF3-A16338552140} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-27] (Adobe Systems Incorporated)
Task: {AEA03F27-7EEE-4648-871F-35B7AA7CA238} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B0731A88-9B38-40AF-B95E-95227B3CD330} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B0893B96-74E0-47A5-975E-CB950B14A3EA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B16C3677-CE9F-4AE1-968C-E57BA4562C99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BE4B2C3F-A86A-4D84-AF6C-E1D7CE1B59DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C9AA629A-E650-41C1-A425-1C521BA20048} - System32\Tasks\SafeZone scheduled Autoupdate 1468519780 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {DCE62ECB-3075-4303-A179-1CF5D5CDCF39} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EA2A08FC-1EF3-4A48-966D-A8D43156EBE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EC1D4A25-9D6A-4D4C-BDD6-F8982F966F47} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {ED727901-6FB1-4BD0-954A-991318DDFDEE} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EDD7481A-8656-4E87-ACEE-405ED1A85567} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FA458169-1AE8-406C-BC6A-7205DBF24D74} - System32\Tasks\Aqering Launcher => C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe
Task: {FAA0DC8D-3789-4195-89DF-385ED0565C61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForuživatel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-18 20:18 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2007-07-01 18:50 - 2007-07-01 18:50 - 00064464 _____ () C:\WINDOWS\System32\PDFreDirectMon64.dll
2017-03-04 14:37 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-04 14:37 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-18 20:18 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-02-02 10:42 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-10-29 20:39 - 2016-10-29 20:39 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-12 19:38 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-12 19:37 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-12 19:37 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-12 19:37 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-12 19:37 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-12 19:37 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 20:21 - 2017-02-22 20:21 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 20:21 - 2017-02-22 20:21 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 20:21 - 2017-02-22 20:21 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 18:33 - 2017-02-06 18:33 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-30 18:40 - 2011-09-30 18:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2017-03-03 22:17 - 2017-03-03 22:17 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-11 18:58 - 2016-07-11 18:58 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-03 22:16 - 2017-03-03 22:16 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-03 22:17 - 2017-03-03 22:17 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2171009598-501426374-144545434-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\uživatel\Documents\wallpaper\vladstudio_black_cat_white_cat_color4_1024x768_signed.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03052017175340240\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "HPOSD"
HKLM\...\StartupApproved\Run32: => "HPQuickWebProxy"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\StartupApproved\Run: => "NokiaSuite.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{EE106667-B670-460C-8C23-8CA2EA8F2168}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{9473C36E-507A-4663-B3DA-37C996D0B058}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C5D4904E-9636-48D4-B1FC-AE636561485F}] => (Allow) LPort=26675
FirewallRules: [{57071AA0-DC20-443B-81DF-266B50F00865}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{6AB7845B-0B9B-45DA-A34E-AA0CB2623EBA}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D1E19D4C-3F0A-4174-8415-234AA0A44C83}] => (Allow) C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3F4C8D0A-CB8D-40BE-ADB0-DF20B944D4D2}] => (Allow) C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{542566CC-C252-4480-B050-DCFA509DBF03}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31395.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31395.exe
FirewallRules: [TCP Query User{3217CA05-ACC7-442B-9040-BC8A8228FE53}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31395.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31395.exe
FirewallRules: [UDP Query User{4553ADA4-317C-442F-9035-ADD433DB2BE9}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31139.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31139.exe
FirewallRules: [TCP Query User{D3A099C6-A9FB-4B58-88BF-9544F52FB726}C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31139.exe] => (Block) C:\users\uživatel\appdata\roaming\utorrent\updates\3.4.1_31139.exe
FirewallRules: [{19F0049F-328B-4A21-ABFA-30FFDE357CB1}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{19742805-A1A5-4BD6-A38A-382A4E31F9B9}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{12A5DD16-DDD8-4543-88EB-8582FB5FE834}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{DB5056E6-A789-4A51-8947-F99BA4C9B4EA}C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30017.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30017.exe
FirewallRules: [TCP Query User{CE573A3C-8A73-4E3D-985C-238C3B463231}C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30017.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30017.exe
FirewallRules: [UDP Query User{0BB5C665-1D02-41DA-BFF8-C6B871D0DF42}C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30003.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30003.exe
FirewallRules: [TCP Query User{2785157A-780F-480C-8233-31D19CB6816C}C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30003.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\updates\3.3.1_30003.exe
FirewallRules: [UDP Query User{86BCEBE6-9FC5-445B-B76F-C497DEDB9DB3}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{A0A8B275-7728-4459-84B0-983CFCB0E680}C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\uživatel\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{ECEEAF68-BC50-472E-91BD-4456333B45A6}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{AB7A0A43-ECFF-41A9-B8DB-F72F7DAF04FB}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{385220EE-DC35-4C72-9DF7-EAD9CAFBFF0F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{736231F9-77C3-4AFC-A562-0BECE8775C4A}] => (Allow) LPort=1900
FirewallRules: [{604784C7-206E-42A9-B035-38EF17B5B641}] => (Allow) LPort=2869
FirewallRules: [{071DD3C4-EFC9-4051-9F22-A28B39C37163}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{89F683C8-DE84-418B-924A-356D2961F7FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0248F138-69AD-4C35-A3B1-CAE7BB1D32CE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe
FirewallRules: [{B2BF1419-0E9E-40B3-A9FD-4D2097E8CA39}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe

==================== Restore Points =========================

04-03-2017 13:15:28 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2017 12:43:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TEREZKA)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 08:34:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TEREZKA)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 08:34:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TEREZKA)
Description: Aplikace Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.

Error: (03/05/2017 08:22:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.415, časové razítko: 0x5881b7a1
Název chybujícího modulu: CleanControllerImpl.dll, verze: 3.1.0.264, časové razítko: 0x589e00c1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000009f83f
ID chybujícího procesu: 0x1e84
Čas spuštění chybující aplikace: 0x01d294ec872347ee
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
ID zprávy: c080a149-561d-4f3c-9e4b-352176313410
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/05/2017 08:15:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TEREZKA)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 07:41:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TEREZKA)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 06:35:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\playdance\program\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\playdance\program\DelZip179.dll na řádku 8.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/04/2017 06:35:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\nokia\nokia pc suite 7\TIS_Windows7PIM.dll se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/04/2017 02:49:21 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\playdance\program\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\playdance\program\DelZip179.dll na řádku 8.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/04/2017 02:49:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\nokia\nokia pc suite 7\TIS_Windows7PIM.dll se nezdařilo.
Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

System errors:
=============
Error: (03/05/2017 05:53:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_2bc52 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (03/05/2017 05:53:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/05/2017 04:38:22 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a117\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2171009598-501426374-144545434-1000-03052017163818106-ntuser.dat

Error: (03/05/2017 04:37:59 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a117\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2171009598-501426374-144545434-1000-03052017163758325-ntuser.dat

Error: (03/05/2017 08:34:47 AM) (Source: DCOM) (EventID: 10010) (User: TEREZKA)
Description: Server WindowsDefaultLockScreen se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/05/2017 08:24:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_29896 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (03/05/2017 08:24:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (03/05/2017 08:22:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/05/2017 08:20:51 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a117\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2171009598-501426374-144545434-1000-03052017082050189-ntuser.dat

Error: (03/05/2017 08:19:31 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a117\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2171009598-501426374-144545434-1000-03052017081929738-ntuser.dat

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 6091.86 MB
Available physical RAM: 4052.11 MB
Total Virtual: 12235.86 MB
Available Virtual: 10243.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:345.88 GB) (Free:149.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:23.65 GB) (Free:6.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Nový svazek) (Fixed) (Total:328.91 GB) (Free:105.53 GB) NTFS
Drive i: (OFFICE14) (CDROM) (Total:0.75 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 19E4BC0C)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=345.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=328.9 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#8 Příspěvek od **altrok** » 05 bře 2017 18:33

Log FRST.txt je pro me take velice dulezity. Vyzkousejte spustit jen samotny FRST64.exe (bez FRSTLauncheru).

TePi · #9 Příspěvek od **TePi** » 05 bře 2017 19:35

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
Ran by uživatel (administrator) on TEREZKA (05-03-2017 19:31:41)
Running from C:\Users\uživatel\Desktop
Loaded Profiles: uživatel & (Available Profiles: uživatel & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [729088 2004-06-22] (Corel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-03] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\MountPoints2: {7c971688-facc-11e6-8d96-a0b3cc6bae6e} - "I:\SETUP.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03052017175340240\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-03] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\uživatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2013-02-15]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\uživatel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5afb70c8-cdb5-40fa-9bbf-740a23511bc6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8a9e1336-47b2-4a9e-9ca2-a29c3d9bbd3d}: [DhcpNameServer] 10.0.0.1 10.0.0.2 10.0.0.3 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {4C0FC07B-4777-4901-9592-88F34131FCD9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=hxxp://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-01-09] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-03-03] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-03] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> hxxp://www.google.com

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-28]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1227197.dll [2017-02-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Plugin: (Shockwave Flash) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-04] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11]
CHR Extension: (Dokumenty Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-02]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11]
CHR Extension: (Vyhledávání Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-11]
CHR Extension: (Tabulky Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-02]
CHR Extension: (AdBlock) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-28]
CHR Extension: (Avast Online Security) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-01-02]
CHR Extension: (FormApps Chrome Extension) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-28]
CHR Extension: (Citace PRO VUT) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pdhchaeklpanlniilpbkjddfiikjadih [2017-01-02]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-28]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-02-28]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-05]
CHR Extension: (Dokumenty Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast Passwords) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-25]
CHR Extension: (Avast Online Security) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-05]
CHR Extension: (Gmail) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR Profile: C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-03] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ssinstall; C:\WINDOWS\SysWoW64\ssins.exe [4696960 2016-12-27] (PS Media s.r.o.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-03] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-28] (Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-10-16] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-05] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-05] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-05] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-05] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-05 18:09 - 2017-03-05 19:31 - 00031737 _____ C:\Users\uživatel\Desktop\FRST.txt
2017-03-05 18:08 - 2017-03-05 18:09 - 00045165 _____ C:\Users\uživatel\Desktop\Addition.txt
2017-03-05 18:06 - 2017-03-05 19:31 - 00000000 ____D C:\Users\uživatel\Desktop\FRST-OlderVersion
2017-03-05 08:26 - 2017-03-05 08:26 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-04 16:48 - 2017-03-04 16:51 - 00000000 ____D C:\Users\uživatel\Documents\Soubory aplikace Outlook
2017-03-04 16:28 - 2017-03-04 16:28 - 00035776 _____ C:\Users\uživatel\Desktop\mbam.rar
2017-03-04 16:25 - 2017-03-04 16:25 - 01095678 _____ C:\Users\uživatel\Desktop\mbam.txt
2017-03-04 14:38 - 2017-03-05 17:54 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-04 14:38 - 2017-03-05 17:53 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 14:38 - 2017-03-05 17:53 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-04 14:38 - 2017-03-05 17:53 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-04 14:38 - 2017-03-05 17:53 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-04 14:37 - 2017-03-04 14:37 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 14:37 - 2017-03-04 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 14:37 - 2017-03-04 14:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 14:37 - 2017-03-04 14:37 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-04 14:37 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-04 14:33 - 2017-03-04 14:34 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075 (1).exe
2017-03-04 13:36 - 2017-03-04 13:36 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-04 12:33 - 2017-03-04 12:49 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075.exe
2017-03-04 12:32 - 2017-03-04 12:41 - 00000000 ____D C:\AdwCleaner
2017-03-04 12:32 - 2017-03-04 12:32 - 04031440 _____ C:\Users\uživatel\Desktop\adwcleaner_6.044.exe
2017-03-04 09:55 - 2017-03-05 19:31 - 00000000 ____D C:\FRST
2017-03-04 09:50 - 2017-03-05 18:06 - 02423808 _____ (Farbar) C:\Users\uživatel\Desktop\FRST64.exe
2017-03-04 09:41 - 2017-03-04 10:00 - 00000000 ____D C:\Users\uživatel\AppData\Local\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 02704615 _____ (Kephyr) C:\Users\uživatel\Downloads\freefixersetup.exe
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\FreeFixer
2017-03-04 09:41 - 2017-03-04 09:41 - 00000000 ____D C:\Program Files\FreeFixer
2017-03-03 22:18 - 2017-03-03 22:18 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-03 17:58 - 2017-03-03 17:58 - 00000000 ____D C:\Users\uživatel\AppData\Local\AVAST Software
2017-03-03 16:03 - 2017-03-03 16:03 - 00000000 ___HD C:\$AV_ASW
2017-03-03 16:03 - 2017-03-03 16:03 - 00000000 ____D C:\Program Files (x86)\MK
2017-03-01 17:02 - 2017-03-04 12:42 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Kyubey
2017-03-01 17:01 - 2017-03-01 17:01 - 00000000 ____D C:\Program Files (x86)\5u3iln5i
2017-02-28 15:10 - 2017-02-28 15:10 - 00004110 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_MS_Campus_2010 (1).txt
2017-02-28 14:03 - 2017-02-28 14:03 - 00002766 _____ C:\Users\uživatel\Desktop\Microsoft Outlook 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002798 _____ C:\Users\uživatel\Desktop\Microsoft Word 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002718 _____ C:\Users\uživatel\Desktop\Microsoft Excel 2010.lnk
2017-02-28 14:02 - 2017-02-28 14:02 - 00002702 _____ C:\Users\uživatel\Desktop\Microsoft PowerPoint 2010.lnk
2017-02-28 13:57 - 2017-02-28 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-02-28 13:57 - 2017-02-28 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-28 13:56 - 2017-02-28 13:56 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2017-02-28 13:55 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-28 13:52 - 2017-02-28 13:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-02-28 13:51 - 2017-02-28 13:57 - 00000000 ____D C:\WINDOWS\SHELLNEW
2017-02-28 13:51 - 2017-02-28 13:55 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 __RHD C:\MSOCache
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-02-28 13:51 - 2017-02-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-02-28 13:22 - 2017-02-28 13:22 - 00000000 ____D C:\Users\uživatel\AppData\Local\Disc_Soft_Ltd
2017-02-28 13:19 - 2017-02-28 13:19 - 00006170 _____ C:\WINDOWS\System32\Tasks\Aqering Launcher
2017-02-28 13:19 - 2017-02-28 13:19 - 00000000 ____D C:\Users\uﾞivatel
2017-02-28 13:18 - 2017-02-28 13:50 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\DAEMON Tools Lite
2017-02-28 13:18 - 2017-02-28 13:21 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-02-28 13:18 - 2017-02-28 13:18 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-02-28 13:18 - 2017-02-28 13:18 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-02-28 13:18 - 2017-02-28 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-02-28 13:17 - 2017-02-28 13:17 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-28 13:16 - 2017-02-28 13:16 - 00692072 _____ (Disc Soft Ltd.) C:\Users\uživatel\DTLiteInstaller.exe
2017-02-28 13:11 - 2017-02-28 13:13 - 00000000 ____D C:\Users\uživatel\Desktop\MAMKA
2017-02-28 13:06 - 2017-02-28 13:11 - 00000000 ____D C:\Users\uživatel\Desktop\různé dokumenty
2017-02-28 13:03 - 2017-02-28 13:12 - 00000000 ____D C:\Users\uživatel\Desktop\různé fotky
2017-02-28 13:03 - 2017-02-28 13:11 - 00000000 ____D C:\Users\uživatel\Desktop\ruční práce
2017-02-28 13:02 - 2017-02-28 13:09 - 00000000 ____D C:\Users\uživatel\Desktop\recepty
2017-02-28 12:55 - 2017-02-28 12:55 - 00004110 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_MS_Campus_2010.txt
2017-02-28 12:54 - 2017-02-28 13:09 - 806311936 _____ C:\Users\uživatel\Downloads\SW_DVD5_Office_Professional_Plus_2010_64Bit_Czech_MLF_X16-52577.ISO
2017-02-28 12:54 - 2017-02-28 12:54 - 00004186 _____ C:\Users\uživatel\Downloads\Aktivacni_klice_Win7 a Office 2010.txt
2017-02-28 12:50 - 2017-02-28 12:56 - 238758432 _____ C:\Users\uživatel\Downloads\setup_av_eps.exe
2017-02-09 19:40 - 2017-03-03 22:19 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-02-09 19:40 - 2017-03-03 22:16 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-02-09 19:40 - 2017-03-03 22:16 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-02-05 09:52 - 2017-02-05 09:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-02-05 09:52 - 2017-02-05 09:52 - 00000000 ____D C:\Program Files\Common Files\AV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-05 19:26 - 2016-10-29 19:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 17:53 - 2016-10-29 20:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-05 17:52 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-05 17:51 - 2016-03-02 20:32 - 00002285 _____ C:\Users\uživatel\Desktop\Sweet Home 3D.lnk
2017-03-05 17:50 - 2013-02-12 19:50 - 00000000 ____D C:\Program Files (x86)\BSPlayer
2017-03-04 19:25 - 2013-10-06 07:06 - 00000000 ____D C:\Users\uživatel\Downloads\FILMY A SERIÁLY
2017-03-04 14:33 - 2016-10-29 20:06 - 00000000 ____D C:\Users\uživatel
2017-03-04 13:30 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
2017-03-04 12:40 - 2016-01-30 19:24 - 00001375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-04 12:40 - 2016-01-30 19:24 - 00001363 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-04 12:40 - 2015-03-19 21:24 - 00000000 ____D C:\WINDOWS\system32\log
2017-03-04 12:40 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-03 22:22 - 2016-10-29 20:39 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468519780
2017-03-03 22:22 - 2016-07-14 19:09 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-03 22:21 - 2013-02-17 10:01 - 00000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForuživatel.job
2017-03-03 22:18 - 2015-03-19 21:30 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-03 22:18 - 2015-03-19 21:30 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-03 22:17 - 2016-07-11 18:58 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-03 22:17 - 2015-03-19 21:30 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-03 22:16 - 2015-03-29 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-03 22:15 - 2015-03-29 09:18 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-03-03 22:15 - 2015-03-29 09:18 - 00000000 ____D C:\Program Files (x86)\Java
2017-03-03 19:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 18:01 - 2013-07-24 19:50 - 00002096 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2017-03-03 18:01 - 2011-10-22 01:33 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2017-03-03 15:56 - 2016-10-29 20:39 - 00003264 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForuživatel
2017-03-02 17:55 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 19:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-01 18:09 - 2013-02-12 20:26 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-28 18:44 - 2016-12-13 21:42 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 18:44 - 2015-10-11 11:09 - 00002433 _____ C:\Users\uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 18:44 - 2015-10-11 11:09 - 00000000 ___RD C:\Users\uživatel\OneDrive
2017-02-28 15:33 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-28 14:04 - 2016-10-29 19:58 - 00356512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-28 13:57 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-28 13:55 - 2016-10-29 20:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-28 13:42 - 2015-10-11 11:02 - 00000000 ____D C:\Users\uživatel\AppData\Local\Packages
2017-02-28 13:41 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-28 13:35 - 2011-10-22 01:30 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-02-28 13:00 - 2015-03-19 21:27 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-25 09:30 - 2013-07-23 06:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-25 09:18 - 2013-02-15 14:10 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 21:04 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-18 16:40 - 2013-07-25 18:39 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\uTorrent
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-02-12 20:22 - 2013-02-12 20:25 - 97565024 _____ () C:\Program Files (x86)\avast_free_antivirus_setup.exe
2014-10-16 18:05 - 2014-03-10 14:43 - 1488486400 _____ () C:\Program Files (x86)\Corel-Draw-12-CZ-(plna-verze-CD1,CD2,CD3)-+-key.iso
2015-06-19 17:43 - 2015-06-19 17:43 - 6402936 _____ (EXP Systems LLC) C:\Program Files (x86)\Install_PDFR_v226.exe
2014-10-25 09:31 - 2014-08-15 11:05 - 151255864 _____ (Malvern Instruments Ltd. ) C:\Program Files (x86)\Malvern-Zetasizer-Software-v703-PSS0012-34-EN-JP.exe
2013-02-17 18:14 - 2013-02-17 18:15 - 25321251 _____ () C:\Program Files (x86)\pdfcreator-setup.exe
2013-02-15 09:40 - 2013-02-15 10:02 - 806311936 _____ () C:\Program Files (x86)\SW_DVD5_Office_Professional_Plus_2010_64Bit_Czech_MLF_X16-52577.ISO
2013-07-25 18:38 - 2013-07-25 18:39 - 1158585 _____ (emc) C:\Program Files (x86)\utorrent-setup.exe
2015-03-18 21:02 - 2015-05-23 08:43 - 0000020 _____ () C:\Users\uživatel\AppData\Roaming\appdataFr3.bin

Files to move or delete:
====================
C:\Users\uživatel\dro_setup.exe
C:\Users\uživatel\DTLiteInstaller.exe
C:\Users\uživatel\HPSupportSolutionsFramework-12.0.30.81.exe
C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075 (1).exe
C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075.exe
C:\Users\uživatel\sp59155.exe
C:\Users\uživatel\uTorrent221.exe

Some files in TEMP:
====================
2017-01-03 22:26 - 2016-12-01 09:31 - 0050720 _____ (HP Inc.) C:\Users\uživatel\AppData\Local\Temp\ACLMInstaller.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-01 06:49

==================== End of FRST.txt ============================

#10 Příspěvek od **altrok** » 05 bře 2017 19:46

Malwarebytes verze 3.0.6.1469 odinstalujte.

Po restartu dejte vedet, jak se PC chova.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {3B240200-4A4C-4E2C-8F94-B249C0E93720} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3C5E34AA-0C92-484A-88BB-615A97FC252C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {407DD4DA-1281-40CB-AB94-F1DC583C7F28} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {449ED87C-15E0-4253-8267-AF3B78B5A01D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4C6F3633-44F8-4F0C-8F68-84E1886071C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6D0057B5-1D4A-4720-A1DF-D9BB26E0151C} - System32\Tasks\{6AD50F0B-FE75-459C-B7B7-F97A58DCEB77} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {793F6AC8-D466-4870-9A2C-CF64EAF8B509} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {82AA7364-1052-424A-AD92-E10791C75B3D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {83E45750-97A8-4F0B-A2F0-8D3D2E1BF965} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AEA03F27-7EEE-4648-871F-35B7AA7CA238} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B0731A88-9B38-40AF-B95E-95227B3CD330} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DCE62ECB-3075-4303-A179-1CF5D5CDCF39} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EC1D4A25-9D6A-4D4C-BDD6-F8982F966F47} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FA458169-1AE8-406C-BC6A-7205DBF24D74} - System32\Tasks\Aqering Launcher => C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe
File: C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe
Folder: C:\Program Files (x86)\Reosetherprutaent 
C:\Program Files (x86)\Reosetherprutaent 
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\MountPoints2: {7c971688-facc-11e6-8d96-a0b3cc6bae6e} - "I:\SETUP.EXE" 
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR Plugin: (Shockwave Flash) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
U3 idsvc; no ImagePath
2017-03-04 14:33 - 2017-03-04 14:34 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075 (1).exe
2017-03-04 12:33 - 2017-03-04 12:49 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075.exe
2017-03-04 12:32 - 2017-03-04 12:41 - 00000000 ____D C:\AdwCleaner
2017-03-04 12:32 - 2017-03-04 12:32 - 04031440 _____ C:\Users\uživatel\Desktop\adwcleaner_6.044.exe
Folder: C:\Users\uživatel\AppData\Roaming\Kyubey
2017-03-01 17:02 - 2017-03-04 12:42 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Kyubey
Folder: C:\Program Files (x86)\5u3iln5i
2017-03-01 17:01 - 2017-03-01 17:01 - 00000000 ____D C:\Program Files (x86)\5u3iln5i
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

TePi · #11 Příspěvek od **TePi** » 05 bře 2017 20:08

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by uživatel (05-03-2017 19:58:58) Run:1
Running from C:\Users\uživatel\Desktop
Loaded Profiles: uživatel (Available Profiles: uživatel & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {3B240200-4A4C-4E2C-8F94-B249C0E93720} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3C5E34AA-0C92-484A-88BB-615A97FC252C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {407DD4DA-1281-40CB-AB94-F1DC583C7F28} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {449ED87C-15E0-4253-8267-AF3B78B5A01D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4C6F3633-44F8-4F0C-8F68-84E1886071C0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6D0057B5-1D4A-4720-A1DF-D9BB26E0151C} - System32\Tasks\{6AD50F0B-FE75-459C-B7B7-F97A58DCEB77} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {793F6AC8-D466-4870-9A2C-CF64EAF8B509} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {82AA7364-1052-424A-AD92-E10791C75B3D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {83E45750-97A8-4F0B-A2F0-8D3D2E1BF965} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AEA03F27-7EEE-4648-871F-35B7AA7CA238} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B0731A88-9B38-40AF-B95E-95227B3CD330} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DCE62ECB-3075-4303-A179-1CF5D5CDCF39} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EC1D4A25-9D6A-4D4C-BDD6-F8982F966F47} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FA458169-1AE8-406C-BC6A-7205DBF24D74} - System32\Tasks\Aqering Launcher => C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe
File: C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe
Folder: C:\Program Files (x86)\Reosetherprutaent
C:\Program Files (x86)\Reosetherprutaent
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [OfficeSyncProcess] => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2171009598-501426374-144545434-1000\...\MountPoints2: {7c971688-facc-11e6-8d96-a0b3cc6bae6e} - "I:\SETUP.EXE"
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKU\S-1-5-21-2171009598-501426374-144545434-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
CHR Plugin: (Shockwave Flash) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
U3 idsvc; no ImagePath
2017-03-04 14:33 - 2017-03-04 14:34 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075 (1).exe
2017-03-04 12:33 - 2017-03-04 12:49 - 57131432 _____ (Malwarebytes ) C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075.exe
2017-03-04 12:32 - 2017-03-04 12:41 - 00000000 ____D C:\AdwCleaner
2017-03-04 12:32 - 2017-03-04 12:32 - 04031440 _____ C:\Users\uživatel\Desktop\adwcleaner_6.044.exe
Folder: C:\Users\uživatel\AppData\Roaming\Kyubey
2017-03-01 17:02 - 2017-03-04 12:42 - 00000000 ____D C:\Users\uživatel\AppData\Roaming\Kyubey
Folder: C:\Program Files (x86)\5u3iln5i
2017-03-01 17:01 - 2017-03-01 17:01 - 00000000 ____D C:\Program Files (x86)\5u3iln5i
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B240200-4A4C-4E2C-8F94-B249C0E93720} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B240200-4A4C-4E2C-8F94-B249C0E93720} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C5E34AA-0C92-484A-88BB-615A97FC252C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C5E34AA-0C92-484A-88BB-615A97FC252C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{407DD4DA-1281-40CB-AB94-F1DC583C7F28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{407DD4DA-1281-40CB-AB94-F1DC583C7F28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{449ED87C-15E0-4253-8267-AF3B78B5A01D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{449ED87C-15E0-4253-8267-AF3B78B5A01D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C6F3633-44F8-4F0C-8F68-84E1886071C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C6F3633-44F8-4F0C-8F68-84E1886071C0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D0057B5-1D4A-4720-A1DF-D9BB26E0151C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D0057B5-1D4A-4720-A1DF-D9BB26E0151C} => key removed successfully
C:\WINDOWS\System32\Tasks\{6AD50F0B-FE75-459C-B7B7-F97A58DCEB77} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6AD50F0B-FE75-459C-B7B7-F97A58DCEB77} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{793F6AC8-D466-4870-9A2C-CF64EAF8B509} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{793F6AC8-D466-4870-9A2C-CF64EAF8B509} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82AA7364-1052-424A-AD92-E10791C75B3D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82AA7364-1052-424A-AD92-E10791C75B3D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83E45750-97A8-4F0B-A2F0-8D3D2E1BF965} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83E45750-97A8-4F0B-A2F0-8D3D2E1BF965} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEA03F27-7EEE-4648-871F-35B7AA7CA238} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEA03F27-7EEE-4648-871F-35B7AA7CA238} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0731A88-9B38-40AF-B95E-95227B3CD330} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0731A88-9B38-40AF-B95E-95227B3CD330} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCE62ECB-3075-4303-A179-1CF5D5CDCF39} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE62ECB-3075-4303-A179-1CF5D5CDCF39} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC1D4A25-9D6A-4D4C-BDD6-F8982F966F47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC1D4A25-9D6A-4D4C-BDD6-F8982F966F47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA458169-1AE8-406C-BC6A-7205DBF24D74} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA458169-1AE8-406C-BC6A-7205DBF24D74} => key removed successfully
C:\WINDOWS\System32\Tasks\Aqering Launcher => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Aqering Launcher => key removed successfully

========================= File: C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe ========================

"C:\Program Files (x86)\Reosetherprutaent\xlerdase.exe" => not found.
====== End of File: ======

========================= Folder: C:\Program Files (x86)\Reosetherprutaent ========================

not found.

====== End of Folder: ======

"C:\Program Files (x86)\Reosetherprutaent" => not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => value removed successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c971688-facc-11e6-8d96-a0b3cc6bae6e} => key removed successfully
HKCR\CLSID\{7c971688-facc-11e6-8d96-a0b3cc6bae6e} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKU\S-1-5-21-2171009598-501426374-144545434-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => not found.
C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => not found.
C:\Windows\system32\Adobe\Director\np32dsw.dll => not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075 (1).exe => moved successfully
C:\Users\uživatel\mb3-setup-1878.1878-3.0.6.1469-1075.exe => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\uživatel\Desktop\adwcleaner_6.044.exe => moved successfully

========================= Folder: C:\Users\uživatel\AppData\Roaming\Kyubey ========================

====== End of Folder: ======

C:\Users\uživatel\AppData\Roaming\Kyubey => moved successfully

========================= Folder: C:\Program Files (x86)\5u3iln5i ========================

2017-03-01 17:01 - 2017-03-01 17:02 - 0000000 ____D () C:\Program Files (x86)\5u3iln5i\{F7F18FC6-EBA3-4443-81BC-5D00D7A509AB}
2017-03-01 17:01 - 2017-03-01 17:01 - 7107516 _____ (TODO: <Company name>) C:\Program Files (x86)\5u3iln5i\{F7F18FC6-EBA3-4443-81BC-5D00D7A509AB}\hfqjapk3.a36

====== End of Folder: ======

C:\Program Files (x86)\5u3iln5i => moved successfully

========= dir "C:\Windows\Inf" /AD =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\Windows\Inf

01.03.2017 19:05 <DIR> .
01.03.2017 19:05 <DIR> ..
29.10.2016 20:11 <DIR> .NET CLR Data
29.10.2016 20:11 <DIR> .NET CLR Networking
29.10.2016 20:11 <DIR> .NET CLR Networking 4.0.0.0
29.10.2016 20:11 <DIR> .NET Data Provider for Oracle
29.10.2016 20:11 <DIR> .NET Data Provider for SqlServer
29.10.2016 20:11 <DIR> .NET Memory Cache 4.0
29.10.2016 20:11 <DIR> .NETFramework
29.10.2016 20:11 <DIR> ASP.NET
29.10.2016 20:26 <DIR> ASP.NET State
29.10.2016 20:05 <DIR> ASP.NET_2.0.50727
29.10.2016 20:11 <DIR> ASP.NET_4.0.30319
29.10.2016 20:05 <DIR> ASP.NET_64_2.0.50727
29.10.2016 20:11 <DIR> aspnet_state
29.10.2016 20:11 <DIR> BITS
02.02.2013 10:35 <DIR> cs-CZ
16.07.2016 23:25 <DIR> en-US
29.10.2016 20:11 <DIR> ESENT
29.10.2016 20:11 <DIR> MSDTC
29.10.2016 20:11 <DIR> MSDTC Bridge 3.0.0.0
29.10.2016 20:11 <DIR> MSDTC Bridge 4.0.0.0
29.10.2016 20:11 <DIR> PERFLIB
29.10.2016 20:11 <DIR> PNRPSvc
29.10.2016 20:11 <DIR> rdyboost
16.07.2016 23:25 <DIR> RemoteAccess
29.10.2016 20:11 <DIR> ServiceModelEndpoint 3.0.0.0
29.10.2016 20:11 <DIR> ServiceModelOperation 3.0.0.0
29.10.2016 20:11 <DIR> ServiceModelService 3.0.0.0
29.10.2016 20:11 <DIR> SMSvcHost 3.0.0.0
29.10.2016 20:11 <DIR> SMSvcHost 4.0.0.0
29.10.2016 20:11 <DIR> TAPISRV
29.10.2016 20:11 <DIR> TermService
29.10.2016 20:11 <DIR> UGatherer
29.10.2016 20:11 <DIR> UGTHRSVC
29.10.2016 20:11 <DIR> usbhub
29.10.2016 20:26 <DIR> W3SVC
29.10.2016 20:11 <DIR> Windows Workflow Foundation 3.0.0.0
29.10.2016 20:11 <DIR> Windows Workflow Foundation 4.0.0.0
02.01.2017 12:00 <DIR> WmiApRpl
29.10.2016 20:11 <DIR> wsearchidxpi
0 File(s) 0 bytes
41 Dir(s) 162˙099˙146˙752 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\PROGRA~1

04.03.2017 14:37 <DIR> .
04.03.2017 14:37 <DIR> ..
28.02.2017 13:00 <DIR> AVAST Software
04.03.2017 13:36 <DIR> Common Files
28.02.2017 13:21 <DIR> DAEMON Tools Lite
30.01.2014 18:11 <DIR> DIFX
11.10.2015 10:34 <DIR> DVD Maker
04.03.2017 09:41 <DIR> FreeFixer
22.10.2011 01:36 <DIR> Hewlett-Packard
29.10.2016 20:22 <DIR> IDT
13.01.2017 22:52 <DIR> Internet Explorer
04.03.2017 14:37 <DIR> Malwarebytes
28.02.2017 13:51 <DIR> Microsoft Analysis Services
29.10.2016 20:11 <DIR> Microsoft Games
28.02.2017 13:55 <DIR> Microsoft Office
21.10.2016 21:17 <DIR> Microsoft Silverlight
28.02.2017 13:55 <DIR> Microsoft SQL Server Compact Edition
28.02.2017 13:55 <DIR> Microsoft Sync Framework
28.02.2017 13:56 <DIR> Microsoft Synchronization Services
29.10.2016 20:26 <DIR> MSBuild
29.10.2016 20:26 <DIR> Reference Assemblies
02.03.2016 20:32 <DIR> Sweet Home 3D
29.10.2016 20:00 <DIR> Synaptics
29.10.2016 20:42 <DIR> Windows Defender
22.10.2011 01:29 <DIR> Windows Live
29.10.2016 20:11 <DIR> Windows Mail
17.11.2016 18:06 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
29.10.2016 20:43 <DIR> Windows NT
29.10.2016 20:11 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
0 File(s) 0 bytes
32 Dir(s) 162˙099˙146˙752 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\PROGRA~2

05.03.2017 19:59 <DIR> .
05.03.2017 19:59 <DIR> ..
15.02.2013 11:43 <DIR> Adobe
15.02.2013 11:40 <DIR> Adobe-Photoshop-7.0-CZ
20.05.2013 16:16 <DIR> Advanced IP Scanner
01.10.2013 16:13 <DIR> Apple Software Update
12.02.2013 20:25 97˙565˙024 avast_free_antivirus_setup.exe
05.03.2017 17:50 <DIR> BSPlayer
17.11.2013 14:57 <DIR> Canon
02.02.2013 10:41 <DIR> CDBurnerXP
04.03.2017 12:40 <DIR> Common Files
16.10.2014 18:16 <DIR> Corel
10.03.2014 14:43 1˙488˙486˙400 Corel-Draw-12-CZ-(plna-verze-CD1,CD2,CD3)-+-key.iso
12.12.2012 18:19 <DIR> CyberLink
20.08.2016 15:18 <DIR> Google
27.10.2015 20:04 <DIR> Hewlett-Packard
22.10.2011 01:26 <DIR> HP Games
19.06.2015 17:43 6˙402˙936 Install_PDFR_v226.exe
04.12.2015 21:38 <DIR> Intel
13.01.2017 22:52 <DIR> Internet Explorer
03.03.2017 22:15 <DIR> Java
25.10.2014 09:44 <DIR> Malvern Instruments
15.08.2014 11:05 151˙255˙864 Malvern-Zetasizer-Software-v703-PSS0012-34-EN-JP.exe
12.02.2013 20:21 <DIR> Microsoft
28.02.2017 13:51 <DIR> Microsoft Analysis Services
28.02.2017 13:51 <DIR> Microsoft Office
21.10.2016 21:17 <DIR> Microsoft Silverlight
28.02.2017 13:35 <DIR> Microsoft SQL Server Compact Edition
28.02.2017 13:52 <DIR> Microsoft Visual Studio 8
28.02.2017 13:55 <DIR> Microsoft.NET
03.03.2017 16:03 <DIR> MK
28.02.2017 13:55 <DIR> MSBuild
01.02.2014 05:32 <DIR> MSXML 4.0
30.01.2014 18:25 <DIR> Nokia
15.02.2013 10:34 <DIR> office 2010
13.12.2012 18:53 <DIR> Online Services
25.10.2014 09:33 <DIR> OriginLab
25.10.2014 09:34 <DIR> OriginPro 8.5.0 SR1
30.01.2014 18:24 <DIR> PC Connectivity Solution
17.02.2013 18:18 <DIR> PDF Architect
19.06.2015 17:46 <DIR> PDF reDirect
17.02.2013 18:17 <DIR> PDFCreator
17.02.2013 18:15 25˙321˙251 pdfcreator-setup.exe
25.09.2013 19:45 <DIR> PlayDance
22.10.2011 01:17 <DIR> PlayReady
08.01.2017 13:41 <DIR> QuickTime
12.12.2012 18:13 <DIR> Realtek
29.10.2016 20:26 <DIR> Reference Assemblies
24.10.2013 18:21 <DIR> Samsung
30.04.2015 07:12 <DIR> Software602
25.10.2014 10:18 <DIR> StepMania
15.02.2013 10:02 806˙311˙936 SW_DVD5_Office_Professional_Plus_2010_64Bit_Czech_MLF_X16-52577.ISO
12.12.2012 18:24 <DIR> SymSilent
25.07.2013 18:39 1˙158˙585 utorrent-setup.exe
29.10.2016 20:42 <DIR> Windows Defender
22.10.2011 01:31 <DIR> Windows Live
29.10.2016 20:11 <DIR> Windows Mail
17.11.2016 18:06 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
16.07.2016 12:47 <DIR> Windows NT
29.10.2016 20:11 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
02.02.2013 10:42 <DIR> WinRAR
17.11.2015 20:34 <DIR> Xvid Converter
15.02.2013 12:42 <DIR> Zoner
7 File(s) 2˙576˙501˙996 bytes
59 Dir(s) 162˙099˙142˙656 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\PROGRA~3

13.02.2013 08:42 <DIR> Adobe
01.10.2013 16:13 <DIR> Apple
08.01.2017 13:40 <DIR> Apple Computer
01.03.2017 18:09 <DIR> AVAST Software
12.02.2014 14:18 <DIR> Beware
12.02.2013 18:12 <DIR> Blio
02.02.2013 10:41 <DIR> Canneverbe Limited
16.07.2016 12:47 <DIR> Comms
13.12.2012 19:06 <DIR> CyberLink
28.02.2017 13:17 <DIR> DAEMON Tools Lite
12.12.2012 18:32 <DIR> Hewlett-Packard
30.01.2014 18:09 <DIR> Installations
12.02.2014 14:18 <DIR> InstallMate
16.10.2014 18:18 <DIR> InstallShield
12.12.2012 18:31 <DIR> Intel
24.02.2014 18:20 <DIR> IsolatedStorage
25.10.2014 09:46 <DIR> Malvern Instruments
04.03.2017 13:44 <DIR> Microsoft Help
29.10.2016 20:47 <DIR> Microsoft OneDrive
30.01.2014 18:25 <DIR> Nokia
30.01.2014 18:22 <DIR> NokiaInstallerCache
12.02.2013 20:31 <DIR> Norton
12.12.2012 18:19 <DIR> NortonInstaller
26.02.2013 18:43 <DIR> Okidata
02.03.2016 20:57 <DIR> Oracle
25.10.2014 09:41 <DIR> OriginLab
11.02.2015 21:28 <DIR> Package Cache
13.12.2012 19:04 <DIR> PassMark
30.01.2014 18:12 <DIR> PC Suite
12.12.2012 18:14 <DIR> Ralink Driver
29.10.2016 20:19 <DIR> regid.1991-06.com.microsoft
12.02.2013 18:07 <DIR> Skype
16.07.2016 12:47 <DIR> SoftwareDistribution
29.03.2015 09:18 <DIR> Sun
12.12.2012 18:31 <DIR> Synaptics
12.12.2012 18:24 <DIR> Temp
17.02.2013 18:18 <DIR> TuneUp Software
29.10.2016 20:45 <DIR> USOPrivate
29.10.2016 20:44 <DIR> USOShared
16.02.2013 10:30 <DIR> WildTangent
17.02.2013 19:16 <DIR> {9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
0 File(s) 0 bytes
41 Dir(s) 162˙099˙138˙560 bytes free

========= End of CMD: =========

========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\Users\u§ivatel\AppData\Local

05.03.2017 08:24 <DIR> .
05.03.2017 08:24 <DIR> ..
04.12.2015 22:03 <DIR> ActiveSync
01.12.2013 15:47 <DIR> Adobe
01.10.2013 16:13 <DIR> Apple
12.02.2013 17:56 <DIR> Apps
03.03.2017 17:58 <DIR> AVAST Software
15.03.2014 20:51 <DIR> Big Fish
12.02.2014 14:18 <DIR> cache
14.07.2016 19:25 <DIR> CEF
04.12.2015 22:24 <DIR> Comms
01.10.2015 19:28 <DIR> CrashDumps
21.08.2016 10:23 <DIR> Diagnostics
28.02.2017 13:22 <DIR> Disc_Soft_Ltd
04.03.2017 10:00 <DIR> FreeFixer
07.07.2016 08:05 94˙656 GDIPFONTCACHEV1.DAT
29.10.2016 18:14 <DIR> Google
10.06.2015 06:35 <DIR> GWX
17.02.2013 10:01 <DIR> Hewlett-Packard
30.10.2016 08:33 <DIR> Microsoft
04.04.2013 21:01 <DIR> Microsoft Games
02.11.2015 09:28 <DIR> Microsoft Help
17.10.2015 17:06 <DIR> MicrosoftEdge
11.10.2015 11:04 <DIR> NetworkTiles
30.01.2014 18:25 <DIR> Nokia
25.10.2014 09:41 <DIR> OriginLab
28.02.2017 13:42 <DIR> Packages
17.02.2013 18:15 <DIR> Programs
11.10.2015 11:03 <DIR> Publishers
02.03.2016 20:59 <DIR> Sun
05.03.2017 19:59 <DIR> Temp
11.10.2015 11:02 <DIR> TileDataLayer
19.01.2015 10:27 <DIR> VirtualStore
17.05.2014 08:36 <DIR> {852615AA-28AE-4BE4-AADF-182FF0324854}
1 File(s) 94˙656 bytes
33 Dir(s) 162˙099˙138˙560 bytes free

========= End of CMD: =========

========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is 5C4A-9DE6

Directory of C:\Users\u§ivatel\AppData\Roaming

05.03.2017 19:59 <DIR> .
05.03.2017 19:59 <DIR> ..
26.05.2013 13:51 <DIR> Adobe
14.09.2015 11:48 <DIR> Apollo VUT
23.05.2015 08:43 20 appdataFr3.bin
02.10.2013 16:52 <DIR> Apple Computer
19.03.2015 21:32 <DIR> AVAST Software
12.02.2013 18:13 <DIR> Blio
08.04.2013 18:57 <DIR> BSplayer
12.02.2013 19:50 <DIR> BSplayer Pro
15.02.2013 10:09 <DIR> Canneverbe Limited
02.03.2014 15:14 <DIR> Canon
16.10.2014 18:52 <DIR> Corel
28.02.2017 13:50 <DIR> DAEMON Tools Lite
11.10.2015 11:06 <DIR> Dropbox
11.10.2015 11:05 <DIR> DropboxMaster
19.01.2015 10:37 <DIR> eTeks
04.03.2017 09:41 <DIR> FreeFixer
02.02.2013 10:41 <DIR> GHISLER
17.02.2013 10:01 <DIR> Hewlett-Packard
18.02.2013 11:28 <DIR> hpqLog
28.02.2017 14:07 <DIR> Identities
25.10.2014 09:32 <DIR> InstallShield
24.02.2014 18:20 <DIR> IsolatedStorage
02.02.2013 10:42 <DIR> Macromedia
12.12.2012 18:00 <DIR> Media Center Programs
30.01.2014 18:27 <DIR> Nokia
30.01.2014 18:14 <DIR> PC Suite
17.02.2013 18:18 <DIR> PDF Architect
19.06.2015 17:46 <DIR> PDF reDirect
17.02.2013 18:17 <DIR> pdfforge
28.02.2017 13:18 <DIR> Profiles
30.01.2014 18:43 <DIR> Samsung
25.08.2016 16:29 <DIR> Skype
19.01.2016 20:17 <DIR> Sun
02.02.2013 10:24 <DIR> Synaptics
17.02.2013 18:18 <DIR> TuneUp Software
18.02.2017 16:40 <DIR> uTorrent
12.02.2013 20:42 <DIR> WinRAR
22.10.2013 07:03 <DIR> Zoner
12.02.2013 18:09 <DIR> _MDLogs
1 File(s) 20 bytes
40 Dir(s) 162˙099˙134˙464 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 312304 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 88223749 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 165969100 B
Edge => 9958529 B
Chrome => 832359421 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6144 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 134 B
systemprofile32 => 46111265 B
LocalService => 59010 B
NetworkService => 14046 B
uživatel => 375820309 B
DefaultAppPool => 6144 B

RecycleBin => 26009961732 B
EmptyTemp: => 25.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:02:39 ====

#12 Příspěvek od **altrok** » 05 bře 2017 20:14

Vyborne, jake na PC pozorujete problemy ted?

TePi · #13 Příspěvek od **TePi** » 10 bře 2017 17:58

Zdravím,

tak po týdnu je stav takový, že se notebook pořád děsně zahřívá a větrák jede často naplno, ale už nevyskakují žádná varování apod. Tak to už bude asi problém jiný než viry

přesto děkuji moc za pomoc, určitě too nějakým způsobem (který je mi utajen) pomohlo

#14 Příspěvek od **altrok** » 11 bře 2017 22:08

Takze jeste uklidime pouzite nastroje.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

Pocitac je dle logu na malware cisty, takze doporucuju pocitac jeste procistit od prachu a necistot. I tohle muze byt duvodem prehrivani.

TePi · #15 Příspěvek od **TePi** » 12 bře 2017 10:29

vyčistit už jsem ho zkoušela, bohužel to nepomohlo..

VIRY.CZ

NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky

Re: NTB pomalý, zahřívá se a pořád vyskakují varovné hlášky