Firefox sám otvára stránky "only2date.com"

[Jomko]

Prosím o pomoc
Firefox pravidelne asi každých 10min otvorí novú sexi stránku only2date.com z nejakým quízom či čo to je, neviem na nič som radšej neklikal.
použil som Malwarebytes, adwcleaner, ccleaner. Každý program niečo našiel,zmazal ale okná sa otvárajú stále.

Prosím o radu

Tu je RSIT log


Logfile of random's system information tool 1.10 (written by random/random)
Run by Jomko at 2017-03-14 13:05:01
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (1%) free of 237 GB
Total RAM: 8104 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:05:04, on 14. 3. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Jomko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: CAM Service (CAMService) - Intel® Corporation - C:\Program Files\Intel\CAM\bin\CAMService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe
O23 - Service: wampmysqld64 - Unknown owner - c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10586 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 24807360
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\GFNEXSrv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 60ee269b-bdb6-476c-8622-0c71ea504408 1
\??\C:\Windows\system32\conhost.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

"C:\Users\Jomko\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\qe0gt7rq.default-1489488823851

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-01 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-01 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"BatteryManager"=C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [2013-02-20 293760]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2013-05-20 996192]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2012-03-02 595840]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-05-11 165872]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-05-11 407536]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-05-11 444400]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-01-16 2585744]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-01-16 1514528]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-02 3049712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-04-15 8698584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2014-02-24 3129560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyP]
C:\Users\Jomko\AppData\Local\Temp\Temp1_hotkeyp.zip\HotkeyP.exe 0 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2013-01-16 374784]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-11 292848]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2017-02-01 9080768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-05-08 440320]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-03-14 11:35:05 ----D---- C:\AdwCleaner
2017-03-14 11:27:54 ----D---- C:\rsit
2017-03-14 11:27:54 ----D---- C:\Program Files\trend micro
2017-03-13 22:22:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-12 23:44:16 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-03-12 23:44:00 ----D---- C:\ProgramData\Malwarebytes
2017-03-12 23:44:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-03-12 23:44:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-03-12 23:44:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2017-03-12 23:44:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-03-12 23:39:24 ----D---- C:\_OTM
2017-03-03 11:37:22 ----D---- C:\Program Files (x86)\MSECache
2017-03-01 11:54:06 ----D---- C:\Users\Jomko\AppData\Roaming\Thunderbird
2017-03-01 11:54:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-01 11:53:59 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2017-02-21 21:56:04 ----D---- C:\Users\Jomko\AppData\Roaming\LibreOffice
2017-02-21 21:53:06 ----D---- C:\Program Files\LibreOffice 5

======List of files/folders modified in the last 1 month======

2017-03-14 12:50:50 ----D---- C:\Windows\Temp
2017-03-14 12:41:39 ----D---- C:\Windows\system32\config
2017-03-14 12:31:07 ----SHD---- C:\System Volume Information
2017-03-14 11:51:30 ----D---- C:\Windows\System32
2017-03-14 11:51:30 ----D---- C:\Windows\inf
2017-03-14 11:51:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-03-14 11:50:30 ----D---- C:\Windows
2017-03-14 11:43:11 ----D---- C:\Windows\SysWOW64
2017-03-14 11:42:16 ----RD---- C:\Program Files (x86)
2017-03-14 11:42:15 ----HD---- C:\ProgramData
2017-03-14 11:42:15 ----D---- C:\Program Files
2017-03-13 22:52:30 ----D---- C:\Windows\system32\drivers
2017-03-13 00:28:39 ----D---- C:\Users\Jomko\AppData\Roaming\MPC-HC
2017-03-12 23:51:55 ----SHD---- C:\Windows\Installer
2017-03-12 23:51:01 ----D---- C:\Windows\system32\Tasks
2017-03-12 12:37:24 ----HD---- C:\Windows\system32\GroupPolicy
2017-03-12 12:37:21 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2017-03-12 01:47:50 ----D---- C:\Users\Jomko\AppData\Roaming\FileZilla
2017-03-10 16:09:55 ----D---- C:\www.foto-tapety.sk
2017-03-10 14:02:10 ----D---- C:\Windows\system32\catroot2
2017-03-10 00:32:11 ----D---- C:\Users\Jomko\AppData\Roaming\XnView
2017-03-07 21:12:44 ----D---- C:\OBS video
2017-03-05 23:04:39 ----D---- C:\Users\Jomko\AppData\Roaming\Audacity
2017-03-05 21:12:41 ----D---- C:\Users\Jomko\AppData\Roaming\uTorrent
2017-03-03 10:01:30 ----D---- C:\Program Files\FileZilla FTP Client
2017-02-25 02:11:35 ----AD---- C:\ProgramData\TEMP
2017-02-24 15:13:44 ----D---- C:\Users\Jomko\AppData\Roaming\tox
2017-02-21 21:53:26 ----RSD---- C:\Windows\assembly
2017-02-21 21:53:15 ----RSD---- C:\Windows\Fonts
2017-02-18 22:38:46 ----D---- C:\consalnet fototapety VŠETKO FOTOTAPETY

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2017-02-01 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2017-02-01 293352]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-11-13 1467912]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-11-13 31728]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-11 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-07-23 31376]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\Windows\system32\DRIVERS\Thpevm.SYS [2009-06-29 14784]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-02-01 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-02-01 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-02-01 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-02-01 513632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2016-04-19 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-02-01 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-02-01 163416]
R2 config;config; C:\Windows\system32\DRIVERS\ibtfudrv.sys [2015-06-03 184560]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2013-07-29 164832]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-11-09 104280]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2011-06-29 26136]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-05-08 4431840]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-03-06 51712]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-01-19 480520]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-11 366576]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-11 785904]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-12-19 118504]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-03-14 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2016-03-10 64896]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-10-09 180480]
R3 NETwNs64;___ Intel(R) Wireless Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2016-01-28 3422992]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-01-16 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-02 33960]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-05-02 474864]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-13 19904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2013-07-29 164832]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2017-02-01 37656]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 Cam5607;Lenovo EasyCamera ; C:\Windows\System32\Drivers\BisonC07.sys [2009-08-21 1178352]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2000-01-01 145408]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2014-02-05 772064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-02-01 197128]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-09-12 135984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-03-19 638368]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-01-16 1148560]
R2 GFNEXSrv;GFNEX Service; C:\Windows\System32\GFNEXSrv.exe [2010-09-09 162824]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-01-16 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-01-16 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-07-23 937616]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 337776]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-03-19 157088]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2012-09-24 589224]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
S2 CAMService;CAM Service; C:\Program Files\Intel\CAM\bin\CAMService.exe [2014-09-03 1243344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-06-19 104120]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-06-19 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01 154440]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-05-11 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01 154440]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-13 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-03-19 268192]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 wampapache64;wampapache64; c:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe [2015-12-09 29696]
S3 wampmysqld64;wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe [2016-02-02 39622144]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-06-19 50352]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]

-----------------EOF-----------------

[altrok]

Krasny den Vam preju



V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan (Skenovani), pote na Clean (Cisteni)
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Jomko]

Adwcleaner som použil ešte pred tým kým som napísal tento príspevok tak neviem dám sem predošlí log?

To to je ten aktuálny




# AdwCleaner v6.044 - *Logfile created 14/03/2017 *at 19:22:22
# *Updated on 28/02/2017 by Malwarebytes
# *Database : 2017-03-14.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Jomko - OOO_JOMKO_OOO
# *Running from : C:\Users\Jomko\Downloads\adwcleaner_6.044.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6822 *Bytes] - [14/03/2017 11:43:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [867 *Bytes] - [14/03/2017 19:22:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [6364 *Bytes] - [14/03/2017 11:36:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1346 *Bytes] - [14/03/2017 11:47:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [1420 *Bytes] - [14/03/2017 12:50:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [1495 *Bytes] - [14/03/2017 19:22:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1236 *Bytes] ##########

[altrok]

Netreba. Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.

[Jomko]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2017
Ran by Jomko (administrator) on OOO_JOMKO_OOO (14-03-2017 20:01:25)
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Windows\System32\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation ) C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
() C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_221.exe
(forum.viry.cz) C:\Users\Jomko\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [293760 2013-02-20] (TOSHIBA Corporation )
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [996192 2013-05-20] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3049712 2013-05-02] (Synaptics Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-01-16] (Alcor Micro Corp.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-02-01] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {99ca108a-01cf-11e7-af1f-0c8bfd901919} - F:\Lenovo_Suite.exe
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {b1e11f79-064d-11e6-81cd-002269f5b9c1} - H:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-03-27] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-01] (AVAST Software)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8AB77511-C617-4160-A4ED-6DE44CD13903}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A795EFD8-1D5D-4511-BBAF-4A34B227FD54}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1719862456-1567695306-1986888435-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-01] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-01] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Profiles\qe0gt7rq.default-1489488823851 [2017-03-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-01]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-19] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch [2017-03-14] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-01]
CHR Extension: (Dokumenty Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-01]
CHR Extension: (Zend Debugger Extension) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\aonajadpeeaijblinaeohfdmbgdpibba [2016-09-19]
CHR Extension: (Disk Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-01]
CHR Extension: (YouTube) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-01]
CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof [2017-03-12]
CHR Extension: (Avast SafePrice) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-02]
CHR Extension: (Tabuľky Google) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-01]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2017-03-12]
CHR Extension: (Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-01]
CHR Extension: (Chrome Media Router) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-02-01] (AVAST Software)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe [29696 2015-12-09] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe [39622144 2016-02-02] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2017-02-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2017-02-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2017-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2017-02-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-02-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2017-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2017-02-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2017-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-02-01] (AVAST Software)
R2 config; C:\Windows\System32\DRIVERS\ibtfudrv.sys [184560 2015-06-03] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-04-19] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2015-11-13] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-03-06] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-09] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3422992 2016-01-28] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-02] (Synaptics Incorporated)
S3 JMCR; system32\DRIVERS\jmcr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 19:57 - 2017-03-14 20:01 - 00019079 _____ C:\Users\Jomko\Desktop\FRST.txt
2017-03-14 19:57 - 2017-03-14 20:01 - 00000000 ____D C:\FRST
2017-03-14 19:53 - 2017-03-14 19:56 - 00112640 _____ (forum.viry.cz) C:\Users\Jomko\Desktop\FRSTLauncher.exe
2017-03-14 19:51 - 2017-03-14 19:51 - 02424832 _____ (Farbar) C:\Users\Jomko\Desktop\FRST64.exe
2017-03-14 19:49 - 2017-03-14 19:49 - 02424832 _____ (Farbar) C:\Users\Jomko\Downloads\FRST64.exe
2017-03-14 19:23 - 2017-03-14 19:58 - 00000000 ____D C:\Users\Jomko\AppData\LocalLow\Mozilla
2017-03-14 15:00 - 2017-03-14 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 11:53 - 2017-03-14 11:53 - 00000000 ____D C:\Users\Jomko\Desktop\Staré údaje Firefoxu
2017-03-14 11:35 - 2017-03-14 19:31 - 00000000 ____D C:\AdwCleaner
2017-03-14 11:34 - 2017-03-14 11:35 - 04031440 _____ C:\Users\Jomko\Desktop\adwcleaner_6.044.exe
2017-03-14 11:27 - 2017-03-14 13:05 - 00000000 ____D C:\Program Files\trend micro
2017-03-14 11:27 - 2017-03-14 11:28 - 00000000 ____D C:\rsit
2017-03-14 11:26 - 2017-03-14 11:27 - 01222144 _____ C:\Users\Jomko\Downloads\RSITx64.exe
2017-03-13 11:56 - 2017-03-13 11:56 - 00027666 _____ C:\Users\Jomko\Desktop\Kópia - Zoznam Vad a Nedorobkov GHP izby 2 3 4 etapa (Jano).xlsx
2017-03-12 23:44 - 2017-03-14 19:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-12 23:44 - 2017-03-12 23:44 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-03-12 23:44 - 2017-03-12 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-03-12 23:44 - 2017-03-12 23:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-12 23:44 - 2017-03-12 23:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-03-12 23:44 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-03-12 23:44 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-12 23:44 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-12 23:39 - 2017-03-12 23:39 - 00000000 ____D C:\_OTM
2017-03-12 23:38 - 2017-03-12 23:38 - 00522240 _____ (OldTimer Tools) C:\Users\Jomko\Downloads\OTM.exe
2017-03-12 23:37 - 2017-03-12 23:37 - 22851472 _____ (Malwarebytes ) C:\Users\Jomko\Downloads\mbam-setup-bc.1878-2.2.1.1043.exe
2017-03-12 12:38 - 2017-03-12 21:34 - 00000000 ____D C:\Users\Jomko\AppData\LocalLow\Unity
2017-03-12 12:38 - 2017-03-12 21:34 - 00000000 ____D C:\Users\Jomko\AppData\Local\Unity
2017-03-12 12:36 - 2017-03-12 12:36 - 00003606 _____ C:\Windows\System32\Tasks\blogcreativeorglropsm
2017-03-03 11:37 - 2017-03-03 11:37 - 00000000 ____D C:\Program Files (x86)\MSECache
2017-03-01 11:54 - 2017-03-14 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-01 11:54 - 2017-03-01 12:02 - 00000000 ____D C:\Users\Jomko\AppData\Local\Thunderbird
2017-03-01 11:54 - 2017-03-01 11:54 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-03-01 11:54 - 2017-03-01 11:54 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2017-03-01 11:54 - 2017-03-01 11:54 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\Thunderbird
2017-03-01 11:53 - 2017-03-01 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-28 15:26 - 2017-02-28 15:26 - 06971584 _____ (Tim Kosse) C:\Users\Jomko\Downloads\FileZilla_3.24.1_win64-setup.exe
2017-02-24 16:19 - 2017-02-24 16:19 - 00470592 _____ C:\Users\Jomko\Desktop\garstka.cam
2017-02-24 10:18 - 2017-02-24 10:18 - 00445866 _____ C:\Users\Jomko\Desktop\EUBP_business_request_template.odg
2017-02-24 08:57 - 2017-02-24 08:57 - 00334918 _____ C:\Users\Jomko\Desktop\EUBP_business_request.pdf
2017-02-21 21:56 - 2017-02-21 21:56 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\LibreOffice
2017-02-21 21:53 - 2017-02-21 21:53 - 00001512 _____ C:\Users\Public\Desktop\LibreOffice 5.3.lnk
2017-02-21 21:53 - 2017-02-21 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-02-21 21:53 - 2017-02-21 21:53 - 00000000 ____D C:\Program Files\LibreOffice 5
2017-02-17 21:39 - 2017-02-17 21:39 - 00759090 _____ C:\Users\Jomko\Desktop\EUBP_business_request_template.pdf
2017-02-13 11:34 - 2017-03-05 23:04 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\Audacity
2017-02-13 11:34 - 2017-02-13 11:34 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2017-02-13 11:34 - 2017-02-13 11:34 - 00001011 _____ C:\Users\Public\Desktop\Audacity.lnk
2017-02-13 11:34 - 2017-02-13 11:34 - 00000000 ____D C:\Users\Jomko\AppData\Local\Audacity
2017-02-13 11:34 - 2017-02-13 11:34 - 00000000 ____D C:\Program Files (x86)\Audacity
2017-02-13 00:13 - 2017-02-13 00:13 - 00100926 _____ C:\Users\Jomko\Desktop\roztrasené okno.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 19:30 - 2009-07-14 05:45 - 00014560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:30 - 2009-07-14 05:45 - 00014560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:29 - 2009-07-14 06:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-14 19:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-14 19:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-14 19:06 - 2016-03-27 00:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-13 00:28 - 2016-08-03 00:14 - 00000000 ____D C:\Users\Jomko\AppData\Local\CrashDumps
2017-03-13 00:28 - 2016-03-31 19:48 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\MPC-HC
2017-03-12 12:37 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-03-12 12:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-03-12 01:47 - 2016-06-17 08:02 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\FileZilla
2017-03-11 10:03 - 2017-02-01 18:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-03-10 16:09 - 2016-11-09 22:21 - 00000000 ____D C:\www.foto-tapety.sk
2017-03-10 00:32 - 2016-06-19 09:54 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\XnView
2017-03-07 21:12 - 2016-08-09 23:05 - 00000000 ____D C:\OBS video
2017-03-05 21:12 - 2016-03-31 19:52 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\uTorrent
2017-03-03 10:01 - 2016-06-17 08:02 - 00001818 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2017-03-03 10:01 - 2016-06-17 08:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-03 10:01 - 2016-06-17 08:02 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2017-02-25 02:11 - 2016-08-17 09:17 - 00000000 ____D C:\ProgramData\TEMP
2017-02-24 15:13 - 2016-08-22 13:37 - 00000000 ____D C:\Users\Jomko\AppData\Roaming\tox
2017-02-22 07:40 - 2016-03-27 00:29 - 00125832 _____ C:\Users\Jomko\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-22 07:39 - 2009-07-14 05:45 - 00477816 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-18 22:38 - 2016-07-19 17:24 - 00000000 ____D C:\consalnet fototapety VŠETKO FOTOTAPETY
2017-02-14 21:06 - 2016-03-27 00:41 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 21:06 - 2016-03-27 00:41 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 21:06 - 2016-03-27 00:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-14 21:06 - 2016-03-27 00:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 21:06 - 2016-03-27 00:41 - 00000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2016-08-11 14:09 - 2016-08-11 14:09 - 0001816 _____ () C:\Users\Jomko\AppData\Local\recently-used.xbel
2016-04-29 21:04 - 2016-04-29 21:04 - 0007608 _____ () C:\Users\Jomko\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-14 11:08

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:231.92 GB) (Free:3.12 GB) NTFS
Drive e: (prenosny disk) (Fixed) (Total:55.89 GB) (Free:3.05 GB) NTFS

Available physical RAM: 5751.03 MB
Total physical RAM: 8103.89 MB
Percentage of memory in use: 29%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: C3F959E1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Disk: 1 (Size: 55.9 GB) (Disk ID: 07971F2D)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jomko\Desktop" je 40 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyP
C:\Users\Jomko\AppData\Local\Temp\Temp1_hotkeyp.zip\HotkeyP.exe 0 [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Jomko]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Jomko (14-03-2017 20:01:43)
Running from C:\Users\Jomko\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-03-26 22:58:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1719862456-1567695306-1986888435-500 - Administrator - Disabled)
Guest (S-1-5-21-1719862456-1567695306-1986888435-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1719862456-1567695306-1986888435-1002 - Limited - Enabled)
Jomko (S-1-5-21-1719862456-1567695306-1986888435-1000 - Administrator - Enabled) => C:\Users\Jomko

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.4.1245.72462 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.4.1245.72462 - Alcor Micro Corp.) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6389 - CDBurnerXP)
Cervii, DOSBox emulation: Floppy disk (PC DOS, © 1993 V. Chvatil) (HKLM-x32\...\{19A75319-DDA6-42DC-A28C-AA77480D6655}_is1) (Version: 2.06 - DJ OldGames)
CGS17_Setup_x64 (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{665B7560-DC5F-4F3F-BDB7-ECDC9191F4A1}) (Version: 12.5.1034 - Blackmagic Design)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
Host Service (HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\Host Service) (Version: - ) <==== ATTENTION
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Inkscape Multiple Pages Support (HKLM-x32\...\inkscape-pages) (Version: - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{6D2580AE-0284-4CE0-9A39-A0E5E3A5C28C}) (Version: 17.0.1416.01 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LibreOffice 5.3.0.3 (HKLM\...\{769A4A4C-3EBD-4469-B13B-5083F1C7717F}) (Version: 5.3.0.3 - The Document Foundation)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 52.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 sk)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 sk)) (Version: 45.7.1 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NeoDownloader 2.9.5 (HKLM-x32\...\NeoDownloader_is1) (Version: 2.9.5 - Neowise Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{EF194FA4-99F4-4C36-AC30-B2C2DE1C170D}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
qTox (HKLM-x32\...\qTox) (Version: 1.0 - The qTox Project)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.2.8 - Synaptics Incorporated)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation)
TOSHIBA Nastavenie hardvéru (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0028 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.15.0 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0037.6400 - TOSHIBA Corporation)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Web Ripper (HKLM-x32\...\{9F691A52-90AC-4223-AB9B-615F22214DB3}_is1) (Version: 3 - Sequentum Pty Ltd)
Wampserver64 3.0.4 (HKLM\...\{wampserver64}_is1) (Version: 3.0.4 - Dominique Ottello aka Otomatic)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Reloaded - Game of the Year Edition (HKLM-x32\...\Worms Reloaded - Game of the Year Edition_is1) (Version: - )
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05A39557-0E29-42FE-9DF8-7E5650227023} - System32\Tasks\SafeZone scheduled Autoupdate 1485971552 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {05A73112-55B2-4214-80E2-8B2CA96727B3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-02-01] (AVAST Software)
Task: {16BD9220-44A5-4316-A2E7-22C1FB04A7A8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {2AD4A6E6-0902-421B-80D0-ADF5F11D04CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {423AA402-B8EE-4C38-86D7-88182B09D972} - System32\Tasks\blogcreativeorglropsm => Firefox.exe blogcreative.org/lropsm <==== ATTENTION
Task: {47173412-32D4-4088-A43A-ED69C23CDCA6} - System32\Tasks\{438A268B-1252-4CB4-B467-A33FF495C65F} => pcalua.exe -a C:\Users\Jomko\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe -d C:\Windows\SysWOW64 -c /groupsextract:100;101;102; /out:"C:\Users\Jomko\AppData\Roaming\Riot Games\League of Legends\prerequisites" /callbackid:2908
Task: {4B5CA767-267A-40D5-A6AE-59DD10F7EA63} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {A20B9C73-C646-4B5B-A127-956C9D543822} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01] (Google Inc.)
Task: {D109B4D3-C6E5-43ED-8C53-4477C64E4861} - System32\Tasks\CheckControllerUpdatesUA => %PROGRAMFILES(X86)%\Smart Application Controller\smappscontroller.exe
Task: {D745AFFC-FC07-4D78-AF09-6397B5209163} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {DAE8DDE9-60AC-4BC9-AE84-0D4D839A8CE9} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {DDCBBF4E-1BF9-4745-AEA5-C7B2127953EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01] (Google Inc.)
Task: {E3A5DF24-627B-47E4-A41A-5402279E398E} - System32\Tasks\{143D4ADA-4C2E-4676-BE9E-73434D39DC0A} => pcalua.exe -a C:\Users\Jomko\Downloads\drivers\66ux03ww.exe -d C:\Users\Jomko\Downloads\drivers
Task: {FB09045B-28B4-4039-91BB-BBF2BD668DB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-18 08:16 - 2010-09-09 16:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2016-07-18 09:01 - 2015-07-23 05:06 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-07-18 09:01 - 2015-07-23 02:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-22 13:19 - 2011-08-22 13:19 - 11204992 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2012-03-02 14:08 - 2012-03-02 14:08 - 00595840 _____ () C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
2016-04-15 19:07 - 2016-04-15 19:07 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2013-04-24 08:43 - 2013-04-24 08:43 - 00473440 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
2017-02-01 18:51 - 2017-02-01 18:51 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-01 18:51 - 2017-02-01 18:51 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-14 19:24 - 2017-03-14 19:24 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031402\algo.dll
2016-07-18 09:01 - 2015-07-23 05:06 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2017-02-01 18:51 - 2017-02-01 18:51 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-14 21:06 - 2017-02-14 21:06 - 19770456 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-09-14 10:53 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jomko\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: HotkeyP => C:\Users\Jomko\AppData\Local\Temp\Temp1_hotkeyp.zip\HotkeyP.exe 0

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DCB14C9-86ED-4F30-B00E-99ECB5BDA5CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D155E225-8661-4E12-82E5-F56016F5E44E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E23F7C2-A7DB-4AA4-9C59-B7C96C7D979C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{24BB7460-270D-4C25-B820-58550ACD9E47}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C0FFDAD5-AC11-4459-9E95-ED8BC0028B7D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ABBF8C84-29A6-4BC5-B766-909AC9B459E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2C434623-B2EA-4BAD-BC0A-112039DF6EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0B2F3094-C698-4812-964D-B82E949A7C50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82538131-0BD4-4FD4-A110-9C18DB3858CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A1141BB7-4810-4607-94AB-E63F703D56DA}C:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [UDP Query User{EB1E46D8-16D8-40C6-9868-3F8B38BDB611}C:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe
FirewallRules: [TCP Query User{FA05C2CA-348E-458F-ADD7-6E96D7783896}C:\program files\totalcmd\totalcmd.exe] => (Allow) C:\program files\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{A7EBD764-52AD-4DDB-873F-F024945859C9}C:\program files\totalcmd\totalcmd.exe] => (Allow) C:\program files\totalcmd\totalcmd.exe
FirewallRules: [{375F70B7-AF70-4A34-B0A6-C692BDD38184}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{7A2D18D3-A891-4410-813A-64A55ABC47FC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{6190AFB2-1ADC-4AF8-AD89-E7F920D1FBE4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{53F13D21-23E2-41D2-8942-2B8F25E66F84}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{2BE8E510-85B8-4BFF-BC60-FADE428A3C38}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{74D433A9-730A-4D97-AAA4-4FAF5DD171D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{515B2194-8574-41D4-A855-9FA3E1707ED4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [TCP Query User{35E1BEAF-E451-490E-9C73-2ECFF6D48481}C:\users\jomko\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jomko\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{94A12787-B807-446E-BF1A-FB9C653B4D58}C:\users\jomko\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jomko\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{0686E141-7DC1-4851-9F80-8F5737292168}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{F5B77B3D-2447-40C7-9938-18207F624AE8}C:\program files\qtox\bin\qtox.exe] => (Allow) C:\program files\qtox\bin\qtox.exe
FirewallRules: [TCP Query User{5942ED09-3528-4D04-9363-2E491F1999F8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D7A606C5-353D-4EE8-BA40-375BE14998F4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{2B954BBE-D773-4F71-8256-2B8C93E2A08F}I:\install\sdi_r496\sdi_x64_r496.exe] => (Allow) I:\install\sdi_r496\sdi_x64_r496.exe
FirewallRules: [UDP Query User{091FE761-8BB8-49C1-83D1-32F3419FD47A}I:\install\sdi_r496\sdi_x64_r496.exe] => (Allow) I:\install\sdi_r496\sdi_x64_r496.exe
FirewallRules: [TCP Query User{00C85703-2B9F-4BDA-8316-5E51567B96F8}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{E068F94A-5965-4042-8DB6-665267AA67B1}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [{75E410B4-311C-4A90-BB6E-FD077E8C2617}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{651C7C53-7650-45E6-A174-710338C9F850}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{C430FADB-6FA0-41AC-8688-38015B631510}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2017 07:29:21 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 07:29:21 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 07:22:26 PM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: Nasledujúci modul sa nepodarilo zastaviť: Aktualizácie softvéru. Chyba: Operácia zlyhala.

Error: (03/14/2017 11:51:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 11:51:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 11:44:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: CAMService.exe, verzia: 1.0.0.1, časová značka: 0x54077d08
Názov chybového modulu: ntdll.dll, verzia: 6.1.7601.17514, časová značka: 0x4ce7c8f9
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000004e4b4
Identifikácia chybného procesu: 0x7c0
Čas spustenia chybnej aplikácie: 0x01d29cafee2ab62b
Cesta chybnej aplikácie: C:\Program Files\Intel\CAM\bin\CAMService.exe
Cesta chybného modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 2cedc20c-08a3-11e7-b212-54bef7723375

Error: (03/14/2017 11:43:31 AM) (Source: TOSHIBA Service Station) (EventID: 0) (User: )
Description: Nasledujúci modul sa nepodarilo zastaviť: Aktualizácie softvéru. Chyba: Operácia zlyhala.

Error: (03/14/2017 10:52:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 10:52:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/14/2017 09:09:29 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (03/14/2017 07:22:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/14/2017 07:22:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/14/2017 07:22:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/14/2017 07:22:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMScheduler sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MBAMService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel® Centrino® Wireless Bluetooth® + High Speed Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2017 07:22:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TMachInfo sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===================================
Date: 2016-07-24 18:48:36.324
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-24 18:48:36.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-24 18:48:36.321
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-23 00:34:49.202
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-23 00:34:49.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-23 00:34:49.200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-22 22:29:57.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-22 22:29:57.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-22 22:29:57.283
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-21 17:47:32.338
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8103.89 MB
Available physical RAM: 5751.03 MB
Total Virtual: 14186.09 MB
Available Virtual: 11666.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.92 GB) (Free:3.12 GB) NTFS
Drive e: (prenosny disk) (Fixed) (Total:55.89 GB) (Free:3.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: C3F959E1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 55.9 GB) (Disk ID: 07971F2D)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[altrok]

Po restartu dejte vedet, jak se PC chova.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {99ca108a-01cf-11e7-af1f-0c8bfd901919} - F:\Lenovo_Suite.exe
  HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {b1e11f79-064d-11e6-81cd-002269f5b9c1} - H:\setup.exe
  GroupPolicy: Restriction <======= ATTENTION
  GroupPolicy\User: Restriction <======= ATTENTION
  SearchScopes: HKU\S-1-5-21-1719862456-1567695306-1986888435-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof [2017-03-12]
  CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2017-03-12]
  CHR Extension: (Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd [2017-03-12]
  S3 JMCR; system32\DRIVERS\jmcr.sys [X]
  2017-03-14 11:35 - 2017-03-14 19:31 - 00000000 ____D C:\AdwCleaner
  2017-03-14 11:34 - 2017-03-14 11:35 - 04031440 _____ C:\Users\Jomko\Desktop\adwcleaner_6.044.exe
  2017-03-14 11:27 - 2017-03-14 13:05 - 00000000 ____D C:\Program Files\trend micro
  2017-03-14 11:27 - 2017-03-14 11:28 - 00000000 ____D C:\rsit
  2017-03-14 11:26 - 2017-03-14 11:27 - 01222144 _____ C:\Users\Jomko\Downloads\RSITx64.exe
  Task: {423AA402-B8EE-4C38-86D7-88182B09D972} - System32\Tasks\blogcreativeorglropsm => Firefox.exe blogcreative.org/lropsm <==== ATTENTION
  Task: {DAE8DDE9-60AC-4BC9-AE84-0D4D839A8CE9} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe 
  Task: {E3A5DF24-627B-47E4-A41A-5402279E398E} - System32\Tasks\{143D4ADA-4C2E-4676-BE9E-73434D39DC0A} => pcalua.exe -a C:\Users\Jomko\Downloads\drivers\66ux03ww.exe -d C:\Users\Jomko\Downloads\drivers
  AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]
  CMD: dir "C:\Windows\Inf" /AD
  CMD: dir "C:\PROGRA~1"
  CMD: dir "C:\PROGRA~2"
  CMD: dir "C:\PROGRA~3"
  CMD: dir "%localappdata%"
  CMD: dir "%appdata%"
  Hosts:
  EmptyTemp:
  End

[Jomko]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Jomko (14-03-2017 20:51:51) Run:1
Running from C:\Users\Jomko\Desktop
Loaded Profiles: Jomko (Available Profiles: Jomko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {99ca108a-01cf-11e7-af1f-0c8bfd901919} - F:\Lenovo_Suite.exe
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\...\MountPoints2: {b1e11f79-064d-11e6-81cd-002269f5b9c1} - H:\setup.exe
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1719862456-1567695306-1986888435-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof [2017-03-12]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj [2017-03-12]
CHR Extension: (Mail.Ru) - C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd [2017-03-12]
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
2017-03-14 11:35 - 2017-03-14 19:31 - 00000000 ____D C:\AdwCleaner
2017-03-14 11:34 - 2017-03-14 11:35 - 04031440 _____ C:\Users\Jomko\Desktop\adwcleaner_6.044.exe
2017-03-14 11:27 - 2017-03-14 13:05 - 00000000 ____D C:\Program Files\trend micro
2017-03-14 11:27 - 2017-03-14 11:28 - 00000000 ____D C:\rsit
2017-03-14 11:26 - 2017-03-14 11:27 - 01222144 _____ C:\Users\Jomko\Downloads\RSITx64.exe
Task: {423AA402-B8EE-4C38-86D7-88182B09D972} - System32\Tasks\blogcreativeorglropsm => Firefox.exe blogcreative.org/lropsm <==== ATTENTION
Task: {DAE8DDE9-60AC-4BC9-AE84-0D4D839A8CE9} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {E3A5DF24-627B-47E4-A41A-5402279E398E} - System32\Tasks\{143D4ADA-4C2E-4676-BE9E-73434D39DC0A} => pcalua.exe -a C:\Users\Jomko\Downloads\drivers\66ux03ww.exe -d C:\Users\Jomko\Downloads\drivers
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [127]
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99ca108a-01cf-11e7-af1f-0c8bfd901919} => key removed successfully
HKCR\CLSID\{99ca108a-01cf-11e7-af1f-0c8bfd901919} => key not found.
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1e11f79-064d-11e6-81cd-002269f5b9c1} => key removed successfully
HKCR\CLSID\{b1e11f79-064d-11e6-81cd-002269f5b9c1} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKU\S-1-5-21-1719862456-1567695306-1986888435-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof => moved successfully
C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj => moved successfully
C:\Users\Jomko\AppData\Local\Google\Chrome\User Data\ghiqerghtquqoleatuzuch\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd => moved successfully
HKLM\System\CurrentControlSet\Services\JMCR => key removed successfully
JMCR => service removed successfully
C:\AdwCleaner => moved successfully
C:\Users\Jomko\Desktop\adwcleaner_6.044.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Jomko\Downloads\RSITx64.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{423AA402-B8EE-4C38-86D7-88182B09D972} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{423AA402-B8EE-4C38-86D7-88182B09D972} => key removed successfully
C:\Windows\System32\Tasks\blogcreativeorglropsm => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\blogcreativeorglropsm => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAE8DDE9-60AC-4BC9-AE84-0D4D839A8CE9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAE8DDE9-60AC-4BC9-AE84-0D4D839A8CE9} => key removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3A5DF24-627B-47E4-A41A-5402279E398E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A5DF24-627B-47E4-A41A-5402279E398E} => key removed successfully
C:\Windows\System32\Tasks\{143D4ADA-4C2E-4676-BE9E-73434D39DC0A} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{143D4ADA-4C2E-4676-BE9E-73434D39DC0A} => key removed successfully
C:\ProgramData\TEMP => ":1AAB2E68" ADS removed successfully.

========= dir "C:\Windows\Inf" /AD =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\Windows\Inf

14. 03. 2017 19:29 <DIR> .
14. 03. 2017 19:29 <DIR> ..
14. 07. 2009 08:44 <DIR> .NET CLR Data
14. 07. 2009 08:44 <DIR> .NET CLR Networking
19. 06. 2016 12:06 <DIR> .NET CLR Networking 4.0.0.0
14. 07. 2009 08:44 <DIR> .NET Data Provider for Oracle
14. 07. 2009 08:44 <DIR> .NET Data Provider for SqlServer
19. 06. 2016 12:05 <DIR> .NET Memory Cache 4.0
14. 07. 2009 08:44 <DIR> .NETFramework
19. 06. 2016 12:06 <DIR> ASP.NET
19. 06. 2016 12:05 <DIR> ASP.NET_4.0.30319
19. 06. 2016 12:05 <DIR> aspnet_state
14. 07. 2009 08:44 <DIR> BITS
14. 07. 2009 08:44 <DIR> en-US
14. 07. 2009 08:44 <DIR> ESENT
14. 07. 2009 08:44 <DIR> IEM
14. 07. 2009 08:44 <DIR> MSDTC
14. 07. 2009 08:44 <DIR> MSDTC Bridge 3.0.0.0
19. 06. 2016 12:06 <DIR> MSDTC Bridge 4.0.0.0
14. 07. 2009 08:44 <DIR> PERFLIB
14. 07. 2009 06:37 <DIR> PNRPSvc
14. 07. 2009 08:44 <DIR> rdyboost
14. 07. 2009 06:37 <DIR> RemoteAccess
14. 07. 2009 08:44 <DIR> ServiceModelEndpoint 3.0.0.0
14. 07. 2009 08:44 <DIR> ServiceModelOperation 3.0.0.0
14. 07. 2009 08:44 <DIR> ServiceModelService 3.0.0.0
14. 07. 2009 08:44 <DIR> SMSvcHost 3.0.0.0
19. 06. 2016 12:06 <DIR> SMSvcHost 4.0.0.0
14. 07. 2009 08:44 <DIR> TAPISRV
14. 07. 2009 08:44 <DIR> TermService
14. 07. 2009 08:44 <DIR> UGatherer
14. 07. 2009 08:44 <DIR> UGTHRSVC
14. 07. 2009 06:37 <DIR> usbhub
14. 07. 2009 08:44 <DIR> Windows Workflow Foundation 3.0.0.0
19. 06. 2016 12:06 <DIR> Windows Workflow Foundation 4.0.0.0
14. 03. 2017 19:29 <DIR> WmiApRpl
14. 07. 2009 08:44 <DIR> wsearchidxpi
0 File(s) 0 bytes
37 Dir(s) 3˙156˙660˙224 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\PROGRA~1

14. 03. 2017 20:51 <DIR> .
14. 03. 2017 20:51 <DIR> ..
18. 07. 2016 19:21 <DIR> active-links
01. 02. 2017 18:52 <DIR> AVAST Software
15. 08. 2016 01:00 <DIR> Blackmagic Design
26. 04. 2016 20:00 <DIR> CCleaner
02. 02. 2017 11:19 <DIR> Common Files
01. 02. 2017 19:26 <DIR> Corel
27. 03. 2016 20:28 <DIR> DVD Maker
03. 03. 2017 10:01 <DIR> FileZilla FTP Client
01. 04. 2016 22:04 <DIR> GIMP 2
16. 08. 2016 00:29 <DIR> Handbrake
18. 07. 2016 13:51 <DIR> IDT
11. 08. 2016 13:43 <DIR> Inkscape
18. 07. 2016 08:56 <DIR> Intel
27. 03. 2016 20:28 <DIR> Internet Explorer
12. 06. 2016 19:29 <DIR> IrfanView
21. 02. 2017 21:53 <DIR> LibreOffice 5
26. 07. 2016 23:22 <DIR> Lightworks
26. 04. 2016 21:59 <DIR> Microsoft Office
19. 07. 2016 10:19 <DIR> MPC-HC
14. 07. 2009 06:32 <DIR> MSBuild
18. 07. 2016 13:50 <DIR> NVIDIA Corporation
04. 04. 2016 18:57 <DIR> Nvu portable
25. 07. 2016 23:03 <DIR> OBS
22. 08. 2016 13:37 <DIR> qTox
14. 07. 2009 06:32 <DIR> Reference Assemblies
18. 07. 2016 08:03 <DIR> Synaptics
18. 07. 2016 19:13 <DIR> TOSHIBA
30. 03. 2016 19:19 <DIR> totalcmd
27. 03. 2016 21:50 <DIR> Unknown Device Identifier
27. 03. 2016 20:28 <DIR> Windows Defender
27. 03. 2016 20:28 <DIR> Windows Journal
27. 03. 2016 20:28 <DIR> Windows Mail
27. 03. 2016 20:28 <DIR> Windows Media Player
14. 07. 2009 06:32 <DIR> Windows NT
27. 03. 2016 20:28 <DIR> Windows Photo Viewer
27. 03. 2016 20:28 <DIR> Windows Portable Devices
27. 03. 2016 20:28 <DIR> Windows Sidebar
06. 11. 2016 14:23 <DIR> WinRAR
18. 07. 2016 19:06 <DIR> XnView
0 File(s) 0 bytes
41 Dir(s) 3˙156˙656˙128 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\PROGRA~2

14. 03. 2017 19:23 <DIR> .
14. 03. 2017 19:23 <DIR> ..
27. 03. 2016 16:19 <DIR> Adobe
18. 07. 2016 09:01 <DIR> AGEIA Technologies
18. 07. 2016 07:30 <DIR> AmIcoSingLun
13. 02. 2017 11:34 <DIR> Audacity
03. 09. 2016 17:10 <DIR> Audiograbber
01. 02. 2017 18:47 <DIR> AVG
10. 12. 2016 20:20 <DIR> Battle.net
26. 10. 2016 19:17 <DIR> CDBurnerXP
18. 07. 2016 08:35 <DIR> Cisco
02. 02. 2017 11:19 <DIR> Common Files
19. 04. 2016 19:32 <DIR> DAEMON Tools Pro
27. 11. 2016 23:17 <DIR> freac
01. 07. 2016 19:13 <DIR> Google
17. 08. 2016 09:17 <DIR> HDD Regenerator
18. 07. 2016 15:10 <DIR> Intel
27. 03. 2016 20:28 <DIR> Internet Explorer
19. 01. 2017 20:10 <DIR> Java
18. 07. 2016 09:23 <DIR> Lenovo
12. 03. 2017 23:44 <DIR> Malwarebytes Anti-Malware
29. 03. 2016 21:19 <DIR> Microsoft
26. 04. 2016 21:59 <DIR> Microsoft Office
19. 06. 2016 12:04 <DIR> Microsoft.NET
25. 08. 2016 17:30 <DIR> Minecraft
14. 03. 2017 19:23 <DIR> Mozilla Firefox
14. 03. 2017 19:23 <DIR> Mozilla Maintenance Service
01. 03. 2017 11:54 <DIR> Mozilla Thunderbird
14. 07. 2009 06:32 <DIR> MSBuild
03. 03. 2017 11:37 <DIR> MSECache
01. 07. 2016 23:13 <DIR> NeoDownloader
17. 06. 2016 09:40 <DIR> Notepad++
18. 07. 2016 09:01 <DIR> NVIDIA Corporation
04. 09. 2016 22:49 <DIR> OBS
01. 04. 2016 18:37 <DIR> OpenOffice 4
14. 07. 2009 06:32 <DIR> Reference Assemblies
17. 08. 2016 08:47 <DIR> Smart Application Controller
05. 11. 2016 23:13 <DIR> SpeedFan
10. 12. 2016 21:43 <DIR> StarCraft II
08. 05. 2016 11:33 <DIR> Team 17
18. 07. 2016 14:14 <DIR> TOSHIBA
12. 07. 2016 14:49 <DIR> Visual Web Ripper
14. 07. 2009 08:44 <DIR> Windows Defender
27. 03. 2016 20:28 <DIR> Windows Mail
27. 03. 2016 20:28 <DIR> Windows Media Player
14. 07. 2009 06:32 <DIR> Windows NT
27. 03. 2016 20:28 <DIR> Windows Photo Viewer
27. 03. 2016 20:28 <DIR> Windows Portable Devices
27. 03. 2016 20:28 <DIR> Windows Sidebar
17. 06. 2016 15:56 <DIR> Xenu
0 File(s) 0 bytes
50 Dir(s) 3˙156˙656˙128 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\PROGRA~3

27. 03. 2016 16:19 <DIR> Adobe
18. 07. 2016 07:30 <DIR> AmUStor
01. 02. 2017 18:52 <DIR> AVAST Software
01. 02. 2017 18:47 <DIR> Avg
31. 07. 2016 17:32 <DIR> Battle.net
15. 08. 2016 01:00 <DIR> Blackmagic Design
01. 08. 2016 21:00 <DIR> Blizzard Entertainment
14. 09. 2016 10:27 <DIR> Canneverbe Limited
01. 02. 2017 19:52 <DIR> Corel
01. 02. 2017 19:28 <DIR> CorelDRAW Graphics Suite X7 x64
19. 04. 2016 19:34 <DIR> DAEMON Tools Pro
26. 07. 2016 08:20 <DIR> Geevs
18. 07. 2016 08:36 <DIR> Intel
18. 07. 2016 12:30 <DIR> IsolatedStorage
27. 03. 2016 19:25 <DIR> Lenovo
12. 03. 2017 23:44 <DIR> Malwarebytes
01. 02. 2017 18:46 <DIR> MFAData
07. 07. 2016 16:56 <DIR> Microsoft Help
18. 07. 2016 10:46 262˙144 Ntuser.dat
18. 07. 2016 13:50 <DIR> NVIDIA
18. 07. 2016 09:03 <DIR> NVIDIA Corporation
19. 01. 2017 20:10 <DIR> Oracle
01. 02. 2017 19:28 <DIR> Package Cache
01. 02. 2017 19:29 <DIR> Protexis64
27. 03. 2016 10:07 <DIR> Riot Games
27. 03. 2016 22:48 <DIR> Roaming
12. 07. 2016 14:51 <DIR> Sequentum
12. 07. 2016 16:27 <DIR> Softomotive
19. 04. 2016 21:10 <DIR> Steam
25. 02. 2017 02:11 <DIR> TEMP
18. 07. 2016 08:18 <DIR> Toshiba
18. 07. 2016 12:30 <DIR> TOSHIBA Tempro
1 File(s) 262˙144 bytes
31 Dir(s) 3˙156˙652˙032 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\Users\Jomko\AppData\Local

14. 03. 2017 20:02 <DIR> .
14. 03. 2017 20:02 <DIR> ..
11. 08. 2016 10:33 <DIR> AbleWord
28. 03. 2016 00:50 <DIR> Adobe
12. 08. 2016 13:34 <DIR> Apps
25. 07. 2016 23:03 <DIR> assembly
13. 02. 2017 11:34 <DIR> Audacity
01. 02. 2017 18:46 <DIR> Avg
01. 02. 2017 18:47 <DIR> AvgSetupLog
10. 12. 2016 21:43 <DIR> Battle.net
01. 08. 2016 21:00 <DIR> Blizzard Entertainment
29. 07. 2016 22:59 <DIR> CEF
13. 03. 2017 00:28 <DIR> CrashDumps
12. 08. 2016 14:53 <DIR> Deployment
28. 08. 2016 00:38 <DIR> Diagnostics
17. 08. 2016 09:16 <DIR> Downloaded Installations
10. 11. 2016 21:15 <DIR> ESET
15. 12. 2016 20:50 <DIR> FileZilla
19. 05. 2016 19:55 <DIR> fontconfig
22. 02. 2017 07:40 125˙832 GDIPFONTCACHEV1.DAT
19. 05. 2016 19:55 <DIR> gegl-0.2
14. 06. 2016 17:47 <DIR> GHISLER
04. 11. 2016 23:07 <DIR> Google
19. 05. 2016 20:10 <DIR> gtk-2.0
12. 07. 2016 16:27 <DIR> IIIQ
18. 07. 2016 14:15 <DIR> Intel_Corporation
28. 03. 2016 00:50 <DIR> Macromedia
30. 07. 2016 09:46 <DIR> MFAData
18. 09. 2016 22:03 <DIR> Microsoft
12. 08. 2016 13:45 <DIR> Microsoft Help
27. 03. 2016 00:49 <DIR> Mozilla
12. 08. 2016 14:52 <DIR> My ClickOnce Applications
18. 07. 2016 09:01 <DIR> NVIDIA
18. 07. 2016 14:21 <DIR> NVIDIA Corporation
18. 08. 2016 14:48 <DIR> Profiles
27. 03. 2016 19:21 <DIR> Programs
11. 08. 2016 14:09 1˙816 recently-used.xbel
29. 04. 2016 21:04 7˙608 Resmon.ResmonCfg
12. 07. 2016 16:30 <DIR> Softomotive
18. 08. 2016 15:14 <DIR> TagCraftMC
14. 03. 2017 20:48 <DIR> Temp
01. 03. 2017 12:02 <DIR> Thunderbird
18. 07. 2016 07:57 <DIR> TOSHIBA
12. 03. 2017 21:34 <DIR> Unity
12. 09. 2016 17:44 <DIR> VirtualStore
12. 07. 2016 16:32 <DIR> Visual Web Ripper
3 File(s) 135˙256 bytes
43 Dir(s) 3˙156˙652˙032 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is DE7D-B4D2

Directory of C:\Users\Jomko\AppData\Roaming

14. 03. 2017 11:42 <DIR> .
14. 03. 2017 11:42 <DIR> ..
25. 10. 2016 19:42 <DIR> .minecraft
11. 08. 2016 10:21 <DIR> AbleWord
27. 03. 2016 16:19 <DIR> Adobe
05. 03. 2017 23:04 <DIR> Audacity
01. 02. 2017 18:51 <DIR> AVAST Software
30. 07. 2016 09:48 <DIR> AVG
31. 07. 2016 18:55 <DIR> Battle.net
26. 07. 2016 08:03 <DIR> Blender Foundation
14. 09. 2016 10:26 <DIR> Canneverbe Limited
26. 05. 2016 20:51 <DIR> ConsalnetViewer
01. 02. 2017 19:29 <DIR> Corel
03. 04. 2016 19:28 <DIR> CrystalIdea Software
08. 05. 2016 21:33 <DIR> DAEMON Tools Pro
12. 03. 2017 01:47 <DIR> FileZilla
27. 11. 2016 23:21 <DIR> freac
24. 05. 2016 21:55 <DIR> GHISLER
16. 08. 2016 22:55 <DIR> HandBrake
16. 08. 2016 00:29 <DIR> HandBrake Team
26. 03. 2016 23:59 <DIR> Identities
11. 08. 2016 10:00 <DIR> inkscape
18. 07. 2016 12:26 <DIR> InstallShield
27. 03. 2016 22:48 <DIR> Intel
12. 06. 2016 19:29 <DIR> IrfanView
25. 08. 2016 17:30 <DIR> java
21. 02. 2017 21:56 <DIR> LibreOffice
28. 03. 2016 01:17 <DIR> LolClient
27. 03. 2016 16:28 <DIR> LSC
27. 03. 2016 16:28 <DIR> Macromedia
14. 07. 2009 08:54 <DIR> Media Center Programs
28. 03. 2016 23:19 <DIR> Mozilla
13. 03. 2017 00:28 <DIR> MPC-HC
01. 07. 2016 23:13 <DIR> NeoDownloader
08. 07. 2016 12:13 <DIR> Notepad++
15. 08. 2016 01:06 <DIR> NVIDIA
17. 01. 2017 01:29 <DIR> OBS
01. 04. 2016 18:38 <DIR> OpenOffice
17. 08. 2016 08:47 <DIR> Profiles
28. 03. 2016 00:03 <DIR> Riot Games
17. 08. 2016 08:47 <DIR> Smart Application Controller
18. 08. 2016 14:59 <DIR> Sun
01. 03. 2017 11:54 <DIR> Thunderbird
18. 07. 2016 08:27 <DIR> toshiba
24. 02. 2017 15:13 <DIR> tox
30. 07. 2016 09:48 <DIR> TuneUp Software
05. 03. 2017 21:12 <DIR> uTorrent
18. 07. 2016 07:26 <DIR> WinBatch
06. 11. 2016 14:25 <DIR> WinRAR
10. 03. 2017 00:32 <DIR> XnView
0 File(s) 0 bytes
50 Dir(s) 3˙156˙647˙936 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9913468 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 322738 B
Edge => 0 B
Chrome => 1736704 B
Firefox => 152048455 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 100249 B
systemprofile32 => 692 B
LocalService => 132244 B
NetworkService => 66228 B
Jomko => 936773 B

RecycleBin => 0 B
EmptyTemp: => 165.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:52:06 ====

[altrok]

Mate malo volneho mista na disku. Doporucuji hodne uvolnit

System drive C: has 3 GB (1%) free of 237 GB

Velice doporucuji doinstalovat Internet Explorer 11.


Nakonec jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Jomko]

Miesto uvolním,
IE 11 doinstalujem aj keď ho používam asi raz za rok

Zatiaľ sa žiadna stránka samovoľne neotvorila

Zatiaľ ďakujem STE SUPER

[altrok]

Nejde o jeho pouzivani, ale o jeho provazanost s jadrem operacniho systemu.

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy