VIRY.CZ

No, ty veci ve FRST uz jsou v karantene, takze neskodne, no a ty cracky asi komentovat netreba Nikdo vam nerekne, jestli jsou oznaceny jen z principu, nebo je v nich i nejaky ten darecek, ktery v nich obcas byva pribalen, takze s nalezy nalozte jak chcete.


Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Děkuji, vše jsem vymazal i na disku a dávám znovu vlastní scan mbam, kdyby něco smažu to.
Frts přikládám, děkuji za zpětnou odezvu. Plochu jsem již vyčistil, jsou tam jen odkazy a nic
jiného než defragmentace disku mi již nepomůže, jen "se modlit", aby disk vydržel

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on MANDIS (14-11-2015 09:04:40)
Running from C:\Mandis disk\programy Windows 7\Programy proti virům a malware
Loaded Profiles: Petr & UpdatusUser & (Available Profiles: Petr & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Launcher6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2569728 2011-04-28] (Xerox)
HKLM-x32\...\Run: [6015B RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-01-03] ()
HKLM-x32\...\Run: [StatusAutoRun6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4476928 2012-01-03] ()
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [24576 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [40960 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {36787e2d-2ad3-11e5-9109-002713a4b3b0} - F:\iLinker.exe
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {6d08fdae-f483-11e4-b9fc-002713a4b3b0} - F:\Unlock.exe autoplay=true
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {36787e2d-2ad3-11e5-9109-002713a4b3b0} - F:\iLinker.exe
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6d08fdae-f483-11e4-b9fc-002713a4b3b0} - F:\Unlock.exe autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-10-09] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 cap.cyberlink.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{D0B7FA16-DD22-4461-85C0-0EF88289B5B4}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.seznam.cz
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-12] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Valence - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\fxdevtools-adapters@mozilla.org [2015-10-22]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-11-10]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-11-10]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-10]

Chrome:
=======
CHR HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-10-09] (AVAST Software)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95744 2012-01-03] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-09] (AVAST Software)
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2014-01-27] () [File not signed]
U3 aq37wle7; C:\Windows\System32\Drivers\aq37wle7.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-13 18:21 - 2015-11-13 18:21 - 00004362 _____ C:\mbam scan nové.txt
2015-11-12 10:56 - 2015-11-12 10:56 - 00642632 _____ (EFD Software ) C:\Users\Petr\Downloads\hdtune_255.exe
2015-11-12 10:56 - 2015-11-12 10:56 - 00000930 _____ C:\Users\Petr\Desktop\HD Tune.lnk
2015-11-12 10:56 - 2015-11-12 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-11-12 10:56 - 2015-11-12 10:56 - 00000000 ____D C:\Program Files (x86)\HD Tune
2015-11-12 10:35 - 2015-11-12 10:35 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-11 15:32 - 2015-11-11 15:32 - 00000380 _____ C:\Windows\PFRO.log
2015-11-11 08:49 - 2015-11-14 08:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-11 08:47 - 2015-11-11 08:51 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-11 08:47 - 2015-11-11 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-11 08:46 - 2015-11-11 08:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-11 08:46 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-11 08:46 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-11 08:46 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-10 10:51 - 2015-11-10 10:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-10 10:51 - 2015-11-10 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-10 10:46 - 2015-11-10 10:46 - 00001023 _____ C:\Users\Public\Desktop\Fotosizer.lnk
2015-11-10 10:46 - 2015-11-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer
2015-11-10 10:46 - 2015-11-10 10:46 - 00000000 ____D C:\Program Files (x86)\Fotosizer
2015-11-09 20:29 - 2015-11-09 20:29 - 00000000 ____D C:\Users\Petr\AppData\Local\Sony
2015-11-09 20:12 - 2015-11-09 20:12 - 00000000 ____D C:\Users\Petr\Documents\Sony
2015-11-09 19:21 - 2015-11-09 19:22 - 00142598 _____ C:\Windows\DPINST.LOG
2015-11-09 19:17 - 2015-11-09 19:17 - 00002102 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-09 19:17 - 2015-11-09 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-09 19:16 - 2015-11-09 19:16 - 00000000 ____D C:\ProgramData\Sony
2015-11-09 19:16 - 2015-11-09 19:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-11-09 09:23 - 2015-11-10 11:14 - 00000000 ____D C:\Program Files\trend micro
2015-11-09 09:23 - 2015-11-09 09:25 - 00000000 ____D C:\rsit
2015-11-09 04:52 - 2015-11-14 07:55 - 00002300 _____ C:\Windows\setupact.log
2015-11-09 04:52 - 2015-11-09 04:52 - 00000000 _____ C:\Windows\setuperr.log
2015-11-08 07:18 - 2015-11-08 07:18 - 00000939 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-08 05:39 - 2015-11-10 09:26 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2015-11-06 20:56 - 2015-11-06 20:56 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DiskDefrag
2015-11-06 20:52 - 2015-11-08 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 20:48 - 2015-11-06 20:48 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00001073 _____ C:\Users\Public\Desktop\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00000000 ____D C:\Program Files (x86)\Glary Undelete
2015-11-06 20:46 - 2015-11-07 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-06 20:46 - 2015-11-06 20:46 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2015-11-06 20:46 - 2015-11-06 20:46 - 00001110 _____ C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2015-11-01 06:43 - 2015-11-13 07:04 - 00251904 ___SH C:\Users\Petr\Desktop\Thumbs.db
2015-10-27 16:33 - 2015-10-27 16:33 - 00002062 _____ C:\Users\UpdatusUser\Desktop\Heroes of Might and Magic® IV.lnk
2015-10-27 16:33 - 2015-10-27 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO
2015-10-27 16:29 - 2015-10-27 16:33 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic 4
2015-10-27 16:11 - 2015-10-27 16:28 - 00000000 ____D C:\Program Files (x86)\Might & Magic Heroes VII
2015-10-27 15:14 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\Users\Petr\AppData\Roaming\MPC-HC
2015-10-25 17:36 - 2015-10-25 17:36 - 00003786 _____ C:\Windows\System32\Tasks\klcp_update
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-24 09:14 - 2015-10-24 09:14 - 00000000 ____D C:\Users\Petr\Desktop\Extreme show powerslide
2015-10-22 12:58 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\Tracing
2015-10-22 10:33 - 2015-10-22 10:33 - 00000000 ____D C:\Windows\en
2015-10-22 10:31 - 2015-10-22 10:31 - 00000000 ____D C:\Windows\cs
2015-10-22 10:30 - 2015-10-22 10:30 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-22 10:28 - 2015-10-22 10:28 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-22 10:26 - 2015-10-22 10:26 - 00000020 _____ C:\Windows\¬ó•
2015-10-22 10:26 - 2015-10-22 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-22 10:23 - 2015-10-22 10:23 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-10-22 10:21 - 2015-10-22 10:21 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-22 10:17 - 2015-10-22 10:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 10:16 - 2015-10-22 10:16 - 00000000 ____D C:\Program Files\Windows Live
2015-10-22 10:16 - 2014-03-31 20:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2015-10-22 10:15 - 2015-10-22 10:24 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-10-22 10:11 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-10-22 10:00 - 2015-11-04 15:42 - 00000000 ____D C:\Users\Petr\AppData\Local\Windows Live

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-14 09:05 - 2014-11-18 16:24 - 00000000 ____D C:\FRST
2015-11-14 08:49 - 2014-01-19 15:33 - 01774665 _____ C:\Windows\WindowsUpdate.log
2015-11-14 08:40 - 2014-11-26 13:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-14 08:04 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 08:04 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 07:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-14 06:48 - 2014-01-27 20:32 - 00000000 ____D C:\Mandis disk
2015-11-13 07:03 - 2014-08-03 12:19 - 00000000 ____D C:\Users\Petr\Desktop\fotky převod
2015-11-12 19:46 - 2014-02-27 08:48 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-12 10:35 - 2014-02-01 20:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 10:35 - 2014-02-01 20:15 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-12 10:35 - 2014-02-01 20:15 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 10:51 - 2014-01-27 21:09 - 00000000 ____D C:\Program Files\WinRAR
2015-11-10 10:49 - 2011-04-12 09:34 - 00668790 _____ C:\Windows\system32\perfh005.dat
2015-11-10 10:49 - 2011-04-12 09:34 - 00141418 _____ C:\Windows\system32\perfc005.dat
2015-11-10 10:49 - 2009-07-14 06:13 - 01583214 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-10 09:37 - 2014-01-20 07:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-10 09:36 - 2014-02-13 19:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-10 09:35 - 2015-10-07 16:05 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-10 08:49 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-09 22:21 - 2014-05-13 13:27 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-08 19:25 - 2014-12-03 11:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2015-11-08 15:38 - 2014-12-03 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 08:19 - 2015-06-29 17:22 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-11-06 15:44 - 2014-05-13 13:27 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-06 15:44 - 2014-01-27 22:10 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-06 09:50 - 2014-01-27 21:35 - 00000000 ____D C:\ProgramData\Adobe
2015-11-06 09:50 - 2014-01-21 09:42 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2015-11-05 05:05 - 2015-09-12 06:03 - 00000000 ____D C:\Users\Petr\Desktop\word dokumenty plocha
2015-10-31 05:37 - 2014-06-23 12:59 - 00000000 ____D C:\Windows\Minidump
2015-10-25 20:48 - 2014-01-19 16:35 - 00000000 ____D C:\Users\Petr
2015-10-24 17:47 - 2009-07-14 05:45 - 00502632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-24 12:29 - 2014-01-27 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-24 12:28 - 2014-01-27 20:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-24 06:40 - 2014-01-27 20:43 - 00001973 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-10-22 10:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-16 08:20 - 2014-10-30 20:20 - 00024526 ____H C:\Users\Petr\Desktop\~WRL2879.tmp

==================== Files in the root of some directories =======

2015-06-29 18:20 - 2015-07-03 16:38 - 0000428 _____ () C:\Users\Petr\AppData\Roaming\MANDIS.MTBF.txt
2015-06-29 18:20 - 2015-07-03 16:54 - 0000934 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManager.log
2015-06-29 18:20 - 2015-06-29 18:26 - 0000792 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\AtStart.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\DSwitch.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\QSwitch.txt
2014-01-27 21:15 - 2014-01-27 21:24 - 0000370 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
C:\Users\Petr\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-11 09:56

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-14 09:07:41)
Running from C:\Mandis disk\programy Windows 7\Programy proti virům a malware
Windows 7 Professional Service Pack 1 (X64) (2014-01-19 15:35:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3400088848-3241487186-2567401322-500 - Administrator - Disabled)
Guest (S-1-5-21-3400088848-3241487186-2567401322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3400088848-3241487186-2567401322-1003 - Limited - Enabled)
Petr (S-1-5-21-3400088848-3241487186-2567401322-1000 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-3400088848-3241487186-2567401322-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Avast Pro Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Glary Undelete 5.0.1.19 (HKLM-x32\...\Glary Undelete) (Version: 5.0.1.19 - Glarysoft Ltd)
Google Earth (HKLM-x32\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7204.836 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
Heroes of Might and Magic® IV (x32 Version: 1.00.0000 - 3DO) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0 - CyberLink Corp.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg4000 (x32 Version: 13.0.0.0 - Název společnosti:) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
Image Retriever 9 (HKLM-x32\...\{EB4C309A-8DCB-4AB6-867A-06D67C96B234}) (Version: 9.0.0.0 - Nuance Communications, Inc.)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ovládací panel NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{918A2C48-E40E-4341-B9C1-A38D50213F6B}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Playway to English 1 CD-ROM (HKLM-x32\...\{6A031978-1FDC-42D4-A30B-018FA99C5784}) (Version: 2.00.0000 - Cambridge University Press, Helbling Languages)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScanSoft OmniPage SE 16 (HKLM-x32\...\{27AC9FC3-9041-4CA0-B718-C0B8122D9B32}) (Version: 16.1.0000 - Nuance Communications, Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{1D66156D-D721-4B55-B08B-BDC917E8DCD0}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
SP45629 - Intel Chipset Installation Utility (HKLM-x32\...\{7AB416C2-4AEC-4967-A873-E2A3B404E6EC}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Xerox WorkCentre 6015B (HKLM-x32\...\InstallShield_{FB21CB19-03DB-4422-AB72-3CA9C9499512}) (Version: 1.005.00 - Xerox)
Xerox WorkCentre 6015B (x32 Version: 1.005.00 - Xerox) Hidden
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-11-2015 08:35:06 S
09-11-2015 19:18:44 Sony PC Companion
11-11-2015 09:54:15 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-19 21:26 - 2015-10-07 17:02 - 00000870 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 cap.cyberlink.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03860CA9-4CAD-4B98-B9DB-AF86C6B86D37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {0514F0AA-FEE5-454B-ABBC-73D964CD32D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1BDBF622-B099-48FE-99E2-7CF70359EA15} - System32\Tasks\Aktualizační služba softwaru InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {28111E61-6639-47FA-9793-E8FA7DBE1C62} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-05] ()
Task: {290D5554-2CAE-4D00-806C-9E9C0E582A26} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-07-15] (Seagate Technology LLC)
Task: {3570B0B4-59D9-40EF-8523-5AEDA83C63F7} - \{6ABD546F-1447-4F17-8719-217A60A08082} -> No File <==== ATTENTION
Task: {363E8906-277F-4C49-A834-3C1B7DBA7FCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5D453047-3A84-4F1A-AC87-1BE8CFE71FC5} - System32\Tasks\{31860E30-4547-4642-8629-7170D2FD9702} => pcalua.exe -a C:\Users\Petr\Downloads\shrink_pic18.exe -d C:\Users\Petr\Downloads
Task: {5F683279-ADDC-4EF0-BE6A-660043C46E6F} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {6C8090A5-F99F-445F-B7ED-64A81BA8B065} - System32\Tasks\{86CAD3F7-6666-42E6-BE0A-9FC365226892} => pcalua.exe -a C:\Users\Petr\Downloads\sp49094.exe -d C:\Users\Petr\Downloads
Task: {7BAEC43E-0DB8-4473-8332-A1F8227CF352} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86465518-AB01-4B30-8424-72DCC3F55A3E} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe
Task: {911BBD05-01B1-4BAB-86BD-8E0AA4709D9A} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {945AD81E-B507-4097-910B-A57BC020C4ED} - System32\Tasks\{5AAB68F2-60FA-4A53-9AC2-A3AABD2B8201} => pcalua.exe -a C:\NET\Ovladače\sp54929.exe -d C:\Users\Petr\Desktop
Task: {976D5659-B906-47EE-AF75-7A6FF3B724A6} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-09-18] (CyberLink Corp.)
Task: {AD38FBB6-47F4-4DBD-87BA-2927908C8115} - System32\Tasks\Program k provádění aktualizací online InstallShield Software => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B0EAFEB9-53A6-45E7-87D7-0830827B5E97} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe
Task: {CA347752-E84E-469C-92DA-F1BC2EF80899} - System32\Tasks\{B372E8E1-2F30-4E18-81EC-F54138B2C422} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
Task: {CCCFAA2F-A49F-4442-9FA4-4B6C9B7CF26A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {E761BA03-0B37-430E-934F-58B44EB6A262} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {EA1D17F4-3B65-415A-A4AE-F6DD0DB28498} - \SPBIW_UpdateTask_Time_313638333535373833362d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: {EE48280A-3618-4AA9-A03A-A12FA45C6892} - System32\Tasks\{8D31B56D-AD40-4217-90B4-39D497011277} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\nový\tcmd704a.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\nový"
Task: {F3C5033A-DF67-4D5B-8C8C-31260D9BE5D9} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe
Task: {F4351C94-C5DB-4397-9157-9F184A3D9326} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-10-09] (AVAST Software)
Task: {F8371EBB-6BAF-45C2-BCDA-2A49E5603530} - System32\Tasks\{29F6DA13-39F6-43FF-817A-2C30AA114663} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013\irfanview_lang_czech.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013"
Task: {FF28A300-8F11-4399-B779-F1A5D46C7609} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-21 03:18 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-10 19:55 - 2012-03-09 14:34 - 00022528 _____ () C:\Windows\System32\xrhk1alm.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2015-11-09 19:16 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2015-10-09 15:41 - 2015-10-09 15:41 - 00103376 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-11-08 11:00 - 2015-11-08 11:00 - 02990592 _____ () C:\Program Files\Alwil Software\Avast5\defs\15110700\algo.dll
2015-11-09 19:16 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-11-09 19:16 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 16:02 - 2015-09-07 16:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2015-11-09 19:16 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00056704 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-09 19:16 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-09-22 10:21 - 2015-09-22 10:21 - 02369920 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-09-23 17:59 - 2015-09-23 17:59 - 00820096 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2015-10-07 15:56 - 2014-08-05 09:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-10-07 15:56 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{35577E9F-171C-41D0-B655-756E08D2486A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EB0987BF-3349-47D4-B597-1B3F0ADA55E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94A63192-3A7C-43AA-9D29-F5636E2114C6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{058AEEA4-7722-44C0-B335-4A3F997B531D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E4BAC347-63DB-4197-97B3-176158DE78D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8C5F0BE-1EDE-4475-A8A7-CCF0767681B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E557D77D-F5EC-4C72-9528-53AB97F375C0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{E5043FF6-4EC8-4D44-B5A6-45144B6A623E}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{A942E273-C820-4E95-AA1F-416ECD7C5880}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EF270BDC-CD4A-4A0A-8CFD-A0AC945730D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D4C21880-E4B1-4B0E-9DE8-1C41B6785803}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6E83BA24-2B68-494C-9459-D72D336B59E0}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{190C4C3E-A4A5-440B-8CDA-FE2C186E5028}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{6921BF56-2606-4B23-85BB-DDC24D8E0993}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5DB7BB8F-3F2B-419D-A0FF-56D542D0CB9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0B574E8F-BCEC-4483-BB41-0BB5C6D9DE7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{688FCDEA-B268-457B-8D78-B091150A8219}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7205D8B7-5CF9-42BA-9173-5B79540245DA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{BB90227C-9914-4966-A4F7-148EE98FDEC2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{09748AE2-AE0B-4AD6-96B5-6DD707AF0767}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B81A88B0-4BBE-49BB-B414-FF167FAD98BD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A04DC8B9-D771-4325-A46D-60A36FADB18D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0B6D27EC-DF44-4272-B6AC-F453EB0CBCCB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F483036C-446D-4412-A82F-9F60B3800FA1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{450BDF45-D1B7-4F54-B7F7-8A8AF056B824}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E910043F-5C65-45B8-AC43-5211BAF93080}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D58AD317-9E34-47AD-8F51-87565B7EE705}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9E18F5B3-D36D-4D09-AEE2-A16C8698D143}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{31787E16-FC3D-4088-982F-644BC73A9E3B}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1BD381E-FC6A-460A-AFB0-95CC1564DAFB}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{62569C6C-7F09-4B0F-98DF-B00135D2B69E}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1EFDA8C-5544-4FD3-8882-3C477E03BF2A}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{BA309BEA-C992-4680-A1D7-C7E3C789D0BA}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B7361255-9C8A-40EB-B3FB-4A78B47EE353}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FE31AF74-5E16-4F7E-AE61-68DE1B3476A8}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D53369BE-D2AF-42B9-A1E7-D7BA16A25423}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DE86DDF0-BAD5-4BC3-97AA-E85F611FC7AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D3E01E2-1F9A-44CF-B25A-E6CEF1D0EA2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45CA5035-3611-4A94-9EE7-A8B2FAAA54B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{589502F4-FDFE-499F-A01F-533CB4EDB52D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB1D2879-110E-464C-B16D-A257ED89A021}] => (Allow) LPort=8888
FirewallRules: [{445F2C75-808D-4A31-88C1-AD4AA8BF6E4E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F11E2B46-0E06-4945-A2D4-7F75344C2F63}] => (Allow) LPort=2869
FirewallRules: [{F32348DA-9235-4751-B067-6EB8E3E30166}] => (Allow) LPort=1900
FirewallRules: [{A466C3ED-3557-4F4E-980D-4B2BC7905EE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CD698E9D-DC5B-4013-9CF1-2FF105B0DD6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B1900DC-2AD5-4A62-ADF4-90E2E8709D9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DC4EC295-0FEA-47D3-870E-9B2F1991DB21}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CB2FA0BE-E624-4A2E-9869-4E54AC8243EA}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe

==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: A309
Description: A309
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2015 08:28:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 718

Čas spuštění: 01d11ea987aeba04

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení:

Error: (11/14/2015 07:56:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2015 06:38:01 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225

Error: (11/13/2015 06:26:21 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225

Error: (11/12/2015 08:11:09 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225

Error: (11/12/2015 08:00:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 06:10:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.2.1.0, časové razítko: 0x00000004
Název chybujícího modulu: libqt4_plugin.dll, verze: 2.2.1.0, časové razítko: 0x00020002
Kód výjimky: 0x40000015
Posun chyby: 0x007ca10a
ID chybujícího procesu: 0x1354
Čas spuštění chybující aplikace: 0xvlc.exe0
Cesta k chybující aplikaci: vlc.exe1
Cesta k chybujícímu modulu: vlc.exe2
ID zprávy: vlc.exe3

Error: (11/11/2015 03:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2015 08:22:55 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225

Error: (11/10/2015 03:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/12/2015 07:32:54 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 07:32:54 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 07:32:54 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:59:03 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:59:03 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:59:03 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:59:03 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:59:03 AM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (11/12/2015 10:34:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby MBAMScheduler bylo dosaženo časového limitu (30000 ms).

Error: (11/11/2015 03:32:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:47:01, ‎11.‎11.‎2015) bylo neočekávané.


CodeIntegrity:
===================================
Date: 2015-07-13 11:53:26.259
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 51%
Total physical RAM: 4022.87 MB
Available physical RAM: 1966.51 MB
Total Virtual: 8043.93 MB
Available Virtual: 5460.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:158.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 82DE393B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Prosím ještě druhý dotaz, dá se něco udělat, když mi ve firefoxu často píše ukončete skript? A většinou
to totiž trvá minutu až 3, než se ukáže ukončit a pak zase můžu dělat na internetu, jinak se to zasekne
a musím čekat, děkuji pěkně:-)

Ještě třetí psaní jestli dovolíte prosím
Nejdou mi vůbec stáhnout aktualizace ...
Mám jich tam 97, z toho 2 volitelné, vše jsem zaškrtnul, hlídám si, aby mezi nimi dále co bude nebyla Win 10,
ale je to stále na 0 kb a nehodlá se to ztahovat, čím by to mohlo být prosím? Jestli nějaký vir to nehlídá...
Děkuji pěkně a příjemný klidný večer

Děkuji, již to šlo, ale musel jsem nastavit automatické aktualizace, ručně to nešlo.

Dneska jsme meli doma oslavu, tak jsem u pc vubec nebyl
Veskere zaseky muze mit na svedomi ten disk.


Vypnete trvale Windows Defender.



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

To je jasné, vždyť je sobota:-)

Děkuji za kontrolu

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-15 11:09:25) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr & UpdatusUser (Available Profiles: Petr & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

Task: {3570B0B4-59D9-40EF-8523-5AEDA83C63F7} - \{6ABD546F-1447-4F17-8719-217A60A08082} -> No File <==== ATTENTION
Task: {EA1D17F4-3B65-415A-A4AE-F6DD0DB28498} - \SPBIW_UpdateTask_Time_313638333535373833362d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value removed successfully
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
"HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-3400088848-3241487186-2567401322-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF}" => key removed successfully
HKCR\Wow6432Node\CLSID\{451C804F-C205-4F03-B48E-537EC94937BF} => key not found.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3570B0B4-59D9-40EF-8523-5AEDA83C63F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3570B0B4-59D9-40EF-8523-5AEDA83C63F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6ABD546F-1447-4F17-8719-217A60A08082}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA1D17F4-3B65-415A-A4AE-F6DD0DB28498}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA1D17F4-3B65-415A-A4AE-F6DD0DB28498}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313638333535373833362d4a375b5a5a6c783245343741 => key not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
SkypeUpdate => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.8 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 11:12:33 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

Děkuji za odkaz na Delfix:-)
# DelFix v1.011 - Logfile created 17/11/2015 at 08:44:05
# Updated 18/08/2015 by Xplode
# Username : Petr - MANDIS
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########
A ten defragmetující program je účinnější než ten klasický ve Win7. Nyní jsem ho pustil,
jinak defragmentuji častěji a také ccleaner jednou za 14 dní.
Přeji příjemný dnešní den:-)

Mandis píše:A ten defragmetující program je účinnější než ten klasický ve Win7

To rozhodne je


Tak pak napiste, jestli se neco zmenilo, nebo se to stale zasekava a zpomaluje.

Dekuji Vam take hezky den



20.2. http://forum.viry.cz/viewtopic.php?f=12&t=123975