VIRY.CZ

Dnes jsem si stáhl nějaký soubor, od té doby se vyskakuje proces jménem winnet32b, po vypnutí procesu se po 3 sekundách znovu zapne.
Dělá to 100% využítí CPU.

Zkusil jsem snad všechno, už si nevím rady..za každou pomoc budu velice rád..děkuji

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by OndraG at 2015-06-03 18:54:52
Running from C:\Users\OndraG\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-612300195-945601615-1233674224-500 - Administrator - Disabled)
Guest (S-1-5-21-612300195-945601615-1233674224-501 - Limited - Disabled)
OndraG (S-1-5-21-612300195-945601615-1233674224-1001 - Administrator - Enabled) => C:\Users\OndraG

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA Graphics Driver 332.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.04 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

20-05-2015 02:41:43 Windows Update
23-05-2015 14:37:09 Windows Update
24-05-2015 18:14:21 Instalační služba modulů systému Windows
26-05-2015 11:52:29 avast! antivirus system restore point
30-05-2015 10:07:30 Windows Update
02-06-2015 11:39:44 Windows Update
03-06-2015 16:19:33 avast! antivirus system restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E84D79F-B8CA-4FE3-B36E-8EEA3B7A9394} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {1085761A-2C96-41A7-94C1-258DC56B2638} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {16820EFE-1FDC-481F-908E-5BAB1A8108D8} - System32\Tasks\ASC8_SkipUac_OndraG => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-04-09] (IObit)
Task: {3D04D489-3757-4959-814B-DA1C07EA2BB7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {4147BA5C-8D2C-42D8-8F74-49945EA38331} - System32\Tasks\Uninstaller_SkipUac_OndraG => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {4E69C999-7476-4DF4-8567-8BC50B0F7160} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {53ECEBA3-E900-4EDE-91EB-D4F2549C5DBD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {5C0F0FB3-FD70-4D9F-B6F0-FE9A6D71662A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-23] (Realtek Semiconductor)
Task: {71609295-7BB1-43CB-BD4A-CDEBACB16F58} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {78319A4E-0EDF-4679-BF8C-9D7F4BF8E014} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {822CFE41-405C-4ED2-B8AD-38DB525A4F4F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {841F3637-A7F5-4EE8-A752-8139BD012D1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {A4907FC4-EFF6-4DC9-B7B9-C940770E04DB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {A4972153-BFF5-4663-9D53-D7554FF2A822} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {A5471930-3C4C-4A4E-92C1-A9A3563D4451} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {ABDB828F-0F4F-420D-A8DD-D9E74E8AABDF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-03] (Avast Software s.r.o.)
Task: {BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {C0EBF50F-742E-4528-8AEF-570888D54182} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {E9C67595-351C-4BCA-905E-F372346B1581} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {EDB43E87-4218-4E39-936D-FDC62C0DBCB3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {EE4867C9-047A-4BAE-ADDA-9CC23EE4F790} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F57CFAA1-94EB-418A-BD29-5897853B27DF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe [2015-02-16] (Adobe Systems Incorporated)
Task: {F6DE8022-1F6D-4EFA-A9E2-6924724979BC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F9D221BF-FB31-47E0-96AE-7250E14CCA92} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {FC0B81BD-6E62-488A-8716-57BFF4BC7968} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {FD7CAAE5-EDD7-4E37-A8E5-3100642AB981} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_OndraG.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_OndraG.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-18 18:08 - 2013-12-05 10:04 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-29 18:01 - 2013-08-29 18:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-11-29 00:35 - 2013-11-29 00:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-29 00:32 - 2013-11-29 00:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-29 00:38 - 2013-11-29 00:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-06-03 15:58 - 2015-06-03 15:58 - 07479296 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-03 15:58 - 2015-06-03 15:58 - 07479296 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-03 15:54 - 2015-06-03 15:54 - 00494606 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-06-03 15:54 - 2015-06-03 15:54 - 02418688 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-04-17 16:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060300\algo.dll
2015-04-17 16:33 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-03-18 18:03 - 2013-10-23 15:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-09 20:23 - 2013-09-09 20:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 22:41 - 2013-10-08 22:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-04-17 16:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00148760 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00279955 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00131598 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\zlib1.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00112142 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-04-17 16:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-04-17 16:33 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-04-17 16:33 - 2014-12-10 09:14 - 01284896 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2015-05-26 00:08 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 00:08 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-612300195-945601615-1233674224-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8354CBA3-3327-4ABF-AAD3-753CB17CAD0C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D5A28BC8-AAF8-48A4-970B-FFEACB33830A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5B5879E2-A2E4-4EAC-B215-90A67A1E778E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67613BC2-50A3-46AC-9550-CD748FA4DDF0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8491CFC1-25B0-47ED-9A49-F9BB24725BDA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A3D05749-CB81-4CC1-A4FD-5D7BDCF57842}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3D275498-C533-4950-9D35-F7EBFFEBB5ED}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{47D2E5AF-A373-49CB-A421-FC85DE3B42AF}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E97BF2A6-EB20-41A2-9689-BEF0BAF5F1AD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DFD7FC4A-2173-416B-AA2D-C4175B69C465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D6F0BD11-C724-4570-80A3-228DF490783D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{8F27463D-779D-4537-96BA-664C8B25E682}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{50170E76-F48E-4E76-9D51-3BFEDB5E9871}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B81B072-8367-41D9-858D-C3DBF4AEAC22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{E9D32488-6D16-410C-A632-6F1ED3B568BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{69186FA8-6E69-4962-92A8-12F6E33DDCDC}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [{9EA27905-DE2F-48B4-8DBD-0A9EB528425B}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [TCP Query User{CDC432FB-782D-4AE7-B31F-13B070E5C03E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8255EE5A-5439-455C-840E-4EEF2CB7E5E1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B221D2A8-285A-47A8-BE76-BC19F79806D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{13401132-6F46-4D93-ACB2-DD5E1A071DD3}C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D780BA7C-2209-4067-8FD1-66F8FF2961B3}C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4FB814A1-4DB9-4615-B256-D09899F5A30F}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{22E23048-3839-496C-9267-2C80B97021CC}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{D64F7B16-E3B2-4697-BB98-861031043F24}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3AD40DF7-462D-434A-A62B-CF95AFE30B85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C7B357C4-FFBD-406C-8F69-F59453C67D3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5BE4D06-97B0-4F0C-A71E-FF83EAB404A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BEC23CF1-1244-442D-92AB-2E2D56A86942}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CF09954A-A442-4AF5-9FBB-A44B715B6064}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:32:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:32:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:32:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:32:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat


System errors:
=============
Error: (06/03/2015 06:40:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): ASUSCloudCorporation.MobileFileExplorer.

Error: (06/03/2015 06:40:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.ZuneVideo.

Error: (06/03/2015 06:39:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): MAGIX.MusicMakerJam.

Error: (06/03/2015 06:39:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingHealthAndFitness.

Error: (06/03/2015 06:39:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingNews.

Error: (06/03/2015 06:39:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingWeather.

Error: (06/03/2015 06:39:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingTravel.

Error: (06/03/2015 06:39:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingSports.

Error: (06/03/2015 06:39:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingFoodAndDrink.

Error: (06/03/2015 06:39:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): microsoft.windowscommunicationsapps.


Microsoft Office:
=========================
Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:53:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:32:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:32:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:32:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:32:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/03/2015 06:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/03/2015 06:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 6027.27 MB
Available physical RAM: 3398.64 MB
Total Pagefile: 6987.27 MB
Available Pagefile: 4107.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:258.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:536.97 GB) NTFS
Drive f: (IMP_CCSA_X64FRE_EN-US_DV5) (CDROM) (Total:3.5 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 65FF73BD)

Partition: GPT Partition Type.

==================== End of log ============================

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.206 - Log vytvořen 03/06/2015 v 21:53:26
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-01.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : OndraG - ONDRA
# Spuštěno z : C:\Users\OndraG\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\8fa75ab726f2bfbabd330f7f2c46f2f4
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v43.0.2357.81


*************************

AdwCleaner[R0].txt - [1249 bytů] - [03/06/2015 21:52:41]
AdwCleaner[S0].txt - [1169 bytů] - [03/06/2015 21:53:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1227 bytů] ##########

Dejte nový log FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by OndraG at 2015-06-04 15:10:57
Running from C:\Users\OndraG\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-612300195-945601615-1233674224-500 - Administrator - Disabled)
Guest (S-1-5-21-612300195-945601615-1233674224-501 - Limited - Disabled)
OndraG (S-1-5-21-612300195-945601615-1233674224-1001 - Administrator - Enabled) => C:\Users\OndraG

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA Graphics Driver 332.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.04 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

20-05-2015 02:41:43 Windows Update
23-05-2015 14:37:09 Windows Update
24-05-2015 18:14:21 Instalační služba modulů systému Windows
26-05-2015 11:52:29 avast! antivirus system restore point
30-05-2015 10:07:30 Windows Update
02-06-2015 11:39:44 Windows Update
03-06-2015 16:19:33 avast! antivirus system restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1085761A-2C96-41A7-94C1-258DC56B2638} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {16820EFE-1FDC-481F-908E-5BAB1A8108D8} - System32\Tasks\ASC8_SkipUac_OndraG => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-04-09] (IObit)
Task: {280F6D44-C2C5-425F-95B7-1D8111B93DF6} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4147BA5C-8D2C-42D8-8F74-49945EA38331} - System32\Tasks\Uninstaller_SkipUac_OndraG => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {49AA48E6-B04A-4858-B371-CC873D121211} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4E69C999-7476-4DF4-8567-8BC50B0F7160} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {53ECEBA3-E900-4EDE-91EB-D4F2549C5DBD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {5C0F0FB3-FD70-4D9F-B6F0-FE9A6D71662A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-23] (Realtek Semiconductor)
Task: {71609295-7BB1-43CB-BD4A-CDEBACB16F58} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit)
Task: {822CFE41-405C-4ED2-B8AD-38DB525A4F4F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {841F3637-A7F5-4EE8-A752-8139BD012D1F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {9885D1D4-6FD3-42D9-89BD-E169FDF75CCB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {A1E6901B-F1B1-4B0F-91D2-0AD677D3808B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {A4972153-BFF5-4663-9D53-D7554FF2A822} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {A5471930-3C4C-4A4E-92C1-A9A3563D4451} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {ABDB828F-0F4F-420D-A8DD-D9E74E8AABDF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-03] (Avast Software s.r.o.)
Task: {BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {BF54A470-27D9-4B42-9E8A-31678457ADF3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {C0EBF50F-742E-4528-8AEF-570888D54182} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {E9C67595-351C-4BCA-905E-F372346B1581} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {EDB43E87-4218-4E39-936D-FDC62C0DBCB3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {EE4867C9-047A-4BAE-ADDA-9CC23EE4F790} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F57CFAA1-94EB-418A-BD29-5897853B27DF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe [2015-02-16] (Adobe Systems Incorporated)
Task: {F9D221BF-FB31-47E0-96AE-7250E14CCA92} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2013-08-29] ()
Task: {FC0B81BD-6E62-488A-8716-57BFF4BC7968} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {FD7CAAE5-EDD7-4E37-A8E5-3100642AB981} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_pepper.exe
Task: C:\Windows\Tasks\ASC8_SkipUac_OndraG.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_OndraG.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-18 18:08 - 2013-12-05 10:04 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-29 18:01 - 2013-08-29 18:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-11-29 00:35 - 2013-11-29 00:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-29 00:32 - 2013-11-29 00:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-29 00:38 - 2013-11-29 00:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-06-03 15:58 - 2015-06-03 15:58 - 07479296 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-03 15:58 - 2015-06-03 15:58 - 07479296 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-03 15:54 - 2015-06-03 15:54 - 00494606 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-06-03 15:54 - 2015-06-03 15:54 - 02418688 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-04-17 16:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-03 21:56 - 2015-06-03 21:56 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060301\algo.dll
2015-06-04 14:35 - 2015-06-04 14:35 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060400\algo.dll
2015-04-17 16:33 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-04-17 16:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2013-10-08 22:41 - 2013-10-08 22:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 20:23 - 2013-09-09 20:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-06-03 16:23 - 2015-06-03 16:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00148760 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00279955 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00131598 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\zlib1.dll
2015-06-03 15:54 - 2015-06-03 15:54 - 00112142 _____ () C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-04-17 16:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-04-17 16:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-03-18 18:03 - 2013-10-23 15:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2015-05-26 00:08 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 00:08 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-26 00:08 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-612300195-945601615-1233674224-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-612300195-945601615-1233674224-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8354CBA3-3327-4ABF-AAD3-753CB17CAD0C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D5A28BC8-AAF8-48A4-970B-FFEACB33830A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5B5879E2-A2E4-4EAC-B215-90A67A1E778E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{67613BC2-50A3-46AC-9550-CD748FA4DDF0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8491CFC1-25B0-47ED-9A49-F9BB24725BDA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A3D05749-CB81-4CC1-A4FD-5D7BDCF57842}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3D275498-C533-4950-9D35-F7EBFFEBB5ED}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{47D2E5AF-A373-49CB-A421-FC85DE3B42AF}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E97BF2A6-EB20-41A2-9689-BEF0BAF5F1AD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DFD7FC4A-2173-416B-AA2D-C4175B69C465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D6F0BD11-C724-4570-80A3-228DF490783D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{8F27463D-779D-4537-96BA-664C8B25E682}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{50170E76-F48E-4E76-9D51-3BFEDB5E9871}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B81B072-8367-41D9-858D-C3DBF4AEAC22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{E9D32488-6D16-410C-A632-6F1ED3B568BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{69186FA8-6E69-4962-92A8-12F6E33DDCDC}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [{9EA27905-DE2F-48B4-8DBD-0A9EB528425B}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe
FirewallRules: [TCP Query User{CDC432FB-782D-4AE7-B31F-13B070E5C03E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8255EE5A-5439-455C-840E-4EEF2CB7E5E1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B221D2A8-285A-47A8-BE76-BC19F79806D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{13401132-6F46-4D93-ACB2-DD5E1A071DD3}C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D780BA7C-2209-4067-8FD1-66F8FF2961B3}C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondrag\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4FB814A1-4DB9-4615-B256-D09899F5A30F}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{22E23048-3839-496C-9267-2C80B97021CC}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{D64F7B16-E3B2-4697-BB98-861031043F24}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3AD40DF7-462D-434A-A62B-CF95AFE30B85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C7B357C4-FFBD-406C-8F69-F59453C67D3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5BE4D06-97B0-4F0C-A71E-FF83EAB404A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BEC23CF1-1244-442D-92AB-2E2D56A86942}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CF09954A-A442-4AF5-9FBB-A44B715B6064}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:38:46 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny na zprostředkovateli stínové kopie {b5946137-7b9f-4925-af80-51abd60b20d5} došlo k chybě. Rutina vrátila hodnotu E_INVALIDARG.
Podrobnosti rutiny GetSnapshot({00000000-0000-0000-0000-000000000000},000000C50DB0EB20).


Operace:
Získat vlastnosti stínových kopií

Kontext:
Kontext spuštění: Coordinator

Error: (06/04/2015 02:38:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 02:38:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.


System errors:
=============
Error: (06/04/2015 02:34:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (06/03/2015 10:08:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): ASUSCloudCorporation.MobileFileExplorer.

Error: (06/03/2015 10:08:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.ZuneVideo.

Error: (06/03/2015 10:08:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): MAGIX.MusicMakerJam.

Error: (06/03/2015 10:08:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingHealthAndFitness.

Error: (06/03/2015 10:08:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingNews.

Error: (06/03/2015 10:08:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingWeather.

Error: (06/03/2015 10:08:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingTravel.

Error: (06/03/2015 10:08:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingSports.

Error: (06/03/2015 10:07:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingFoodAndDrink.


Microsoft Office:
=========================
Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 03:09:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:38:46 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000C50DB0EB20)

Operace:
Získat vlastnosti stínových kopií

Kontext:
Kontext spuštění: Coordinator

Error: (06/04/2015 02:38:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 02:38:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.
C:\Users\OndraG\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (06/04/2015 02:35:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Je poškozena databáze konfiguračního registru.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 42%
Total physical RAM: 6027.27 MB
Available physical RAM: 3489.61 MB
Total Pagefile: 6987.27 MB
Available Pagefile: 3878.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:259.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:536.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 65FF73BD)

Partition: GPT Partition Type.

==================== End of log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {1085761A-2C96-41A7-94C1-258DC56B2638} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\winnet32b.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat Advanced system care. Důvod: viewtopic.php?f=14&t=127320&hilit=iobit .

Prosím vás a nejaky podobný program asc ?

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by OndraG at 2015-06-04 18:55:42 Run:1
Running from C:\Users\OndraG\Desktop
Loaded Profiles: OndraG (Available Profiles: OndraG)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {1085761A-2C96-41A7-94C1-258DC56B2638} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: {BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\winnet32b.exe
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1085761A-2C96-41A7-94C1-258DC56B2638}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1085761A-2C96-41A7-94C1-258DC56B2638}" => key Removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA666B5A-7494-4EA8-8BD9-5D10CEDD4E05}" => key Removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key Removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\OndraG\AppData\Roaming\Microsoft\Networking\winnet32b.exe => Moved successfully.

==== End of Fixlog 18:55:44 ====

winnet se jen premenoval a porad vyskakuje

Podle log byl smazán. Udělejte kompeltní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Doufám že toto je log protože nic jiného se mi neobjevilo

http://prntscr.com/7d5fnm

Když se dívám do procesů tak winnet32b zmizel ale bojím se že se vrátí když restartnu počítač

Nalezenou položku smažte. Log by měl být k dispozici i v txt formátu. Restart budete muset provést v každém případě.