VIRY.CZ

Dobrý den, prosím o kontrolu logu a pomoc. Už pár dní zlobí prohlížení internetu - každou chvíli se na cca 2 sekundy sekne a celkově je pomalé. Díky moc. Přikládám log z FRST.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Jiří (administrator) on SOULALMIGHTY (05-07-2016 10:35:07)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\PercussionStudio3\PercussionStudio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Pokki] => C:\Users\Jiří\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [6403912 2014-08-30] (Pokki)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1

Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: CinemaPlus-3.3c - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-12-18] [not signed]
FF Extension: Seznam lištička - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-03-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [190976 2015-07-30] () [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 10:35 - 2016-07-05 10:35 - 00026882 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-05 10:34 - 2016-07-05 10:35 - 00000000 ____D C:\FRST
2016-07-05 10:34 - 2016-07-05 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2016-07-05 10:32 - 2016-07-05 10:32 - 02390016 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
2016-06-09 23:03 - 2016-06-22 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-08 08:54 - 2016-06-08 08:54 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(3).XLS
2016-06-07 21:42 - 2016-06-06 21:44 - 25431549 _____ C:\Users\Jiří\Desktop\kassa 6.6.2016.3gpp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 10:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-05 10:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 10:23 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-05 10:21 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-05 10:21 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-05 10:21 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 10:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-05 10:20 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-04 23:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-04 23:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:08 - 2015-11-20 11:08 - 00002464 _____ C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job
2016-07-04 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-07-01 10:38 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-01 09:39 - 2014-12-11 19:46 - 00000368 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-07-01 09:35 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:56 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-26 17:10 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-26 17:09 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-06-26 17:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-20 15:20 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-09 16:12 - 2016-06-03 15:34 - 00000000 ____D C:\Users\Jiří\Desktop\ff
2016-06-09 14:59 - 2015-10-26 14:53 - 00000000 ____D C:\Users\Jiří\Desktop\Frýdecká bramborárna

==================== Files in the root of some directories =======

2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Jiří\AppData\Local\10592\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ji��\Desktop" je 39636 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Jiří (administrator) on SOULALMIGHTY (05-07-2016 10:37:53)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\PercussionStudio3\PercussionStudio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Pokki] => C:\Users\Jiří\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [6403912 2014-08-30] (Pokki)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1

Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: CinemaPlus-3.3c - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-12-18] [not signed]
FF Extension: Seznam lištička - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-03-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [190976 2015-07-30] () [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 10:37 - 2016-07-05 10:38 - 00026744 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-05 10:36 - 2016-07-05 10:36 - 00039273 _____ C:\Users\Jiří\Desktop\FRST3.txt
2016-07-05 10:34 - 2016-07-05 10:37 - 00000000 ____D C:\FRST
2016-07-05 10:34 - 2016-07-05 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2016-07-05 10:32 - 2016-07-05 10:32 - 02390016 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
2016-06-09 23:03 - 2016-06-22 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-08 08:54 - 2016-06-08 08:54 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(3).XLS
2016-06-07 21:42 - 2016-06-06 21:44 - 25431549 _____ C:\Users\Jiří\Desktop\kassa 6.6.2016.3gpp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-05 10:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-05 10:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 10:23 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-05 10:21 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-05 10:21 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-05 10:21 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 10:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-05 10:20 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-04 23:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-04 23:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:08 - 2015-11-20 11:08 - 00002464 _____ C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job
2016-07-04 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-07-01 10:38 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-01 09:39 - 2014-12-11 19:46 - 00000368 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-07-01 09:35 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:56 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-26 17:10 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-26 17:09 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-06-26 17:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-20 15:20 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-09 16:12 - 2016-06-03 15:34 - 00000000 ____D C:\Users\Jiří\Desktop\ff
2016-06-09 14:59 - 2015-10-26 14:53 - 00000000 ____D C:\Users\Jiří\Desktop\Frýdecká bramborárna

==================== Files in the root of some directories =======

2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Jiří\AppData\Local\10592\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ji��\Desktop" je 39637 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Posílám log:



# AdwCleaner v5.201 - Log vytvořen 06/07/2016 v 22:31:21
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-06.1 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : Jiří - SOULALMIGHTY
# Spuštěno z : C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : ServiceUpdater

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\pokki
[#] Složka Smazáno : C:\ProgramData\Application Data\pokki
[-] Složka Smazáno : C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\10592
[-] Složka Smazáno : C:\Users\majer_000\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\AVJYFVOD75109374@HCDE39471360.com
[-] Složka Smazáno : C:\Program Files\Booking.com
[-] Složka Smazáno : C:\Users\Default User\AppData\Local\Pokki
[#] Složka Smazáno : C:\Users\Default\AppData\Local\Pokki

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\installd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\nethtsrv.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\netupdsrv.exe
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : AmiUpdXp
[-] Úloha Smazáno : amiupdaterExd
[-] Úloha Smazáno : amiupdaterExi
[-] Úloha Smazáno : ACC
[-] Úloha Smazáno : Software Update Application
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5

***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Directory\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Drive\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Klíč Smazáno : HKCU\Software\ArenaHD
[-] Klíč Smazáno : HKCU\Software\HighDefAction
[-] Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
[-] Klíč Smazáno : HKCU\Software\Pokki
[-] Klíč Smazáno : HKCU\Software\Softonic
[-] Klíč Smazáno : HKCU\Software\YorkNewCin
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
[-] Klíč Smazáno : HKLM\SOFTWARE\CinemaP-1.9cV09.11
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.11
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[#] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5242 bytů] - [06/07/2016 22:31:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [6182 bytů] - [06/07/2016 22:27:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5388 bytů] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Jiří (administrator) on SOULALMIGHTY (11-07-2016 18:37:05)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRST-OlderVersion\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1

Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 18:37 - 2016-07-11 18:37 - 00025728 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-11 18:36 - 2016-07-11 18:36 - 00000000 ____D C:\Users\Jiří\Desktop\FRST-OlderVersion
2016-07-10 11:24 - 2016-07-10 11:32 - 08463343 _____ C:\Users\Jiří\Desktop\MontyRich---Duben-2015.pdf.part
2016-07-09 19:33 - 2016-07-09 19:33 - 00053275 _____ C:\Users\Jiří\Desktop\Dark Matter - 02x02 - Kill Them All.FLEET.English.HI.C.orig.Addic7ed.com.srt
2016-07-06 22:27 - 2016-07-06 22:31 - 00000000 ____D C:\AdwCleaner
2016-07-06 22:26 - 2016-07-06 22:26 - 03712064 _____ C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
2016-07-06 12:49 - 2016-07-06 13:25 - 00000552 _____ C:\Windows\smrpro.INI
2016-07-06 12:49 - 2016-07-06 12:49 - 02276644 _____ (AdmireSoft Co., Ltd. ) C:\Users\Jiří\Desktop\smrpro.exe
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\majer_000\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\Jiří\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mp3 Recorder Professional
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\Program Files (x86)\Admiresoft
2016-07-06 12:47 - 2016-07-06 12:47 - 00000949 _____ C:\Users\majer_000\Desktop\Free MP3 Recorder.lnk
2016-07-05 10:34 - 2016-07-11 18:37 - 00000000 ____D C:\FRST
2016-07-05 10:32 - 2016-07-11 18:36 - 02390528 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-11 18:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-11 18:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-11 18:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 18:08 - 2016-03-20 13:30 - 00000000 ____D C:\Users\Jiří\Desktop\Osobní
2016-07-11 18:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 17:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-11 16:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 16:45 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-11 16:44 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-11 16:44 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-11 16:44 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 16:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-10 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 18:39 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-08 11:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-07 10:36 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-06 22:35 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-06 22:34 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-07-06 22:34 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-06 22:33 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-07-06 22:33 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-06 22:32 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-06 12:47 - 2015-03-17 01:22 - 00000949 _____ C:\Users\Jiří\Desktop\Free MP3 Recorder.lnk
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 Recorder
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\Program Files (x86)\MP3Recorder
2016-07-05 23:10 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-07-05 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-22 11:08 - 2016-06-09 23:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\libeay32.dll
C:\Users\Jiří\AppData\Local\Temp\msvcr120.dll
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ji��\Desktop" je 39653 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Program Files\KMSpico
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Jiří\AppData\Local\Temp
C:\Users\majer_000\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Jiří\Desktop" je 39653 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Jiří novou složku a přesuňte do ní všechna data z plochy (kromě zástupců. Na plochu si pak dejte zástupce té složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Jiří (2016-07-13 08:41:09) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Program Files\KMSpico
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Jiří\AppData\Local\Temp
C:\Users\majer_000\AppData\Local\Temp
End
*****************

C:\Program Files\KMSpico => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d62-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d62-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d8d-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d8d-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92db7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92db7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92dd6-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92dd6-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93196-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93196-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93c59-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93c59-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93ff7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93ff7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a94347-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a94347-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE1091CE-F7A5-43A1-B94C-4388C8309938}" => key removed successfully
HKCR\CLSID\{AE1091CE-F7A5-43A1-B94C-4388C8309938} => key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\Jiří\AppData\Local\Temp" folder move:

Could not move "C:\Users\Jiří\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Users\majer_000\AppData\Local\Temp => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-13 08:42:35)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\Jiří\AppData\Local\Temp => moved successfully

==== End of Fixlog 08:42:36 ====

Smazáno. Nastala nějaká změna?

Zdá se to OK. Díky moc!

Nemáte zač!