VIRY.CZ

zdravim.
tenhle problem me trapi uz dlouho, resp. podarilo se mi ho asi pred pulrokem utlumit zakazem aktualizaci notebooku, ale kdyz jsem je nedavno chtel nechat aktualizovat, uz se to zaclo zase denne projevovat.
Zkusil jsem odinstalovat Avast a koupil jsem si ESET. Ale nic se nezmenilo.
Kazdy den mi to na nekolik minut zaseka notebook. Kdyz to odezni, jeste nachvilku zatizi disk antivir a ccleaner.

Co s tim prosim? Uz jsem to tu resil jednou, ale nejak to nedopadlo.
http://forum.viry.cz/viewtopic.php?f=4& ... 9#p1445169



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
Ran by Vojtěch (administrator) on NH4E7QW (07-12-2016 21:33:36)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Gretech Corp.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-05-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2016-08-10] (PDF Complete Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Snow3.scr [352256 2009-06-29] (Thomas Olesch)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FB67058-48F5-41DB-BA61-F9D104C15A78}: [DhcpNameServer] 10.12.0.1
Tcpip\..\Interfaces\{A4F71677-C072-4D8A-96CA-BDC340144CF4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B6DD668F-0FE8-4988-9F15-2792B0BCA99F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-09-23] (FreeDownloadManager.ORG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-10-26] (DigitalPersona, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Vojtěch\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2014-03-18] ( )
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-12-10] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-10-26] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2815520 2016-10-11] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [107520 2016-09-15] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-09-15] (Ellora Assets Corp.) [File not signed]
S3 GDOCService; C:\Program Files (x86)\Global Graphics\gDocPDFServer\MWFSrv.exe [77824 2010-08-27] (Global Graphics) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2014-02-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2014-02-04] (Intel Corporation)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2015-03-22] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-10-10] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-11-21] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [181312 2014-03-18] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-21] ()
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232072 2016-10-13] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [177792 2016-10-13] (ESET)
R1 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [67712 2016-10-13] (ESET)
S0 giveio; C:\Windows\SysWOW64\drivers\giveio.sys [5248 1996-04-03] () [File not signed]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-21] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1864328 2012-10-04] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-02] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [30848 2015-12-29] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
U4 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 21:33 - 2016-12-07 21:34 - 00020134 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2016-12-07 21:30 - 2016-12-07 21:30 - 00029696 _____ C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2016-12-07 21:30 - 2016-12-07 21:30 - 00015327 _____ C:\Users\Vojtěch\Desktop\LM.bat
2016-12-07 21:29 - 2016-12-07 21:30 - 00112640 _____ (forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe
2016-12-07 19:43 - 2016-12-07 21:34 - 01766454 _____ C:\Windows\system32dbgraw.bmp
2016-12-05 20:21 - 2016-12-05 22:20 - 2146877692 _____ C:\Users\Vojtěch\Downloads\Shame-(Stud)-cz-tit-2011.avi
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\ProgramData\ESET
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\Program Files\ESET
2016-11-30 23:22 - 2016-11-30 23:23 - 03135616 _____ (ESET) C:\Users\Vojtěch\Desktop\eset_nod32_antivirus_live_installer_us.exe
2016-11-30 21:48 - 2016-12-01 16:12 - 00001067 _____ C:\Users\Vojtěch\Desktop\Unibet Poker.lnk
2016-11-30 21:48 - 2016-12-01 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unibet Poker
2016-11-30 21:48 - 2016-12-01 16:12 - 00000000 ____D C:\Program Files (x86)\Unibet Poker
2016-11-30 11:59 - 2016-11-30 11:59 - 00030720 _____ C:\Users\Vojtěch\Downloads\nabídka.xls
2016-11-28 20:57 - 2016-11-28 20:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-28 20:52 - 2016-11-28 20:53 - 56790864 _____ (Relax Gaming Ltd. ) C:\Users\Vojtěch\Downloads\UnibetPokerBeta.exe
2016-11-28 17:10 - 2016-11-28 17:10 - 00174909 _____ C:\Users\Vojtěch\Downloads\161128_NAB#160275.1_ERW_H4000_DECT_Cordless_BS4_JmK_SENT.pdf
2016-11-28 17:10 - 2016-11-28 17:10 - 00174909 _____ C:\Users\Vojtěch\Downloads\161128_NAB#160275.1_ERW_H4000_DECT_Cordless_BS4_JmK_SENT (1).pdf
2016-11-28 16:49 - 2016-11-28 16:49 - 00249499 _____ C:\Users\Vojtěch\Downloads\161128-Nab#160276.1 - Vratnik 2N HELIOS IP VERSO 3 moduly- JmK_SENT.pdf
2016-11-28 16:45 - 2016-11-28 16:45 - 00117043 _____ C:\Users\Vojtěch\Downloads\161128 NAB#160277.1 TELCONNECT Telefony openStage HFA%2c TDM_JmK-SENT.pdf
2016-11-28 10:46 - 2016-11-28 10:46 - 00401657 _____ C:\Users\Vojtěch\Downloads\Krajský úřad Jihomoravského kraje27.11.2016_001.pdf
2016-11-27 15:36 - 2016-11-27 18:39 - 00000102 ____H C:\Users\Vojtěch\Desktop\.~lock.sazeni_poker_BANK.ods#
2016-11-27 09:59 - 2016-11-27 11:52 - 1822341382 _____ C:\Users\Vojtěch\Downloads\Hardcore-Henry_2015_titulky.CZ_1080p.x264.mkv
2016-11-24 17:43 - 2016-11-24 18:03 - 362456778 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E09.HDTV.x264-ASAP.mp4
2016-11-24 17:43 - 2016-11-24 17:43 - 00069121 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E09.HDTV.x264-ASAP.srt
2016-11-24 17:42 - 2016-11-24 17:42 - 00062360 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E08.HDTV.x264-KILLERS.srt
2016-11-24 17:18 - 2016-11-24 17:37 - 350175743 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E08.HDTV.x264-KILLERS.mp4
2016-11-20 17:56 - 2016-11-20 18:15 - 348132487 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E07.HDTV.x264-KILLERS.mp4
2016-11-20 17:55 - 2016-11-20 17:55 - 00050835 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E07.HDTV.x264-KILLERS.srt
2016-11-20 17:04 - 2016-11-20 17:25 - 370993456 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E06.HDTV.x264-KILLERS.mp4
2016-11-20 17:04 - 2016-11-20 17:04 - 00062612 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E06.HDTV.x264-KILLERS.srt
2016-11-18 23:09 - 2016-11-18 23:09 - 00001010 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-11-18 23:09 - 2016-11-18 23:09 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\IrfanView
2016-11-18 23:09 - 2016-11-18 23:09 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-11-18 23:07 - 2016-11-18 23:08 - 02131936 _____ (Irfan Skiljan) C:\Users\Vojtěch\Downloads\iview442_setup.exe
2016-11-18 23:01 - 2016-11-18 23:01 - 00061284 _____ C:\Users\Vojtěch\Downloads\189669591_20161031_10_MCZS.pdf
2016-11-18 16:18 - 2016-11-18 17:45 - 1567006720 _____ C:\Users\Vojtěch\Downloads\Požáry-%2F-Incendies-2010,-CZ-tit.avi
2016-11-17 21:02 - 2016-11-17 21:02 - 00043224 _____ C:\Users\Vojtěch\Downloads\The-Thing(0000276868).srt
2016-11-15 19:20 - 2016-11-15 19:20 - 00085346 _____ C:\Users\Vojtěch\Downloads\Cww8DSpXUAAPueJ.jpg-large
2016-11-13 16:36 - 2016-11-13 16:36 - 00035059 _____ C:\Users\Vojtěch\Downloads\Vyúčtování_2016_10-1310991889.pdf
2016-11-11 19:57 - 2016-11-11 23:40 - 2059890602 _____ C:\Users\Vojtěch\Downloads\Polytechnika_Polytechnique_2009_hc.titulky.CZ.mp4
2016-11-11 16:45 - 2016-11-11 17:50 - 1035200689 _____ C:\Users\Vojtěch\Downloads\Prisoners.2013.720p.Bluray.x264-YIFY.mp4
2016-11-11 16:44 - 2016-11-11 16:44 - 00077966 _____ C:\Users\Vojtěch\Downloads\Prisoners.2013.720p.Bluray.x264-YIFY.srt
2016-11-09 21:57 - 2016-11-27 18:39 - 00017543 _____ C:\Users\Vojtěch\Desktop\sazeni_poker_BANK.ods
2016-11-07 20:11 - 2016-11-07 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 21:33 - 2016-04-18 20:34 - 00000000 ____D C:\FRST
2016-12-07 21:29 - 2016-05-11 06:19 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-07 21:26 - 2014-11-24 09:52 - 00000000 ____D C:\Users\Vojtěch\Downloads\13_POKER
2016-12-07 21:23 - 2015-11-17 13:32 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2016-12-07 20:55 - 2015-01-13 19:55 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-07 19:48 - 2012-09-26 09:53 - 00000950 _____ C:\Windows\SysWOW64\bscs.ini
2016-12-07 19:45 - 2013-12-10 14:57 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-12-07 19:45 - 2013-12-10 14:57 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-12-07 18:14 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-12-07 18:13 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-06 22:29 - 2016-05-11 06:19 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-06 18:18 - 2016-10-25 17:09 - 00000202 _____ C:\Users\Vojtěch\SecurityKISSTunnel.config
2016-12-06 18:18 - 2016-10-25 17:00 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel
2016-12-06 18:18 - 2013-10-03 22:32 - 00000000 ____D C:\Users\Vojtěch
2016-12-06 18:09 - 2014-05-07 18:57 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForVojtěch
2016-12-06 18:09 - 2014-05-07 18:57 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForVojtěch.job
2016-12-04 18:48 - 2012-11-22 04:49 - 00000000 ____D C:\ProgramData\PDFC
2016-12-04 00:57 - 2016-04-08 14:55 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-03 21:09 - 2015-02-21 21:35 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\PokerStars.EU
2016-12-02 23:34 - 2013-10-04 21:04 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Google
2016-12-01 16:12 - 2016-08-05 15:27 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-12-01 16:12 - 2016-08-05 15:27 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-12-01 15:26 - 2016-11-02 18:39 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2016-12-01 00:07 - 2012-11-22 05:19 - 00756994 _____ C:\Windows\system32\perfh005.dat
2016-12-01 00:07 - 2012-11-22 05:19 - 00163422 _____ C:\Windows\system32\perfc005.dat
2016-12-01 00:07 - 2012-07-26 08:28 - 01854972 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 00:07 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf
2016-12-01 00:01 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-30 23:59 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-30 23:27 - 2013-11-04 09:26 - 00595968 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2016-11-30 22:51 - 2013-10-19 21:12 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2016-11-30 22:50 - 2016-01-03 11:08 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2016-11-30 22:50 - 2014-02-10 18:28 - 00000000 ____D C:\Windows\Minidump
2016-11-30 22:46 - 2013-11-07 20:17 - 00000000 ____D C:\Users\Vojtěch\Downloads\01_filmy
2016-11-30 22:46 - 2013-10-05 22:31 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\GHISLER
2016-11-30 22:42 - 2013-11-07 20:20 - 00000000 ____D C:\Users\Vojtěch\Downloads\03_serialy
2016-11-30 16:43 - 2015-11-06 18:24 - 00000000 ____D C:\Users\Vojtěch\Documents\888poker
2016-11-28 20:56 - 2016-08-05 15:27 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-11-28 14:30 - 2016-10-09 15:26 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Poker at bet365
2016-11-28 09:37 - 2016-10-09 15:27 - 00001838 _____ C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2016-11-28 09:37 - 2016-10-09 15:27 - 00001836 _____ C:\Users\Vojtěch\Desktop\Poker at bet365.lnk
2016-11-27 10:25 - 2015-02-21 21:31 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-11-25 20:24 - 2014-12-22 17:31 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1381869317
2016-11-25 20:24 - 2013-10-15 21:35 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 20:24 - 2013-10-15 21:35 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-20 19:57 - 2015-11-06 18:22 - 00000000 ____D C:\Program Files (x86)\PacificPoker
2016-11-18 23:04 - 2013-10-05 22:29 - 08656384 ___SH C:\Users\Vojtěch\Downloads\Thumbs.db
2016-11-15 17:53 - 2013-11-07 20:31 - 00000000 ____D C:\Users\Vojtěch\Downloads\00_sazkarnet
2016-11-15 17:31 - 2012-08-02 22:20 - 00000000 ____D C:\swsetup
2016-11-14 23:31 - 2013-10-04 21:05 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-08 00:00 - 2013-11-07 20:20 - 00000000 ____D C:\Users\Vojtěch\Downloads\02_hudba
2016-11-07 20:11 - 2016-08-14 18:31 - 00001537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2016-11-07 20:11 - 2016-08-14 18:31 - 00001531 _____ C:\Users\Vojtěch\Desktop\partypoker.lnk
2016-11-07 20:11 - 2016-03-13 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2015-05-26 16:20 - 2015-05-26 16:20 - 0000040 _____ () C:\Users\Vojtěch\AppData\Roaming\cdr.ini
2016-12-07 21:30 - 2016-12-07 21:30 - 0029696 _____ () C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2015-11-19 13:19 - 2015-11-19 13:19 - 0000000 _____ () C:\Users\Vojtěch\AppData\Local\{A365E46F-AAE6-4A5E-A4F0-FEF0DDD7E94B}
2016-09-08 21:16 - 2016-09-08 21:16 - 0004934 _____ () C:\ProgramData\flwjycbm.bab
2015-10-16 19:24 - 2015-10-16 19:46 - 0000387 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-12-04 12:14

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.040 - Logfile created 08/12/2016 at 17:24:42
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-07.1 [Server]
# Operating System : Windows 8 (X64)
# Username : Vojtěch - NH4E7QW
# Running from : C:\Users\Vojtěch\Desktop\adwcleaner_6.040.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****

[-] Task deleted: WarThunder sun
[-] Task deleted: WarThunder sat


***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3194 Bytes] - [18/04/2016 21:30:05]
C:\AdwCleaner\AdwCleaner[C2].txt - [3370 Bytes] - [02/08/2016 20:47:35]
C:\AdwCleaner\AdwCleaner[C3].txt - [1993 Bytes] - [15/10/2016 12:23:49]
C:\AdwCleaner\AdwCleaner[C4].txt - [1036 Bytes] - [08/12/2016 17:24:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [3770 Bytes] - [18/04/2016 21:28:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [3634 Bytes] - [02/08/2016 20:43:34]
C:\AdwCleaner\AdwCleaner[S3].txt - [2015 Bytes] - [14/10/2016 22:07:33]
C:\AdwCleaner\AdwCleaner[S4].txt - [1611 Bytes] - [08/12/2016 17:24:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1401 Bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
Ran by Vojtěch (administrator) on NH4E7QW (08-12-2016 18:43:03)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Gretech Corp.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.69\opera.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-05-04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2016-08-10] (PDF Complete Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\Snow3.scr [352256 2009-06-29] (Thomas Olesch)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3FB67058-48F5-41DB-BA61-F9D104C15A78}: [DhcpNameServer] 10.12.0.1
Tcpip\..\Interfaces\{A4F71677-C072-4D8A-96CA-BDC340144CF4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B6DD668F-0FE8-4988-9F15-2792B0BCA99F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-866173097-1738320259-1985661619-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2014-09-23] (FreeDownloadManager.ORG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-10-26] (DigitalPersona, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Vojtěch\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2014-03-18] ( )
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-12-10] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-18]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-10-26] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2815520 2016-10-11] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [107520 2016-09-15] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-09-15] (Ellora Assets Corp.) [File not signed]
S3 GDOCService; C:\Program Files (x86)\Global Graphics\gDocPDFServer\MWFSrv.exe [77824 2010-08-27] (Global Graphics) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2014-02-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2014-02-04] (Intel Corporation)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2015-03-22] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-10-10] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-11-21] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [181312 2014-03-18] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-21] ()
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232072 2016-10-13] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [177792 2016-10-13] (ESET)
R1 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [67712 2016-10-13] (ESET)
S0 giveio; C:\Windows\SysWOW64\drivers\giveio.sys [5248 1996-04-03] () [File not signed]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-21] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-15] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1864328 2012-10-04] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-02] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [30848 2015-12-29] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
U4 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-08 18:43 - 2016-12-08 18:44 - 00018639 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2016-12-08 17:20 - 2016-12-08 17:20 - 03968464 _____ C:\Users\Vojtěch\Desktop\adwcleaner_6.040.exe
2016-12-08 17:03 - 2016-12-08 18:41 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2016-12-07 21:29 - 2016-12-07 21:30 - 00112640 _____ (forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe
2016-12-05 20:21 - 2016-12-05 22:20 - 2146877692 _____ C:\Users\Vojtěch\Downloads\Shame-(Stud)-cz-tit-2011.avi
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\ProgramData\ESET
2016-11-30 23:26 - 2016-11-30 23:26 - 00000000 ____D C:\Program Files\ESET
2016-11-30 23:22 - 2016-11-30 23:23 - 03135616 _____ (ESET) C:\Users\Vojtěch\Desktop\eset_nod32_antivirus_live_installer_us.exe
2016-11-30 21:48 - 2016-12-01 16:12 - 00001067 _____ C:\Users\Vojtěch\Desktop\Unibet Poker.lnk
2016-11-30 21:48 - 2016-12-01 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unibet Poker
2016-11-30 21:48 - 2016-12-01 16:12 - 00000000 ____D C:\Program Files (x86)\Unibet Poker
2016-11-30 11:59 - 2016-11-30 11:59 - 00030720 _____ C:\Users\Vojtěch\Downloads\nabídka.xls
2016-11-28 20:57 - 2016-11-28 20:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-28 20:52 - 2016-11-28 20:53 - 56790864 _____ (Relax Gaming Ltd. ) C:\Users\Vojtěch\Downloads\UnibetPokerBeta.exe
2016-11-28 17:10 - 2016-11-28 17:10 - 00174909 _____ C:\Users\Vojtěch\Downloads\161128_NAB#160275.1_ERW_H4000_DECT_Cordless_BS4_JmK_SENT.pdf
2016-11-28 17:10 - 2016-11-28 17:10 - 00174909 _____ C:\Users\Vojtěch\Downloads\161128_NAB#160275.1_ERW_H4000_DECT_Cordless_BS4_JmK_SENT (1).pdf
2016-11-28 16:49 - 2016-11-28 16:49 - 00249499 _____ C:\Users\Vojtěch\Downloads\161128-Nab#160276.1 - Vratnik 2N HELIOS IP VERSO 3 moduly- JmK_SENT.pdf
2016-11-28 16:45 - 2016-11-28 16:45 - 00117043 _____ C:\Users\Vojtěch\Downloads\161128 NAB#160277.1 TELCONNECT Telefony openStage HFA%2c TDM_JmK-SENT.pdf
2016-11-28 10:46 - 2016-11-28 10:46 - 00401657 _____ C:\Users\Vojtěch\Downloads\Krajský úřad Jihomoravského kraje27.11.2016_001.pdf
2016-11-27 09:59 - 2016-11-27 11:52 - 1822341382 _____ C:\Users\Vojtěch\Downloads\Hardcore-Henry_2015_titulky.CZ_1080p.x264.mkv
2016-11-24 17:43 - 2016-11-24 18:03 - 362456778 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E09.HDTV.x264-ASAP.mp4
2016-11-24 17:43 - 2016-11-24 17:43 - 00069121 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E09.HDTV.x264-ASAP.srt
2016-11-24 17:42 - 2016-11-24 17:42 - 00062360 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E08.HDTV.x264-KILLERS.srt
2016-11-24 17:18 - 2016-11-24 17:37 - 350175743 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E08.HDTV.x264-KILLERS.mp4
2016-11-20 17:56 - 2016-11-20 18:15 - 348132487 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E07.HDTV.x264-KILLERS.mp4
2016-11-20 17:55 - 2016-11-20 17:55 - 00050835 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E07.HDTV.x264-KILLERS.srt
2016-11-20 17:04 - 2016-11-20 17:25 - 370993456 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E06.HDTV.x264-KILLERS.mp4
2016-11-20 17:04 - 2016-11-20 17:04 - 00062612 _____ C:\Users\Vojtěch\Downloads\Masters.of.Sex.S01E06.HDTV.x264-KILLERS.srt
2016-11-18 23:09 - 2016-11-18 23:09 - 00001010 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-11-18 23:09 - 2016-11-18 23:09 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\IrfanView
2016-11-18 23:09 - 2016-11-18 23:09 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-11-18 23:07 - 2016-11-18 23:08 - 02131936 _____ (Irfan Skiljan) C:\Users\Vojtěch\Downloads\iview442_setup.exe
2016-11-18 23:01 - 2016-11-18 23:01 - 00061284 _____ C:\Users\Vojtěch\Downloads\189669591_20161031_10_MCZS.pdf
2016-11-18 16:18 - 2016-11-18 17:45 - 1567006720 _____ C:\Users\Vojtěch\Downloads\Požáry-%2F-Incendies-2010,-CZ-tit.avi
2016-11-17 21:02 - 2016-11-17 21:02 - 00043224 _____ C:\Users\Vojtěch\Downloads\The-Thing(0000276868).srt
2016-11-15 19:20 - 2016-11-15 19:20 - 00085346 _____ C:\Users\Vojtěch\Downloads\Cww8DSpXUAAPueJ.jpg-large
2016-11-13 16:36 - 2016-11-13 16:36 - 00035059 _____ C:\Users\Vojtěch\Downloads\Vyúčtování_2016_10-1310991889.pdf
2016-11-11 19:57 - 2016-11-11 23:40 - 2059890602 _____ C:\Users\Vojtěch\Downloads\Polytechnika_Polytechnique_2009_hc.titulky.CZ.mp4
2016-11-11 16:45 - 2016-11-11 17:50 - 1035200689 _____ C:\Users\Vojtěch\Downloads\Prisoners.2013.720p.Bluray.x264-YIFY.mp4
2016-11-11 16:44 - 2016-11-11 16:44 - 00077966 _____ C:\Users\Vojtěch\Downloads\Prisoners.2013.720p.Bluray.x264-YIFY.srt
2016-11-09 21:57 - 2016-12-08 17:21 - 00018930 _____ C:\Users\Vojtěch\Desktop\sazeni_poker_BANK.ods

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-08 18:43 - 2016-04-18 20:34 - 00000000 ____D C:\FRST
2016-12-08 18:29 - 2016-05-11 06:19 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-08 17:55 - 2015-01-13 19:55 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-08 17:32 - 2012-09-26 09:53 - 00000950 _____ C:\Windows\SysWOW64\bscs.ini
2016-12-08 17:31 - 2016-05-11 06:19 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-08 17:31 - 2013-12-10 14:57 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2016-12-08 17:30 - 2012-11-22 04:49 - 00000000 ____D C:\ProgramData\PDFC
2016-12-08 17:29 - 2013-12-10 14:57 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2016-12-08 17:28 - 2014-05-07 18:57 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForVojtěch.job
2016-12-08 17:28 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-08 17:24 - 2016-04-18 21:28 - 00000000 ____D C:\AdwCleaner
2016-12-08 17:21 - 2013-11-04 09:26 - 00595968 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2016-12-08 17:19 - 2015-11-17 13:32 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2016-12-07 21:41 - 2016-09-09 16:53 - 00000000 ____D C:\Users\Vojtěch\Downloads\The.East.2013.HDRip.XviD-S4A
2016-12-07 21:41 - 2013-10-05 22:29 - 08782336 ___SH C:\Users\Vojtěch\Downloads\Thumbs.db
2016-12-07 21:26 - 2014-11-24 09:52 - 00000000 ____D C:\Users\Vojtěch\Downloads\13_POKER
2016-12-07 18:14 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-12-07 18:13 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-06 18:18 - 2016-10-25 17:09 - 00000202 _____ C:\Users\Vojtěch\SecurityKISSTunnel.config
2016-12-06 18:18 - 2016-10-25 17:00 - 00000000 ____D C:\Program Files\SecurityKISS Tunnel
2016-12-06 18:18 - 2013-10-03 22:32 - 00000000 ____D C:\Users\Vojtěch
2016-12-06 18:09 - 2014-05-07 18:57 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForVojtěch
2016-12-04 00:57 - 2016-04-08 14:55 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-03 21:09 - 2015-02-21 21:35 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\PokerStars.EU
2016-12-02 23:34 - 2013-10-04 21:04 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Google
2016-12-01 16:12 - 2016-08-05 15:27 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-12-01 16:12 - 2016-08-05 15:27 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-12-01 15:26 - 2016-11-02 18:39 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2016-12-01 00:07 - 2012-11-22 05:19 - 00756994 _____ C:\Windows\system32\perfh005.dat
2016-12-01 00:07 - 2012-11-22 05:19 - 00163422 _____ C:\Windows\system32\perfc005.dat
2016-12-01 00:07 - 2012-07-26 08:28 - 01854972 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-01 00:07 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf
2016-11-30 23:59 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-30 22:51 - 2013-10-19 21:12 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2016-11-30 22:50 - 2016-01-03 11:08 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2016-11-30 22:50 - 2014-02-10 18:28 - 00000000 ____D C:\Windows\Minidump
2016-11-30 22:46 - 2013-11-07 20:17 - 00000000 ____D C:\Users\Vojtěch\Downloads\01_filmy
2016-11-30 22:46 - 2013-10-05 22:31 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\GHISLER
2016-11-30 22:42 - 2013-11-07 20:20 - 00000000 ____D C:\Users\Vojtěch\Downloads\03_serialy
2016-11-30 16:43 - 2015-11-06 18:24 - 00000000 ____D C:\Users\Vojtěch\Documents\888poker
2016-11-28 20:56 - 2016-08-05 15:27 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-11-28 14:30 - 2016-10-09 15:26 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Poker at bet365
2016-11-28 09:37 - 2016-10-09 15:27 - 00001838 _____ C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Poker at bet365.lnk
2016-11-28 09:37 - 2016-10-09 15:27 - 00001836 _____ C:\Users\Vojtěch\Desktop\Poker at bet365.lnk
2016-11-27 10:25 - 2015-02-21 21:31 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-11-25 20:24 - 2014-12-22 17:31 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1381869317
2016-11-25 20:24 - 2013-10-15 21:35 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 20:24 - 2013-10-15 21:35 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-20 19:57 - 2015-11-06 18:22 - 00000000 ____D C:\Program Files (x86)\PacificPoker
2016-11-15 17:53 - 2013-11-07 20:31 - 00000000 ____D C:\Users\Vojtěch\Downloads\00_sazkarnet
2016-11-15 17:31 - 2012-08-02 22:20 - 00000000 ____D C:\swsetup
2016-11-14 23:31 - 2013-10-04 21:05 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-08 00:00 - 2013-11-07 20:20 - 00000000 ____D C:\Users\Vojtěch\Downloads\02_hudba

==================== Files in the root of some directories =======

2015-05-26 16:20 - 2015-05-26 16:20 - 0000040 _____ () C:\Users\Vojtěch\AppData\Roaming\cdr.ini
2015-11-19 13:19 - 2015-11-19 13:19 - 0000000 _____ () C:\Users\Vojtěch\AppData\Local\{A365E46F-AAE6-4A5E-A4F0-FEF0DDD7E94B}
2016-09-08 21:16 - 2016-09-08 21:16 - 0004934 _____ () C:\ProgramData\flwjycbm.bab
2015-10-16 19:24 - 2015-10-16 19:46 - 0000387 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Vojtěch\AppData\Local\Temp\libeay32.dll
C:\Users\Vojtěch\AppData\Local\Temp\msvcr120.dll
C:\Users\Vojtěch\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForVojtěch.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus 10.0.369.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.369.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vojt�ch\Desktop" je 1048 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\flwjycbm.bab
C:\Users\Vojtěch\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
Ran by Vojtěch (2016-12-08 20:24:47) Run:2
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\flwjycbm.bab
C:\Users\Vojtěch\AppData\Local\Temp

EmptyTemp:
End
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\flwjycbm.bab => moved successfully

"C:\Users\Vojtěch\AppData\Local\Temp" folder move:

Could not move "C:\Users\Vojtěch\AppData\Local\Temp" => Scheduled to move on reboot.

EmptyTemp: => 691.5 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-12-08 20:29:50)

C:\Users\Vojtěch\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:29:52 ====

Smazáno. Nastala nějaká změna?

zase se to objevilo

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.12.16
Čas skenování: 11:43
Logovací soubor: malwarebytessken.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.4.1269
Verze komponentů: 1.0.39
Aktualizovat verzi balíku komponent: 1.0.683
Licence: Zkušební

-Systémová informace-
OS: Windows 8
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 386135
Uplynulý čas: 13 min, 48 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 4
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder sat, Žádná uživatelská akce, [79], [186209],1.0.683
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder sun, Žádná uživatelská akce, [79], [186209],1.0.683
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder0, Žádná uživatelská akce, [79], [186209],1.0.683
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder05, Žádná uživatelská akce, [79], [186209],1.0.683

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 5
PUP.Optional.BundleInstaller, C:\USERS\VOJT\u00c4\u009bCH\DOWNLOADS\CASINOACTION.EXE, Žádná uživatelská akce, [38], [309975],1.0.683
PUP.Optional.OpenCandy, C:\USERS\VOJT\u00c4\u009bCH\DOWNLOADS\FREEMAKEVIDEODOWNLOADERSETUP.EXE, Žádná uživatelská akce, [647], [80773],1.0.683
PUP.Optional.BundleInstaller, C:\USERS\VOJT\u00c4\u009bCH\DOWNLOADS\YOUTUBEDOWNLOADER_SETUP.EXE, Žádná uživatelská akce, [38], [20059],1.0.683
PUP.Optional.BundleInstaller, C:\USERS\VOJT\u00c4\u009bCH\DOWNLOADS\MPEG4PLAYER_SETUP.MSI, Žádná uživatelská akce, [38], [19471],1.0.683
PUP.Optional.Spigot, C:\USERS\VOJT\u00c4\u009bCH\DOWNLOADS\YTDSETUP (1).EXE, Žádná uživatelská akce, [814], [300859],1.0.683

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Smažte všechny položky.

je to tam porad - uz tam teda neni cislo 16, ale 17. A objevil se mi tam Avast (viz obrazek), ktery jsem pritom odinstaloval, kdyz jsem koupil ESET.
Jeste mi tam vyskocilo cosi od LENOVO (notebook je HP) a Google instalacni balicek nebo tak nejak.

Zkuste Avast odinstalovat pomocí jejich utility: https://www.avast.com/cs-cz/uninstall-utility .

odinstalovano. Dam vedet zitra, jestli se to zase objevi.
tady scan z malwarebytes:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/12/16
Scan Time: 7:26 PM
Logfile: mb2.txt
Administrator: Yes

-Software Information-
Version: 3.0.0
Components Version: 1.0.0
Update Package Version: 1.0.706
License: Trial

-System Information-
OS: Windows 8
CPU: x64
File System: NTFS
User: NH4E7QW\Vojt\u00c4\u009bch

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 386398
Time Elapsed: 10 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
PUP.Optional.Sputnik, C:\USERS\VOJT\u00c4\u009bCH\APPDATA\ROAMING\ICQM\ICQ\DLL\MAILRUSPUTNIK.EXE, No Action By User, [2800], [352247],1.0.706

Physical Sector: 0
(No malicious items detected)


(end)