VIRY.CZ

Zdravím, pc reaguje v poslední době zvláštně(pomalejší bez zjevného duvodu), proto bych Vás rád požádal o preventivku, přikládám logz RSIT
moc dekuji a preji prijemny den

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by tomas (administrator) on LENOVO-PC (21-02-2017 23:34:43)
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McT2659.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\maxthonupdatesvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(© 2015 Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program64\Zps.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-19] (ZONER software)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.33.0.11 10.33.0.2
Tcpip\..\Interfaces\{228c1ea3-94b4-4511-b247-edc39ba9bfe1}: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{5c9ba3be-fcce-44a8-90f0-50cb2d02bedb}: [DhcpNameServer] 10.33.0.11 10.33.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: uzqwx9gr.default
FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default [2017-01-11]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Amazon
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-10]
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\extensions\arthurj8283@gmail.com => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Docs) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-30]
CHR Extension: (Adobe Acrobat) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-11]
CHR Extension: (Avast SafePrice) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-21]
CHR Extension: (Avast Online Security) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-20]
CHR Extension: (Google Scholar Button) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-19]
CHR HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0167001487679359mcinstcleanup; C:\WINDOWS\TEMP\016700~1.EXE [922152 2016-03-02] (McAfee, Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [100528 2017-02-17] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [172200 2016-07-28] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-13] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-04] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2451880 2016-03-21] (Maxthon)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-19] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7504560 2013-11-20] (Broadcom Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-04] (Disc Soft Ltd)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-21 23:34 - 2017-02-21 23:36 - 00028655 _____ C:\Users\tomas\Downloads\FRST.txt
2017-02-21 23:33 - 2017-02-21 23:34 - 00000000 ____D C:\FRST
2017-02-21 23:33 - 2017-02-21 23:33 - 02422784 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2017-02-21 22:39 - 2017-02-21 23:14 - 615108776 _____ C:\Users\tomas\Downloads\Vikings.S04E16.CZ-titulky.WEB-DL.avi
2017-02-21 21:54 - 2017-02-21 22:14 - 367751435 _____ C:\Users\tomas\Downloads\Vikings-S04E15-TitCz.mp4
2017-02-21 20:00 - 2017-02-21 20:00 - 00488201 _____ C:\Users\tomas\Downloads\O'Brien_et_al-2013-New_Phytologist.pdf
2017-02-21 19:40 - 2017-02-21 19:40 - 00000000 ____D C:\Users\tomas\Downloads\TV_setup_sk
2017-02-21 19:39 - 2017-02-21 19:39 - 06097146 _____ C:\Users\tomas\Downloads\TV_setup_sk.zip
2017-02-21 19:37 - 2017-02-21 19:37 - 04457604 _____ C:\Users\tomas\Downloads\tvsetupMV.exe
2017-02-21 19:20 - 2017-02-21 19:21 - 01448960 _____ C:\Users\tomas\Downloads\bez Daphne.xls
2017-02-21 17:22 - 2017-02-21 17:22 - 00072206 _____ C:\Users\tomas\Downloads\navrh9s.pdf
2017-02-21 14:02 - 2017-02-21 14:02 - 03104992 _____ C:\Users\tomas\Downloads\kopanice.psd
2017-02-21 13:25 - 2017-02-21 13:26 - 00000000 ____D C:\Users\tomas\Desktop\21.2.2017moneses,steril
2017-02-20 22:16 - 2017-02-20 22:38 - 396357632 _____ C:\Users\tomas\Downloads\Vikings-S04E14-cz-tit.avi
2017-02-20 15:38 - 2017-02-20 15:38 - 00012397 ____H C:\Users\tomas\Desktop\~WRL2653.tmp
2017-02-20 14:31 - 2017-02-20 14:31 - 00005012 _____ C:\Users\tomas\Downloads\bobrov6a.txt
2017-02-20 14:25 - 2017-02-20 14:25 - 00003028 _____ C:\Users\tomas\Downloads\bobrov4b.txt
2017-02-20 14:10 - 2017-02-20 14:10 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
2017-02-20 14:07 - 2017-02-20 14:07 - 00000000 ____D C:\Users\tomas\Downloads\velenovsky,teriokhin,ruska knizka
2017-02-20 10:14 - 2017-02-20 10:14 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-19 22:33 - 2017-02-20 11:18 - 00000000 ____D C:\Users\tomas\Desktop\luckstarsi pyrola18
2017-02-19 20:10 - 2011-11-01 16:29 - 53304801 _____ C:\Users\tomas\Desktop\Zrcadlo_minulosti.PDF
2017-02-19 14:48 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\asi delete
2017-02-19 13:44 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\delete
2017-02-19 13:43 - 2017-02-19 13:44 - 00000000 ____D C:\Users\tomas\Desktop\pyrola
2017-02-19 13:36 - 2017-02-19 14:42 - 00000000 ____D C:\Users\tomas\Desktop\N sensit article
2017-02-19 13:27 - 2017-02-19 14:28 - 00000000 ____D C:\Users\tomas\Downloads\hudba
2017-02-19 13:26 - 2017-02-19 14:43 - 00000000 ____D C:\Users\tomas\Desktop\articles
2017-02-19 13:11 - 2017-02-19 14:39 - 00000000 ____D C:\Users\tomas\Downloads\vikings
2017-02-19 13:06 - 2017-02-19 14:37 - 00000000 ____D C:\Users\tomas\Downloads\n article
2017-02-12 17:59 - 2017-02-12 17:59 - 00000000 ____D C:\Users\tomas\Downloads\státnice DOPR 2016
2017-02-11 10:48 - 2017-02-21 21:51 - 00000000 ____D C:\Users\tomas\Desktop\hnuj
2017-02-09 11:40 - 2017-02-09 11:40 - 00000000 ____D C:\Users\tomas\Desktop\The_Last_King
2017-02-06 21:21 - 2017-02-06 21:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-06 21:11 - 2016-07-15 19:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 19:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2017-02-06 21:11 - 2016-07-15 19:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2017-02-06 21:11 - 2016-07-15 18:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 18:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2017-02-05 11:00 - 2017-02-05 11:00 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRDCTM.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRAN32.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WDICT32.lnk
2017-02-05 10:46 - 2017-02-13 09:24 - 00000000 ____D C:\Users\tomas\AppData\Roaming\LangSoft
2017-02-05 10:46 - 2017-02-05 10:47 - 00000000 ____D C:\ProgramData\LangSoft
2017-02-05 10:43 - 2017-02-05 10:43 - 00000000 ____D C:\TRANSLAT
2017-02-05 10:12 - 2017-02-19 14:53 - 00000000 ____D C:\Users\tomas\Desktop\experimenty
2017-02-02 23:28 - 2017-02-20 19:32 - 00000000 ____D C:\Users\tomas\Desktop\pyrolalinhellluck1942vjpeg
2017-02-01 16:25 - 2017-02-01 16:36 - 00000333 _____ C:\WINDOWS\SoftWriting.ini
2017-02-01 16:25 - 2017-02-01 16:27 - 00000000 ____D C:\Program Files (x86)\SimpleOCR
2017-02-01 16:25 - 2017-02-01 16:25 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
2017-02-01 16:25 - 1997-04-22 01:00 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ctl3dv2.dll
2017-01-31 18:21 - 2017-02-01 10:12 - 11153742 _____ C:\Users\tomas\Desktop\pgs.pptx
2017-01-29 19:14 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-29 19:14 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-29 08:12 - 2017-01-29 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-24 08:57 - 2017-01-24 08:57 - 00000000 ____D C:\Users\tomas\Desktop\New folder (3)
2017-01-24 08:24 - 2017-01-24 08:31 - 00000000 ____D C:\Users\tomas\Desktop\foto tablet

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-21 23:30 - 2016-10-02 06:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-21 23:30 - 2016-03-28 14:49 - 00000000 ____D C:\Users\tomas\AppData\Roaming\vlc
2017-02-21 23:26 - 2016-09-10 19:39 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Skype
2017-02-21 19:21 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\Packages
2017-02-21 15:10 - 2016-03-19 11:46 - 00000000 ____D C:\Users\tomas\AppData\Local\Adobe
2017-02-21 13:25 - 2016-09-29 06:48 - 00000000 ____D C:\Program Files\TrueKey
2017-02-21 13:17 - 2016-09-29 06:58 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-21 13:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-20 22:17 - 2016-07-25 22:03 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Raptr
2017-02-20 14:10 - 2015-02-13 03:20 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-02-20 11:06 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-20 10:47 - 2016-10-02 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-20 10:22 - 2016-10-02 07:16 - 00000000 ____D C:\Users\tomas
2017-02-20 10:21 - 2016-10-02 17:09 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-20 10:20 - 2016-10-02 17:09 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-20 10:15 - 2016-10-02 06:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-20 10:15 - 2016-03-03 04:31 - 00000000 __SHD C:\Users\tomas\IntelGraphicsProfiles
2017-02-20 10:14 - 2016-10-02 17:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-20 10:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-19 14:45 - 2016-12-30 10:18 - 00000000 ____D C:\Users\tomas\Desktop\KIMS
2017-02-19 14:20 - 2016-12-26 09:50 - 00000000 ____D C:\Users\tomas\Desktop\pyrol zaloh po 5.2.17
2017-02-19 13:30 - 2016-05-28 06:57 - 00000000 ____D C:\data
2017-02-16 14:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-16 11:20 - 2016-07-25 22:05 - 00000000 ____D C:\Users\tomas\AppData\Roaming\PlaysTV
2017-02-13 09:24 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\VirtualStore
2017-02-12 18:17 - 2016-09-10 19:38 - 00000000 ____D C:\ProgramData\Skype
2017-02-11 13:28 - 2017-01-06 22:36 - 00000000 ____D C:\Users\tomas\AppData\Local\CrashDumps
2017-02-06 21:34 - 2016-03-26 08:19 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 21:23 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 21:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-06 21:11 - 2016-07-16 15:15 - 00000000 ____D C:\WINDOWS\OCR
2017-02-05 10:13 - 2017-01-07 09:16 - 00000000 ____D C:\Users\tomas\Desktop\experimenty 2017
2017-02-03 20:44 - 2016-09-10 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-29 08:12 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-01-23 22:19 - 2016-09-29 06:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2016-08-10 13:10 - 2016-11-08 15:11 - 0000112 _____ () C:\Users\tomas\AppData\Roaming\JP2K CS6 Prefs
2017-02-20 10:14 - 2017-02-20 10:14 - 0000000 ____H () C:\ProgramData\cm-lock
2016-10-02 07:09 - 2016-10-02 07:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-12-28 18:15 - 2015-09-03 11:26 - 12203488 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP32.exe
2016-12-28 18:15 - 2015-09-03 11:27 - 12495248 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP64.exe
2016-11-28 13:48 - 2015-05-26 07:52 - 0250472 _____ (Thomson Reuters) C:\Users\tomas\AppData\Local\Temp\Risweb32.exe
2017-01-19 19:10 - 2017-01-19 19:10 - 0381440 _____ () C:\Users\tomas\AppData\Local\Temp\turbojpeg2793987023504395071.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-18 19:11

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

našlo to nejaké které nevím co jsou zač
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
a nějaký amazon toolbar...a to jsem ani nic neinstaloval poslední dobou....

samotný log:

# AdwCleaner v6.043 - Logfile created 23/02/2017 at 17:40:48
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-23.3 [Server]
# Operating System : Windows 10 Home (X64)
# Username : tomas - LENOVO-PC
# Running from : C:\Users\tomas\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Public\Documents\dmp
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Folder deleted: C:\Users\Public\Pokki

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Key deleted: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Web browsers ] *****

[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: nice
[-] [C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13286 Bytes] - [25/05/2016 16:46:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [8352 Bytes] - [23/02/2017 17:40:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [12957 Bytes] - [25/05/2016 16:40:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [8258 Bytes] - [23/02/2017 17:35:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [8572 Bytes] ##########

Dejte nový log FRST.

tady je log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
Ran by tomas (administrator) on LENOVO-PC (24-02-2017 11:19:24)
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\maxthonupdatesvc.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(© 2015 Microsoft Corporation) C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-02-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-02] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-12-19] (ZONER software)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-27] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{228c1ea3-94b4-4511-b247-edc39ba9bfe1}: [DhcpNameServer] 195.113.56.8 195.113.0.2
Tcpip\..\Interfaces\{5c9ba3be-fcce-44a8-90f0-50cb2d02bedb}: [DhcpNameServer] 10.33.0.11 10.33.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-21] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\Translator_2016.03\WebIE.dll [2017-02-05] ()
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: uzqwx9gr.default
FF ProfilePath: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default [2017-01-11]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Amazon
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-ww
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-10]
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> file:///C:/Users/tomas/Desktop/170104-20170105T175604Z/170104/170104%20m%C4%9B%C5%99en%C3%AD.xlsx
CHR Profile: C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Google Docs) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-30]
CHR Extension: (YouTube) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-17]
CHR Extension: (Google Docs Offline) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-21]
CHR Extension: (Avast Online Security) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-20]
CHR Extension: (Google Scholar Button) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LDrvSvc; c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll [172200 2016-07-28] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-13] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-04] ()
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2451880 2016-03-21] (Maxthon)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-19] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7504560 2013-11-20] (Broadcom Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-04] (Disc Soft Ltd)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-24 10:56 - 2017-02-24 10:56 - 02423296 _____ (Farbar) C:\Users\tomas\Downloads\FRST64 (1).exe
2017-02-23 17:51 - 2017-02-23 17:51 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043 (1).exe
2017-02-23 17:44 - 2017-02-23 17:44 - 00000000 ____H C:\ProgramData\cm-lock
2017-02-23 16:54 - 2017-02-23 16:54 - 04015056 _____ C:\Users\tomas\Downloads\adwcleaner_6.043.exe
2017-02-23 08:58 - 2017-02-23 08:58 - 00230414 _____ C:\Users\tomas\Downloads\2017-01-figura.pdf
2017-02-22 19:51 - 2017-02-23 16:05 - 07769477 _____ C:\Users\tomas\Downloads\pgs1.pptx
2017-02-22 11:03 - 2017-02-22 11:03 - 02112802 _____ C:\Users\tomas\Downloads\zaverecna_prace (2).pdf
2017-02-22 11:01 - 2017-02-22 11:01 - 01883753 _____ C:\Users\tomas\Downloads\zaverecna_prace (1).pdf
2017-02-22 10:51 - 2017-02-22 10:51 - 01931813 _____ C:\Users\tomas\Downloads\zaverecna_prace.pdf
2017-02-22 10:31 - 2017-02-22 10:31 - 01225755 _____ C:\Users\tomas\Downloads\metodicke-pokyny-pro-zpracovani-diplomove-prace-na-fzp-aktual.2017-leden.pdf
2017-02-21 23:42 - 2017-02-21 23:42 - 00055829 _____ C:\Users\tomas\Desktop\Addition.txt
2017-02-21 23:42 - 2017-02-21 23:42 - 00014550 _____ C:\Users\tomas\Desktop\Addition.zip
2017-02-21 23:37 - 2017-02-21 23:41 - 00055826 _____ C:\Users\tomas\Downloads\Addition.txt
2017-02-21 23:34 - 2017-02-24 11:20 - 00027022 _____ C:\Users\tomas\Downloads\FRST.txt
2017-02-21 23:33 - 2017-02-24 11:19 - 00000000 ____D C:\FRST
2017-02-21 23:33 - 2017-02-21 23:33 - 02422784 _____ (Farbar) C:\Users\tomas\Downloads\FRST64.exe
2017-02-21 22:39 - 2017-02-21 23:14 - 615108776 _____ C:\Users\tomas\Downloads\Vikings.S04E16.CZ-titulky.WEB-DL.avi
2017-02-21 21:54 - 2017-02-21 22:14 - 367751435 _____ C:\Users\tomas\Downloads\Vikings-S04E15-TitCz.mp4
2017-02-21 20:00 - 2017-02-21 20:00 - 00488201 _____ C:\Users\tomas\Downloads\O'Brien_et_al-2013-New_Phytologist.pdf
2017-02-21 19:40 - 2017-02-21 19:40 - 00000000 ____D C:\Users\tomas\Downloads\TV_setup_sk
2017-02-21 19:39 - 2017-02-21 19:39 - 06097146 _____ C:\Users\tomas\Downloads\TV_setup_sk.zip
2017-02-21 19:37 - 2017-02-21 19:37 - 04457604 _____ C:\Users\tomas\Downloads\tvsetupMV.exe
2017-02-21 19:20 - 2017-02-23 17:04 - 01473024 _____ C:\Users\tomas\Downloads\bez Daphne.xls
2017-02-21 17:22 - 2017-02-21 17:22 - 00072206 _____ C:\Users\tomas\Downloads\navrh9s.pdf
2017-02-21 14:02 - 2017-02-21 14:02 - 03104992 _____ C:\Users\tomas\Downloads\kopanice.psd
2017-02-21 13:25 - 2017-02-21 13:26 - 00000000 ____D C:\Users\tomas\Desktop\21.2.2017moneses,steril
2017-02-20 22:16 - 2017-02-20 22:38 - 396357632 _____ C:\Users\tomas\Downloads\Vikings-S04E14-cz-tit.avi
2017-02-20 14:31 - 2017-02-20 14:31 - 00005012 _____ C:\Users\tomas\Downloads\bobrov6a.txt
2017-02-20 14:25 - 2017-02-20 14:25 - 00003028 _____ C:\Users\tomas\Downloads\bobrov4b.txt
2017-02-20 14:07 - 2017-02-20 14:07 - 00000000 ____D C:\Users\tomas\Downloads\velenovsky,teriokhin,ruska knizka
2017-02-19 22:33 - 2017-02-20 11:18 - 00000000 ____D C:\Users\tomas\Desktop\luckstarsi pyrola18
2017-02-19 20:10 - 2011-11-01 16:29 - 53304801 _____ C:\Users\tomas\Desktop\Zrcadlo_minulosti.PDF
2017-02-19 14:48 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\asi delete
2017-02-19 13:44 - 2017-02-19 14:49 - 00000000 ____D C:\Users\tomas\Desktop\delete
2017-02-19 13:43 - 2017-02-19 13:44 - 00000000 ____D C:\Users\tomas\Desktop\pyrola
2017-02-19 13:36 - 2017-02-24 09:13 - 00000000 ____D C:\Users\tomas\Desktop\N sensit article
2017-02-19 13:27 - 2017-02-19 14:28 - 00000000 ____D C:\Users\tomas\Downloads\hudba
2017-02-19 13:26 - 2017-02-23 08:57 - 00000000 ____D C:\Users\tomas\Desktop\articles
2017-02-19 13:11 - 2017-02-19 14:39 - 00000000 ____D C:\Users\tomas\Downloads\vikings
2017-02-19 13:06 - 2017-02-19 14:37 - 00000000 ____D C:\Users\tomas\Downloads\n article
2017-02-12 17:59 - 2017-02-12 17:59 - 00000000 ____D C:\Users\tomas\Downloads\státnice DOPR 2016
2017-02-11 10:48 - 2017-02-23 17:04 - 00000000 ____D C:\Users\tomas\Desktop\hnuj
2017-02-09 11:40 - 2017-02-09 11:40 - 00000000 ____D C:\Users\tomas\Desktop\The_Last_King
2017-02-06 21:21 - 2017-02-06 21:20 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-06 21:11 - 2016-07-15 19:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 19:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2017-02-06 21:11 - 2016-07-15 19:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2017-02-06 21:11 - 2016-07-15 18:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2017-02-06 21:11 - 2016-07-15 18:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2017-02-05 11:00 - 2017-02-05 11:00 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRDCTM.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WTRAN32.lnk
2017-02-05 10:59 - 2017-02-05 10:59 - 00001034 _____ C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WDICT32.lnk
2017-02-05 10:46 - 2017-02-13 09:24 - 00000000 ____D C:\Users\tomas\AppData\Roaming\LangSoft
2017-02-05 10:46 - 2017-02-05 10:47 - 00000000 ____D C:\ProgramData\LangSoft
2017-02-05 10:43 - 2017-02-05 10:43 - 00000000 ____D C:\TRANSLAT
2017-02-05 10:12 - 2017-02-19 14:53 - 00000000 ____D C:\Users\tomas\Desktop\experimenty
2017-02-02 23:28 - 2017-02-20 19:32 - 00000000 ____D C:\Users\tomas\Desktop\pyrolalinhellluck1942vjpeg
2017-02-01 16:25 - 2017-02-01 16:36 - 00000333 _____ C:\WINDOWS\SoftWriting.ini
2017-02-01 16:25 - 2017-02-01 16:27 - 00000000 ____D C:\Program Files (x86)\SimpleOCR
2017-02-01 16:25 - 2017-02-01 16:25 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SimpleOCR
2017-02-01 16:25 - 1997-04-22 01:00 - 00027632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ctl3dv2.dll
2017-01-31 18:21 - 2017-02-01 10:12 - 11153742 _____ C:\Users\tomas\Desktop\pgs.pptx
2017-01-29 19:14 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-29 19:14 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-29 08:12 - 2017-01-29 08:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-24 11:20 - 2016-09-10 19:39 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Skype
2017-02-24 11:07 - 2016-03-19 11:46 - 00000000 ____D C:\Users\tomas\AppData\Local\Adobe
2017-02-24 10:53 - 2016-10-02 07:16 - 00000000 ____D C:\Users\tomas
2017-02-24 10:48 - 2016-10-02 06:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-24 09:12 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\Packages
2017-02-24 09:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-23 18:01 - 2016-10-02 17:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-23 17:59 - 2016-10-02 17:09 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-02-23 17:51 - 2016-07-25 22:05 - 00000000 ____D C:\Users\tomas\AppData\Roaming\PlaysTV
2017-02-23 17:51 - 2016-07-25 22:03 - 00000000 ____D C:\Users\tomas\AppData\Roaming\Raptr
2017-02-23 17:48 - 2016-10-02 06:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-23 17:48 - 2016-03-03 04:31 - 00000000 __SHD C:\Users\tomas\IntelGraphicsProfiles
2017-02-23 17:43 - 2016-10-02 17:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-23 17:42 - 2016-09-29 06:48 - 00000000 ____D C:\Program Files\TrueKey
2017-02-23 17:42 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-23 17:40 - 2016-05-25 16:39 - 00000000 ____D C:\AdwCleaner
2017-02-23 17:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 17:22 - 2016-03-04 16:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 17:14 - 2016-03-04 16:40 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 17:04 - 2016-09-29 06:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 14:58 - 2017-01-06 22:36 - 00000000 ____D C:\Users\tomas\AppData\Local\CrashDumps
2017-02-23 13:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-23 08:37 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-21 23:30 - 2016-03-28 14:49 - 00000000 ____D C:\Users\tomas\AppData\Roaming\vlc
2017-02-21 13:17 - 2016-09-29 06:58 - 00001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-20 10:21 - 2016-10-02 17:09 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-02-19 14:45 - 2016-12-30 10:18 - 00000000 ____D C:\Users\tomas\Desktop\KIMS
2017-02-19 14:20 - 2016-12-26 09:50 - 00000000 ____D C:\Users\tomas\Desktop\pyrol zaloh po 5.2.17
2017-02-19 13:30 - 2016-05-28 06:57 - 00000000 ____D C:\data
2017-02-13 09:24 - 2016-03-03 04:31 - 00000000 ____D C:\Users\tomas\AppData\Local\VirtualStore
2017-02-12 18:17 - 2016-09-10 19:38 - 00000000 ____D C:\ProgramData\Skype
2017-02-06 21:34 - 2016-03-26 08:19 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 21:23 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 21:11 - 2016-07-16 15:15 - 00000000 ____D C:\WINDOWS\OCR
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 10:13 - 2017-01-07 09:16 - 00000000 ____D C:\Users\tomas\Desktop\experimenty 2017
2017-02-03 20:44 - 2016-09-10 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-29 08:12 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Files in the root of some directories =======

2016-08-10 13:10 - 2016-11-08 15:11 - 0000112 _____ () C:\Users\tomas\AppData\Roaming\JP2K CS6 Prefs
2017-02-23 17:44 - 2017-02-23 17:44 - 0000000 ____H () C:\ProgramData\cm-lock
2016-10-02 07:09 - 2016-10-02 07:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-12-28 18:15 - 2015-09-03 11:26 - 12203488 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP32.exe
2016-12-28 18:15 - 2015-09-03 11:27 - 12495248 _____ (HDRsoft Ltd ) C:\Users\tomas\AppData\Local\Temp\InstallerPMP64.exe
2016-11-28 13:48 - 2015-05-26 07:52 - 0250472 _____ (Thomson Reuters) C:\Users\tomas\AppData\Local\Temp\Risweb32.exe
2017-01-19 19:10 - 2017-01-19 19:10 - 0381440 _____ () C:\Users\tomas\AppData\Local\Temp\turbojpeg2793987023504395071.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-18 19:11

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\tomas\AppData\Local\Temp

EmptyTemp:
End

Uložte do C:\Users\tomas\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zde je fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
Ran by tomas (24-02-2017 13:33:24) Run:1
Running from C:\Users\tomas\Downloads
Loaded Profiles: tomas (Available Profiles: tomas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [BingSvc] => C:\Users\tomas\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} - "F:\setup.exe"
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\...\MountPoints2: {f1e428c5-f197-11e5-8267-38b1dbdcf3ec} - "J:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> DefaultScope {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
SearchScopes: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> {C5B476F6-FF24-4F97-986B-3F9099CF0015} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-278386703-2547403182-1964600144-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-23] (Google Inc.)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uzqwx9gr.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\uzqwx9gr.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF SearchPlugin: C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml [2016-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\tomas\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{0d52c5ad-e0f0-11e5-8260-38b1dbdcf3ec} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key removed successfully
HKCR\CLSID\{f1e428c5-f197-11e5-8267-38b1dbdcf3ec} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe => moved successfully

"C:\Program Files\McAfee Security Scan" folder move:

Could not move "C:\Program Files\McAfee Security Scan" => Scheduled to move on reboot.

HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key removed successfully
HKCR\CLSID\{C5B476F6-FF24-4F97-986B-3F9099CF0015} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-278386703-2547403182-1964600144-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.3 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "Keyword.URL" removed successfully
C:\Users\tomas\AppData\Roaming\Mozilla\Firefox\Profiles\uzqwx9gr.default\searchplugins\bing-.xml => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => key removed successfully
McComponentHostService => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\tomas\AppData\Local\Temp" folder move:

Could not move "C:\Users\tomas\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 672150019 B
Java, Flash, Steam htmlcache => 900 B
Windows/system/drivers => 71129516 B
Edge => 5432262 B
Chrome => 794486434 B
Firefox => 91100069 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 34803840 B
systemprofile32 => 0 B
LocalService => 18042 B
NetworkService => 131766 B
tomas => 11322745918 B

RecycleBin => 3373015222 B
EmptyTemp: => 15.2 GB temporary data Removed.

================================

Dekuji!

Smazáno. Nastala nějaká změna?

Ano je to výrazně lepší, děkuji

Rádo se stalo!

VIRY.CZ

prosba o preventivku - pc je divný

prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný

Re: prosba o preventivku - pc je divný