VIRY.CZ

Dobrý den, potřeboval bych pomoct s odstraněním virů z notebooku, předem děkuji z pomoc.

Tady nálezy z WiperSoft: https://ctrlv.cz/DTYC

ComboFix:

ComboFix 17-02-24.01 - Lukáš 02.03.2017 15:29:27.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3992.2313 [GMT 1:00]
Spuštěný z: c:\users\LukßÜ\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\pthreadVC.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-02-02 do 2017-03-02 )))))))))))))))))))))))))))))))
.
.
2017-03-02 14:38 . 2017-03-02 14:38 118 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-02 14:36 . 2017-03-02 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-02 14:23 . 2017-03-02 14:23 -------- d-----w- c:\program files\CCleaner
2017-03-02 12:18 . 2017-03-02 12:18 23032 ----a-w- c:\windows\system32\wiperrm.exe
2017-03-02 12:18 . 2017-03-02 12:18 -------- d-----w- c:\users\Lukáš\AppData\Roaming\WiperSoft
2017-03-02 12:18 . 2017-03-02 12:18 -------- d-----w- c:\program files\WiperSoft
2017-03-02 12:07 . 2017-03-02 12:07 398408 ----a-w- c:\windows\system32\aswBoot.exe
2017-02-17 07:43 . 2017-02-17 07:43 -------- d-----w- c:\windows\system32\log
2017-02-17 07:39 . 2017-03-02 14:16 -------- d-----w- c:\program files (x86)\reports
2017-02-17 07:38 . 2017-02-17 07:38 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Mozilla
2017-02-17 07:38 . 2017-02-17 07:38 -------- d-----w- c:\users\Lukáš\AppData\Local\Firefox
2017-02-13 15:13 . 2017-02-13 15:13 459264 ----a-w- c:\program files (x86)\Common Files\Services\iThemes.dll
2017-02-09 08:13 . 2017-02-09 08:13 -------- d-----w- c:\users\Lukáš\AppData\Local\CrashRpt
2017-02-09 06:13 . 2017-02-09 06:13 -------- d-----w- C:\$AV_ASW
2017-02-08 10:57 . 2017-03-02 12:06 48528 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-02-08 10:57 . 2017-03-02 12:06 334600 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-02-08 10:57 . 2017-03-02 12:06 309272 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-02-08 10:57 . 2017-03-02 12:06 189768 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-02-06 14:12 . 2017-02-06 14:18 -------- d-----w- c:\windows\system32\appmgmt
2017-02-02 22:59 . 2017-02-02 22:59 -------- d-----w- c:\program files (x86)\Common Files\Skype
2017-02-01 17:38 . 2017-02-14 08:05 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Cache
2017-02-01 17:38 . 2017-02-01 17:38 -------- d-----w- c:\users\Lukáš\AppData\Roaming\log
2017-02-01 17:14 . 2017-02-01 17:14 -------- d--h--w- c:\users\UDPdp
2017-02-01 17:13 . 2017-02-01 17:13 -------- d-----w- c:\programdata\Avira
2017-02-01 17:13 . 2017-02-01 17:13 -------- d-----w- c:\programdata\Avg
2017-02-01 17:13 . 2017-02-01 17:13 -------- d-----w- c:\users\LUK~3
2017-02-01 17:13 . 2017-02-01 17:13 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Profiles
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-02 12:07 . 2015-10-31 17:32 162528 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-03-02 12:07 . 2015-10-31 17:32 75704 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-03-02 12:07 . 2015-10-31 17:32 547904 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-03-02 12:07 . 2015-10-31 17:32 38296 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-03-02 12:07 . 2015-10-31 17:32 337592 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-03-02 12:07 . 2015-10-31 17:32 126600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-03-02 12:07 . 2015-10-31 17:32 100640 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-03-02 12:07 . 2016-06-14 16:36 32088 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-03-02 12:07 . 2015-10-31 17:32 993608 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-02-26 14:00 . 2015-11-02 01:37 138020592 -c--a-w- c:\windows\system32\MRT.exe
2017-01-05 18:55 . 2017-01-11 07:58 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-05 18:55 . 2017-01-11 07:58 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-01-05 18:52 . 2017-01-11 07:58 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-01-05 18:52 . 2017-01-11 07:58 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-01-05 18:52 . 2017-01-11 07:58 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-01-05 18:52 . 2017-01-11 07:58 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-01-05 18:52 . 2017-01-11 07:58 345600 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 18:52 . 2017-01-11 07:58 28160 ----a-w- c:\windows\system32\secur32.dll
2017-01-05 18:52 . 2017-01-11 07:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 18:52 . 2017-01-11 07:58 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-01-05 18:52 . 2017-01-11 07:58 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-01-05 18:52 . 2017-01-11 07:58 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-01-05 18:52 . 2017-01-11 07:58 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-01-05 18:52 . 2017-01-11 07:58 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-01-05 18:52 . 2017-01-11 07:58 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-01-05 18:52 . 2017-01-11 07:58 730624 ----a-w- c:\windows\system32\kerberos.dll
2017-01-05 18:52 . 2017-01-11 07:58 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-01-05 18:52 . 2017-01-11 07:58 22016 ----a-w- c:\windows\system32\credssp.dll
2017-01-05 18:52 . 2017-01-11 07:58 463872 ----a-w- c:\windows\system32\certcli.dll
2017-01-05 18:52 . 2017-01-11 07:58 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-01-05 18:52 . 2017-01-11 07:58 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-01-05 17:43 . 2017-01-11 07:58 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-01-05 17:43 . 2017-01-11 07:58 82944 ----a-w- c:\windows\SysWow64\bcrypt.dll
2017-01-05 17:43 . 2017-01-11 07:58 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-01-05 17:43 . 2017-01-11 07:58 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2017-01-05 17:43 . 2017-01-11 07:58 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2017-01-05 17:43 . 2017-01-11 07:58 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-01-05 17:43 . 2017-01-11 07:58 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2017-01-05 17:43 . 2017-01-11 07:58 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 07:58 261120 ----a-w- c:\windows\SysWow64\msv1_0.dll
2017-01-05 17:43 . 2017-01-11 07:58 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2017-01-05 17:43 . 2017-01-11 07:58 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2017-01-05 17:43 . 2017-01-11 07:58 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2017-01-05 17:43 . 2017-01-11 07:58 553472 ----a-w- c:\windows\SysWow64\kerberos.dll
2017-01-05 17:43 . 2017-01-11 07:58 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2017-01-05 17:43 . 2017-01-11 07:58 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2017-01-05 17:42 . 2017-01-11 07:58 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2017-01-05 17:32 . 2017-01-11 07:58 64000 ----a-w- c:\windows\system32\auditpol.exe
2017-01-05 17:25 . 2017-01-11 07:58 159744 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2017-01-05 17:24 . 2017-01-11 07:58 291328 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2017-01-05 17:24 . 2017-01-11 07:58 129536 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2017-01-05 17:24 . 2017-01-11 07:58 30720 ----a-w- c:\windows\system32\lsass.exe
2017-01-05 17:23 . 2017-01-11 07:58 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2017-01-05 17:19 . 2017-01-11 07:58 36352 ----a-w- c:\windows\SysWow64\cryptbase.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2017-02-08 27427808]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-02-08 9363672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-03-02 205512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-12-17 1160408]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-10-01 56080]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
avast! Cleanup.lnk - c:\program files\AVAST Software\Cleanup\CleanupUI.exe /nogui [2017-2-8 1608120]
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2015-12-4 163840]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2015-12-4 675840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
R1 p1486192861am;p1486192861am;c:\users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys;c:\users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys [x]
R1 p1486192907am;p1486192907am;c:\users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys;c:\users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys [x]
R1 p1486192993am;p1486192993am;c:\users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys;c:\users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CxAudMsg;CxAudMsg; [x]
R2 ed2kidle;ed2k idle service;c:\program files (x86)\amuleCe\ed2k.exe;c:\program files (x86)\amuleCe\ed2k.exe [x]
R2 FirefoxU;Update Service(FirefoxU);c:\program files (x86)\Firefox\bin\FirefoxUpdate.exe;c:\program files (x86)\Firefox\bin\FirefoxUpdate.exe [x]
R2 GubZL;GubZL;c:\windows\SysWOW64\svchost.exe;c:\windows\SysWOW64\svchost.exe [x]
R2 Kyubey;Kyubey;c:\users\Lukáš\AppData\Roaming\Kyubey\Kyubey.exe;c:\users\Lukáš\AppData\Roaming\Kyubey\Kyubey.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WinSAPSvc;WinSAPSvc;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 WinSnare;WinSnare;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 AVerIT13x;AVerMedia A835B USB DVB-T;c:\windows\system32\Drivers\AVerIT13x_x64.sys;c:\windows\SYSNATIVE\Drivers\AVerIT13x_x64.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Apple_Cfg;Apple Config Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [x]
S2 CleanupSvc;Avast Cleanup;c:\program files\AVAST Software\Cleanup\CleanupSvc.exe;c:\program files\AVAST Software\Cleanup\CleanupSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 iThemes5;iThemes5;rundll32 c:\program files (x86)\Common Files\Services\iThemes.dll,fnde_svr;rundll32 c:\program files (x86)\Common Files\Services\iThemes.dll,fnde_svr [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
Nipuytersary REG_MULTI_SZ Nipuytersary
GubedZLGroupEx REG_MULTI_SZ GubedZL
ArcherGroupEx REG_MULTI_SZ Archer
GubZLGroEx REG_MULTI_SZ GubZL
apple_config REG_MULTI_SZ Apple_Cfg
WinSAPSvc REG_MULTI_SZ WinSAPSvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-02 12:07 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-02 12:07 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe" [2014-10-22 4060376]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2014-04-10 1830616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2014-11-20 919768]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2015-11-01 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2015-11-01 6200368]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-10-16 170256]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2017-02-01 500208]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
mDefault_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
mStart Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
mSearch Page = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
ShellExecuteHooks-{75D826D8-DE46-11E6-A83F-64006A5CFC23} - c:\users\Lukáš\AppData\Roaming\Arekotugoght\Atuzercult.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iThemes5]
"ImagePath"="rundll32 \"c:\program files (x86)\Common Files\Services\iThemes.dll\",fnde_svr"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files\AVAST Software\Cleanup\CleanupUI.exe
c:\program files\AVAST Software\Avast\AvastUI.exe
.
**************************************************************************
.
Celkový čas: 2017-03-02 15:45:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-03-02 14:45
.
Před spuštěním: Volných bajtů: 422 440 325 120
Po spuštění: Volných bajtů: 422 180 892 672
.
- - End Of File - - 04EFB331EF5BA023B5279D2AAE87CFA3
A36C5E4F47E84449FF07ED3517B43A31

Zdravím!
Proč spuštíte ComboFix, utilitu určenou pouze profesinálům? Toužíte po poškozeném systému?

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Přikládám log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by LukĂˇĹˇ (administrator) on LUKĂĹ -PC (03-03-2017 08:44:28)
Running from C:\Users\LukĂˇĹˇ\Desktop
Loaded Profiles: LukĂˇĹˇ (Available Profiles: LukĂˇĹˇ)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software) C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(WiperSoft) C:\Program Files\WiperSoft\WiperSoft.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(forum.viry.cz) C:\Users\LukĂˇĹˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-11-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-11-01] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2017-02-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Providers\mwyhtxtg: C:\Program Files (x86)\Clerfghtsterfiry Monitor\local64spl.dll
ShellExecuteHooks: No Name - {75D826D8-DE46-11E6-A83F-64006A5CFC23} - C:\Users\LukĂˇĹˇ\AppData\Roaming\Arekotugoght\Atuzercult.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! Cleanup.lnk [2017-02-08]
ShortcutTarget: avast! Cleanup.lnk -> C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-12-04]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-12-04]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7FD8F8C8-D55C-4944-964A-A88405C35632}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startpageing123.com/?type=hp&ts=148 ... XXW372T312
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
SearchScopes: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=148 ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-02] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-02] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.seznam.cz/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> seznam.cz
CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (VyhledĂˇvĂˇnĂ Google) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-02]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Apple_Cfg; C:\ProgramData\Apple\Apple Application Support\Support.dll [111104 2017-02-17] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-10-27] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 CleanupSvc; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2331208 2016-07-29] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S2 GubZL; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
R3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [459264 2017-02-13] () [File not signed] <==== ATTENTION
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-09-15] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-10-27] (Atheros) [File not signed]
S2 CxAudMsg; no ImagePath
S2 ed2kidle; "C:\Program Files (x86)\amuleCe\ed2k.exe" -downloadwhenidle [X]
S2 FirefoxU; "C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe" [X]
S2 Kyubey; C:\Users\LukĂˇĹˇ\AppData\Roaming\Kyubey\Kyubey.exe -s [X]
S2 WinSAPSvc; C:\Users\LukĂˇĹˇ\AppData\Roaming\WinSAPSvc\WinSAP.dll [X]
S2 WinSnare; C:\Users\LukĂˇĹˇ\AppData\Roaming\WinSnare\WinSnare.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
S3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-10-27] (Qualcomm Atheros)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-10-31] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S1 p1486192861am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys [X] <==== ATTENTION
S1 p1486192907am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys [X] <==== ATTENTION
S1 p1486192993am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-03 08:44 - 2017-03-03 08:45 - 00021505 _____ C:\Users\LukĂˇĹˇ\Desktop\FRST.txt
2017-03-03 08:43 - 2017-03-03 08:44 - 00000000 ____D C:\FRST
2017-03-03 08:42 - 2017-03-03 08:42 - 00112640 _____ (forum.viry.cz) C:\Users\LukĂˇĹˇ\Desktop\FRSTLauncher.exe
2017-03-03 08:41 - 2017-03-03 08:41 - 02423808 _____ (Farbar) C:\Users\LukĂˇĹˇ\Desktop\FRST64.exe
2017-03-02 15:45 - 2017-03-02 15:45 - 00023664 _____ C:\Users\LukĂˇĹˇ\Desktop\ComboFix 1.txt
2017-03-02 15:45 - 2017-03-02 15:45 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2017-03-02 15:40 - 2017-03-02 15:40 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-02 15:38 - 2017-03-02 15:38 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-02 15:27 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-03-02 15:27 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-03-02 15:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-03-02 15:26 - 2017-03-02 15:45 - 00000000 ____D C:\Qoobox
2017-03-02 15:25 - 2017-03-02 15:42 - 00000000 ____D C:\Windows\erdnt
2017-03-02 15:23 - 2017-03-02 15:23 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-03-02 15:23 - 2017-03-02 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 15:23 - 2017-03-02 15:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 15:19 - 2017-03-02 15:19 - 05660168 ____R (Swearware) C:\Users\LukĂˇĹˇ\Desktop\ComboFix.exe
2017-03-02 15:03 - 2017-03-02 15:03 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 13:18 - 2017-03-02 13:18 - 00023032 _____ (Wiper Software) C:\Windows\system32\wiperrm.exe
2017-03-02 13:18 - 2017-03-02 13:18 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\WiperSoft
2017-03-02 13:18 - 2017-03-02 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiperSoft
2017-03-02 13:18 - 2017-03-02 13:18 - 00000000 ____D C:\Program Files\WiperSoft
2017-03-02 13:07 - 2017-03-02 13:07 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-28 15:32 - 2017-02-28 15:32 - 02120704 _____ C:\Users\LukĂˇĹˇ\Desktop\RPD.ppt
2017-02-26 14:02 - 2017-02-26 15:33 - 1632229376 _____ C:\Users\LukĂˇĹˇ\Desktop\Hacker.avi
2017-02-25 19:47 - 2017-02-25 20:35 - 851453952 _____ C:\Users\LukĂˇĹˇ\Desktop\KĂłd Enigmy.avi
2017-02-25 17:40 - 2017-02-25 18:57 - 1328996352 _____ C:\Users\LukĂˇĹˇ\Desktop\Matky na tahu.avi
2017-02-20 17:44 - 2017-02-20 18:13 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\Rust
2017-02-17 08:43 - 2017-02-17 08:43 - 00000000 ____D C:\Windows\system32\log
2017-02-17 08:39 - 2017-03-03 08:38 - 00000040 _____ C:\Program Files (x86)\settings.dat
2017-02-17 08:39 - 2017-03-02 15:16 - 00057444 _____ C:\Program Files (x86)\metadata
2017-02-17 08:39 - 2017-03-02 15:16 - 00000000 ____D C:\Program Files (x86)\reports
2017-02-17 08:38 - 2017-03-02 15:38 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-02-17 08:38 - 2017-02-17 08:40 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\LocalLow\Mozilla
2017-02-17 08:38 - 2017-02-17 08:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Mozilla
2017-02-17 08:38 - 2017-02-17 08:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Firefox
2017-02-17 08:37 - 2017-03-02 14:06 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-02-16 20:11 - 2017-02-16 20:11 - 00002948 _____ C:\Windows\System32\Tasks\{A2F8C555-A29C-45A2-9B1E-BC01362439F2}
2017-02-16 20:06 - 2017-02-16 20:06 - 00002948 _____ C:\Windows\System32\Tasks\{4F408ABF-63AF-4706-8A7F-1111ABDAA3C8}
2017-02-16 16:42 - 2017-02-16 16:42 - 00002948 _____ C:\Windows\System32\Tasks\{A90A248C-5D65-4DE9-ACBE-7B580221FC39}
2017-02-16 16:29 - 2017-02-16 16:29 - 00003200 _____ C:\Windows\System32\Tasks\{2C734814-0A86-44E1-BD23-540506060631}
2017-02-09 11:42 - 2017-02-09 11:42 - 00003138 _____ C:\Windows\System32\Tasks\{22B08A4D-BEDB-4000-AA7D-2C6F79399ED4}
2017-02-09 09:13 - 2017-02-09 09:13 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\CrashRpt
2017-02-09 07:13 - 2017-02-09 07:13 - 00000000 ____D C:\$AV_ASW
2017-02-08 12:15 - 2017-02-08 12:15 - 00003924 _____ C:\Windows\System32\Tasks\avast! Cleanup Update
2017-02-08 12:00 - 2017-03-02 13:09 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466054041
2017-02-08 11:57 - 2017-03-02 13:07 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-08 11:57 - 2017-03-02 13:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 15:12 - 2017-02-06 15:18 - 00000000 ____D C:\Windows\system32\appmgmt
2017-02-04 11:15 - 2017-02-04 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-04 08:25 - 2017-03-02 12:48 - 00003590 _____ C:\Windows\System32\Tasks\Milimili
2017-02-01 18:38 - 2017-02-14 09:05 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Cache
2017-02-01 18:38 - 2017-02-01 18:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\log
2017-02-01 18:14 - 2017-03-02 15:45 - 00000000 ___HD C:\Users\UDPdp
2017-02-01 18:13 - 2017-02-01 18:13 - 00006008 _____ C:\Windows\System32\Tasks\Clerfghtsterfiry Monitor
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\Users\Lukďżˇďľš\AppData\Local\Gruvph
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\Users\Lukďżˇďľš
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\ProgramData\Avira
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\ProgramData\Avg
2017-02-01 17:42 - 2017-02-01 17:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-02-01 17:42 - 2017-02-01 17:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-03 08:39 - 2011-04-12 09:34 - 00672084 _____ C:\Windows\system32\perfh005.dat
2017-03-03 08:39 - 2011-04-12 09:34 - 00142648 _____ C:\Windows\system32\perfc005.dat
2017-03-03 08:39 - 2009-07-14 06:13 - 01591974 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-03 08:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-03 04:32 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-03 04:32 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-02 22:13 - 2015-11-18 13:16 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\ElevatedDiagnostics
2017-03-02 15:39 - 2015-11-04 17:19 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Skype
2017-03-02 15:38 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2017-03-02 15:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-02 15:21 - 2015-10-31 18:39 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\DAEMON Tools Lite
2017-03-02 15:21 - 2015-10-31 18:16 - 00000000 ____D C:\Windows\Panther
2017-03-02 15:03 - 2015-10-31 18:32 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-02 13:55 - 2015-11-01 08:14 - 00000000 __SHD C:\Users\LukĂˇĹˇ\IntelGraphicsProfiles
2017-03-02 13:07 - 2016-06-14 17:36 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-02 12:48 - 2015-11-01 10:06 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\VĹ
2017-03-01 20:09 - 2015-11-01 10:06 - 00000731 _____ C:\Users\LukĂˇĹˇ\Desktop\PoznĂˇmky.txt
2017-02-27 15:23 - 2015-11-01 10:09 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\Hudba
2017-02-27 08:57 - 2009-07-14 06:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-26 15:03 - 2015-11-02 02:37 - 00000000 ____D C:\Windows\system32\MRT
2017-02-26 15:00 - 2015-11-02 02:37 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 22:13 - 2015-11-04 17:18 - 00000000 ____D C:\ProgramData\Skype
2017-02-20 18:13 - 2015-10-31 18:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-17 10:17 - 2016-06-28 08:37 - 00000000 ____D C:\Counter-Strike 1.6
2017-02-16 20:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-16 17:46 - 2015-11-01 00:32 - 00000000 ____D C:\Users\LukĂˇĹˇ\Documents\Bluetooth Folder
2017-02-16 17:15 - 2015-10-31 18:52 - 01567624 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-02-16 17:09 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-15 11:56 - 2015-10-31 18:28 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-14 13:28 - 2016-10-11 19:11 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\MasĂˇĹľe
2017-02-09 12:23 - 2017-01-24 10:57 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Rusted.cz
2017-02-08 14:41 - 2015-10-31 18:24 - 00000000 ____D C:\Users\LukĂˇĹˇ
2017-02-08 12:15 - 2015-10-31 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-02-08 11:55 - 2015-10-31 18:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-02 23:59 - 2015-11-04 17:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-01 18:47 - 2015-11-29 15:28 - 00000000 ____D C:\Windows\Minidump
2017-02-01 18:47 - 2015-11-01 18:46 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\CrashDumps
2017-02-01 18:38 - 2015-10-31 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-01 18:21 - 2015-11-05 17:28 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Adobe
2017-02-01 18:13 - 2017-01-13 10:47 - 00000000 ____D C:\Autodesk
2017-02-01 18:13 - 2015-11-13 17:42 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2017-02-01 18:13 - 2015-11-01 08:22 - 00000000 ____D C:\Program Files (x86)\AMD
2017-02-01 18:13 - 2015-11-01 08:18 - 00000000 ____D C:\AMD
2017-02-01 18:13 - 2015-10-31 18:37 - 00000000 ____D C:\Program Files (x86)\Webteh
2017-02-01 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2017-02-01 17:42 - 2015-10-31 18:36 - 00000000 ____D C:\ProgramData\Adobe
2017-02-01 17:41 - 2015-11-05 17:28 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Adobe
2017-02-01 17:09 - 2015-10-31 18:32 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-01 17:09 - 2015-10-31 18:32 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-02-17 08:39 - 2017-03-02 15:16 - 0057444 _____ () C:\Program Files (x86)\metadata
2017-02-17 08:39 - 2017-03-03 08:38 - 0000040 _____ () C:\Program Files (x86)\settings.dat
2017-01-19 09:47 - 2017-01-19 09:47 - 0000000 ___SH () C:\Users\LukĂˇĹˇ\AppData\Local\LumaEmu
2015-10-31 18:43 - 2015-10-31 18:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-22 00:19

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.76 GB) (Free:391.78 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Available physical RAM: 1746.8 MB
Total physical RAM: 3992.36 MB
Percentage of memory in use: 56%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 531C5CC6)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Luk ç\Desktop" je 11940 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Přikládám log:

# AdwCleaner v6.044 - Log vytvořen 03/03/2017 v 20:28:38
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-02.1 [Místní]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Lukáš - LUKÁŠ-PC
# Spuštěno z : C:\Users\Lukáš\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

[-] Služba smazána: Apple_Cfg

***** [ Složky ] *****

[-] Složka smazána: C:\Users\Lukáš\AppData\Roaming\WiperSoft
[-] Složka smazána: C:\Program Files\WiperSoft
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiperSoft
[-] Složka smazána: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
[-] Složka smazána: C:\users\UDPdp
[-] Složka smazána: C:\Program Files (x86)\reports

***** [ Soubory ] *****

[-] Soubor smazán: C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán: C:\Program Files (x86)\Common Files\SERVICES\ITHEMES.DLL
[-] Soubor smazán: C:\Program Files (x86)\settings.dat
[-] Soubor smazán: C:\Users\Public\Documents\temp.dat
[-] Soubor smazán: C:\Users\Public\Documents\report.dat
[-] Soubor smazán: C:\ProgramData\APPLE\APPLE APPLICATION SUPPORT\SUPPORT.DLL

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha smazána: Milimili

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Standucksc
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Standucksc
[-] Klíč smazán: HKU\.DEFAULT\Software\jhdbca
[-] Klíč smazán: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Conduit
[-] Klíč smazán: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\WiperSoft
[-] Klíč smazán: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Standuck
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\jhdbca
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\WiperSoft
[#] Klíč smazán po restartu: HKCU\Software\Standuck
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\trotuxSoftware
[-] Klíč smazán: HKLM\SOFTWARE\ScreenShot
[-] Klíč smazán: HKLM\SOFTWARE\jhdbca
[-] Klíč smazán: HKLM\SOFTWARE\WinArcher
[-] Klíč smazán: HKLM\SOFTWARE\amisitesSoftware
[-] Klíč smazán: HKLM\SOFTWARE\startpageing123Software
[-] Klíč smazán: HKLM\SOFTWARE\Standuck
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\WiperSoft
[#] Klíč smazán po restartu: [x64] HKCU\Software\Standuck
[-] Klíč smazán: [x64] HKLM\SOFTWARE\jhdbca
[-] Klíč smazán: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Data obnovena: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
[-] Hodnota smazána: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [GubedZLGroupEx]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [GubZLGroEx]

***** [ Prohlížeče ] *****

[-] [C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [favicon_url] Smazáno: hxxp://www.startpageing123.com/searchfavicon.ico

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5860 Bajty] - [03/03/2017 20:28:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [6873 Bajty] - [03/03/2017 20:26:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [6782 Bajty] - [03/03/2017 20:28:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6079 Bajty] ##########

Dejte nový log FRST.

Nový log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by LukĂˇĹˇ (administrator) on LUKĂĹ -PC (03-03-2017 22:34:08)
Running from C:\Users\LukĂˇĹˇ\Desktop
Loaded Profiles: LukĂˇĹˇ (Available Profiles: LukĂˇĹˇ)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\LukĂˇĹˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2015-11-01] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2015-11-01] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2017-02-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Providers\mwyhtxtg: C:\Program Files (x86)\Clerfghtsterfiry Monitor\local64spl.dll
ShellExecuteHooks: No Name - {75D826D8-DE46-11E6-A83F-64006A5CFC23} - C:\Users\LukĂˇĹˇ\AppData\Roaming\Arekotugoght\Atuzercult.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! Cleanup.lnk [2017-02-08]
ShortcutTarget: avast! Cleanup.lnk -> C:\Program Files\AVAST Software\Cleanup\CleanupUI.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-12-04]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-12-04]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7FD8F8C8-D55C-4944-964A-A88405C35632}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-02] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-02] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-02-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-02-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.seznam.cz/
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> seznam.cz
CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
CHR Extension: (Disk Google) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (VyhledĂˇvĂˇnĂ Google) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-02]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-10-27] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 CleanupSvc; C:\Program Files\AVAST Software\Cleanup\CleanupSvc.exe [2331208 2016-07-29] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-09-15] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-10-27] (Atheros) [File not signed]
S2 CxAudMsg; no ImagePath
S2 Kyubey; C:\Users\LukĂˇĹˇ\AppData\Roaming\Kyubey\Kyubey.exe -s [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
S3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-10-27] (Qualcomm Atheros)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-10-31] (Disc Soft Ltd)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S1 p1486192861am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys [X] <==== ATTENTION
S1 p1486192907am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys [X] <==== ATTENTION
S1 p1486192993am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-03 22:34 - 2017-03-03 22:34 - 00017947 _____ C:\Users\LukĂˇĹˇ\Desktop\FRST.txt
2017-03-03 20:32 - 2017-03-03 22:30 - 00000040 _____ C:\Program Files (x86)\settings.dat
2017-03-03 20:32 - 2017-03-03 20:32 - 00000000 ____D C:\Program Files (x86)\reports
2017-03-03 20:24 - 2017-03-03 20:28 - 00000000 ____D C:\AdwCleaner
2017-03-03 20:23 - 2017-03-03 20:23 - 04031440 _____ C:\Users\LukĂˇĹˇ\Desktop\adwcleaner_6.044.exe
2017-03-03 08:43 - 2017-03-03 22:34 - 00000000 ____D C:\FRST
2017-03-03 08:42 - 2017-03-03 08:42 - 00112640 _____ (forum.viry.cz) C:\Users\LukĂˇĹˇ\Desktop\FRSTLauncher.exe
2017-03-03 08:41 - 2017-03-03 08:41 - 02423808 _____ (Farbar) C:\Users\LukĂˇĹˇ\Desktop\FRST64.exe
2017-03-02 15:45 - 2017-03-02 15:45 - 00023664 _____ C:\Users\LukĂˇĹˇ\Desktop\ComboFix 1.txt
2017-03-02 15:45 - 2017-03-02 15:45 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2017-03-02 15:27 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-03-02 15:27 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-03-02 15:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-03-02 15:27 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-03-02 15:26 - 2017-03-02 15:45 - 00000000 ____D C:\Qoobox
2017-03-02 15:25 - 2017-03-02 15:42 - 00000000 ____D C:\Windows\erdnt
2017-03-02 15:23 - 2017-03-02 15:23 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-03-02 15:23 - 2017-03-02 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 15:23 - 2017-03-02 15:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 15:19 - 2017-03-02 15:19 - 05660168 ____R (Swearware) C:\Users\LukĂˇĹˇ\Desktop\ComboFix.exe
2017-03-02 15:03 - 2017-03-02 15:03 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-02 13:18 - 2017-03-02 13:18 - 00023032 _____ (Wiper Software) C:\Windows\system32\wiperrm.exe
2017-03-02 13:07 - 2017-03-02 13:07 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-20 17:44 - 2017-02-20 18:13 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\Rust
2017-02-17 08:43 - 2017-03-03 20:28 - 00000000 ____D C:\Windows\system32\log
2017-02-17 08:39 - 2017-03-02 15:16 - 00057444 _____ C:\Program Files (x86)\metadata
2017-02-17 08:38 - 2017-02-17 08:40 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\LocalLow\Mozilla
2017-02-17 08:38 - 2017-02-17 08:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Mozilla
2017-02-17 08:38 - 2017-02-17 08:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Firefox
2017-02-16 20:11 - 2017-02-16 20:11 - 00002948 _____ C:\Windows\System32\Tasks\{A2F8C555-A29C-45A2-9B1E-BC01362439F2}
2017-02-16 20:06 - 2017-02-16 20:06 - 00002948 _____ C:\Windows\System32\Tasks\{4F408ABF-63AF-4706-8A7F-1111ABDAA3C8}
2017-02-16 16:42 - 2017-02-16 16:42 - 00002948 _____ C:\Windows\System32\Tasks\{A90A248C-5D65-4DE9-ACBE-7B580221FC39}
2017-02-16 16:29 - 2017-02-16 16:29 - 00003200 _____ C:\Windows\System32\Tasks\{2C734814-0A86-44E1-BD23-540506060631}
2017-02-09 11:42 - 2017-02-09 11:42 - 00003138 _____ C:\Windows\System32\Tasks\{22B08A4D-BEDB-4000-AA7D-2C6F79399ED4}
2017-02-09 09:13 - 2017-02-09 09:13 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\CrashRpt
2017-02-09 07:13 - 2017-02-09 07:13 - 00000000 ____D C:\$AV_ASW
2017-02-08 12:15 - 2017-02-08 12:15 - 00003924 _____ C:\Windows\System32\Tasks\avast! Cleanup Update
2017-02-08 12:00 - 2017-03-02 13:09 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466054041
2017-02-08 11:57 - 2017-03-02 13:07 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-08 11:57 - 2017-03-02 13:06 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-08 11:57 - 2017-03-02 13:06 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 15:12 - 2017-02-06 15:18 - 00000000 ____D C:\Windows\system32\appmgmt
2017-02-04 11:15 - 2017-02-04 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-01 18:38 - 2017-02-14 09:05 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Cache
2017-02-01 18:38 - 2017-02-01 18:38 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\log
2017-02-01 18:13 - 2017-02-01 18:13 - 00006008 _____ C:\Windows\System32\Tasks\Clerfghtsterfiry Monitor
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\Users\Lukďżˇďľš\AppData\Local\Gruvph
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\Users\Lukďżˇďľš
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\ProgramData\Avira
2017-02-01 18:13 - 2017-02-01 18:13 - 00000000 ____D C:\ProgramData\Avg
2017-02-01 17:42 - 2017-02-01 17:42 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-02-01 17:42 - 2017-02-01 17:42 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-03 20:49 - 2011-04-12 09:34 - 00672084 _____ C:\Windows\system32\perfh005.dat
2017-03-03 20:49 - 2011-04-12 09:34 - 00142648 _____ C:\Windows\system32\perfc005.dat
2017-03-03 20:49 - 2009-07-14 06:13 - 01591974 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-03 20:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-03 20:43 - 2015-11-01 10:06 - 00000692 _____ C:\Users\LukĂˇĹˇ\Desktop\PoznĂˇmky.txt
2017-03-03 20:41 - 2015-11-04 17:19 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Skype
2017-03-03 20:38 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-03 20:38 - 2009-07-14 05:45 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-03 20:31 - 2015-11-01 08:14 - 00000000 __SHD C:\Users\LukĂˇĹˇ\IntelGraphicsProfiles
2017-03-03 20:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-03 20:26 - 2015-11-01 18:46 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\CrashDumps
2017-03-03 19:05 - 2015-11-01 10:06 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\VĹ
2017-03-02 22:13 - 2015-11-18 13:16 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\ElevatedDiagnostics
2017-03-02 15:38 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2017-03-02 15:21 - 2015-10-31 18:39 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\DAEMON Tools Lite
2017-03-02 15:21 - 2015-10-31 18:16 - 00000000 ____D C:\Windows\Panther
2017-03-02 15:03 - 2015-10-31 18:32 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-02 13:07 - 2016-06-14 17:36 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-02 13:07 - 2015-10-31 18:32 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-27 15:23 - 2015-11-01 10:09 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\Hudba
2017-02-27 08:57 - 2009-07-14 06:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-26 15:03 - 2015-11-02 02:37 - 00000000 ____D C:\Windows\system32\MRT
2017-02-26 15:00 - 2015-11-02 02:37 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 22:13 - 2015-11-04 17:18 - 00000000 ____D C:\ProgramData\Skype
2017-02-20 18:13 - 2015-10-31 18:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-17 10:17 - 2016-06-28 08:37 - 00000000 ____D C:\Counter-Strike 1.6
2017-02-16 20:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-16 17:46 - 2015-11-01 00:32 - 00000000 ____D C:\Users\LukĂˇĹˇ\Documents\Bluetooth Folder
2017-02-16 17:15 - 2015-10-31 18:52 - 01567624 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-02-16 17:09 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-15 11:56 - 2015-10-31 18:28 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-14 13:28 - 2016-10-11 19:11 - 00000000 ____D C:\Users\LukĂˇĹˇ\Desktop\MasĂˇĹľe
2017-02-09 12:23 - 2017-01-24 10:57 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Rusted.cz
2017-02-08 14:41 - 2015-10-31 18:24 - 00000000 ____D C:\Users\LukĂˇĹˇ
2017-02-08 12:15 - 2015-10-31 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-02-08 11:55 - 2015-10-31 18:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-02-02 23:59 - 2015-11-04 17:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-01 18:47 - 2015-11-29 15:28 - 00000000 ____D C:\Windows\Minidump
2017-02-01 18:38 - 2015-10-31 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-01 18:21 - 2015-11-05 17:28 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Local\Adobe
2017-02-01 18:13 - 2017-01-13 10:47 - 00000000 ____D C:\Autodesk
2017-02-01 18:13 - 2015-11-13 17:42 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2017-02-01 18:13 - 2015-11-01 08:22 - 00000000 ____D C:\Program Files (x86)\AMD
2017-02-01 18:13 - 2015-11-01 08:18 - 00000000 ____D C:\AMD
2017-02-01 18:13 - 2015-10-31 18:37 - 00000000 ____D C:\Program Files (x86)\Webteh
2017-02-01 18:13 - 2009-07-14 04:20 - 00000000 ____D C:\PerfLogs
2017-02-01 17:42 - 2015-10-31 18:36 - 00000000 ____D C:\ProgramData\Adobe
2017-02-01 17:41 - 2015-11-05 17:28 - 00000000 ____D C:\Users\LukĂˇĹˇ\AppData\Roaming\Adobe
2017-02-01 17:09 - 2015-10-31 18:32 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-01 17:09 - 2015-10-31 18:32 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-02-17 08:39 - 2017-03-02 15:16 - 0057444 _____ () C:\Program Files (x86)\metadata
2017-03-03 20:32 - 2017-03-03 22:30 - 0000040 _____ () C:\Program Files (x86)\settings.dat
2017-01-19 09:47 - 2017-01-19 09:47 - 0000000 ___SH () C:\Users\LukĂˇĹˇ\AppData\Local\LumaEmu
2015-10-31 18:43 - 2015-10-31 18:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-22 00:19

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.76 GB) (Free:395.03 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Available physical RAM: 2382.98 MB
Total physical RAM: 3992.36 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 531C5CC6)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Luk ç\Desktop" je 8308 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Profile: C:\Users\LukĂˇĹˇ\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
S2 CxAudMsg; no ImagePath
S1 p1486192861am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys [X] <==== ATTENTION
S1 p1486192907am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys [X] <==== ATTENTION
S1 p1486192993am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys [X] <==== ATTENTION
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Luk ç\Desktop" je 8308 MB.

To je příliš mnoho a může to způsobovat pomalý start systému. Vytvořte v C:\Users\Luk ç novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Přikládám Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Lukáš (04-03-2017 11:44:15) Run:1
Running from C:\Users\Lukáš\Desktop
Loaded Profiles: Lukáš (Available Profiles: Lukáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Profile: C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-03] <==== ATTENTION
S2 CxAudMsg; no ImagePath
S1 p1486192861am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7A62.tmp\p1486192861am.sys [X] <==== ATTENTION
S1 p1486192907am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk2B78.tmp\p1486192907am.sys [X] <==== ATTENTION
S1 p1486192993am; \??\C:\Users\LUK~1\AppData\Local\Temp\bk7CF1.tmp\p1486192993am.sys [X] <==== ATTENTION
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Users\Lukáš\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKLM\System\CurrentControlSet\Services\CxAudMsg => key removed successfully
CxAudMsg => service removed successfully
HKLM\System\CurrentControlSet\Services\p1486192861am => key removed successfully
p1486192861am => service removed successfully
HKLM\System\CurrentControlSet\Services\p1486192907am => key removed successfully
p1486192907am => service removed successfully
HKLM\System\CurrentControlSet\Services\p1486192993am => key removed successfully
p1486192993am => service removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9344677 B
Java, Flash, Steam htmlcache => 577 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 43382349 B
systemprofile32 => 55307642 B
LocalService => 66228 B
NetworkService => 66228 B
Lukáš => 3022278 B

RecycleBin => 0 B
EmptyTemp: => 114.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:44:21 ====

Smazáno. Nastala nějaká změna?

Rychlejší výkon notebooku a smazání záznamů z prohlížeče.

Ještě pro jistotu proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

https://ctrlv.cz/dwOV

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 04.03.17
Čas skenování: 12:27
Logovací soubor: test.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1424
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Luk\u00c3\u00a1\u00c5\u00a1-PC\Luk\u00c3\u00a1\u00c5\u00a1

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 389194
Uplynulý čas: 2 min, 40 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 3
PUP.Optional.AshampooRegistryCleaner, HKU\S-1-5-21-2564799030-1136092162-2998420998-1000\SOFTWARE\AML\Registry Cleaner, Smazání při restartu, [2972], [354941],1.0.1424
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\{84416237-6490-494D-9AD6-4994DD978971}, Smazání při restartu, [305], [375406],1.0.1424
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\mwyhtxtg, Smazání při restartu, [2098], [339986],1.0.1424

Hodnota v registru: 1
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\mwyhtxtg|NAME, Smazání při restartu, [2098], [339986],1.0.1424

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Všechny nálezy MBAM smažte a tím by měl být PC čistý.

Děkuji za pomoc. Mohl byste mi prosím doporučit antivirus popřípadě jiný program, který by předcházel těmto problémům? Děkuji

VIRY.CZ

Odstranění virů

Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů

Re: Odstranění virů