VIRY.CZ

Ahoj,
poslední dobou, cca 30minut, po zapnutí PC se odpojím automaticky z netu. Když chci otevřít seznam wifi pripojení, tak se mně žádná seznam neukáže, musím dát odstranit potíže a až poté se mi seznam načte, tam si vyberu svoji síť a už to je OK a pak už net nevypadne.
Zároveň prosím o celkovou kontrolu PC.
Moc děkuji

Přikládám log:
Logfile of random's system information tool 1.16 (written by random/random)
Run by Honza at 2017-08-18 21:34:51
Microsoft Windows 10 Pro
System drive C: has 15 GB (7%) free of 227 GB
Total RAM: 1913 MB (23% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:32, on 18. 8. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17443)
Boot mode: Normal

Running processes:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\DynamicUSBTool\DynamicUSB.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe
C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\RSIT.exe
C:\Program Files\trend micro\Honza_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: 212.80.69.80 test1.voyo.nova.cz
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - (no file)
O2 - BHO: (no name) - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [DynamicUSB] "C:\Program Files\DynamicUSBTool\DynamicUSB.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Stažené programy\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynLenovoHelper] %ProgramFiles%\Synaptics\SynTP\SynLenovoHelper.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: PopTray.lnk = ?
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{7a02f118-28a0-46bf-872a-bc305e62476f}: NameServer = 8.8.8.8
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Blackberry Device Manager - Research In Motion Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @oem78.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\Windows\system32\sfrem02.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 19631 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask
C:\WINDOWS\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\DealPlyUpdate - C:\Program Files\DealPly\DealPlyUpdate.exe
C:\WINDOWS\system32\tasks\DiskUpdate - C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003Core - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA1d1f58b4e24fe1d - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Maxthon Update - "C:\Program Files\Maxthon\Bin\Maxthon.exe" -RunScheduledUpdate
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1986333984-2678021812-3497317569-1003 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask
C:\WINDOWS\system32\tasks\PMTask - C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1476557548 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Scheduled Update for Ask Toolbar - C:\Program Files\Ask.com\UpdateTask.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{02168ECA-2B1D-4227-81CB-2FC75AF17EDA} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{0358D376-0FCB-4D96-8B90-FF6905024FC3} - C:\Program Files\Stažené programy\Daemon\daemon4303-lite.exe
C:\WINDOWS\system32\tasks\{0BE9012F-C6E3-4E35-BF28-8170D35A5CAA} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{1063DE59-FEC0-46C1-BE69-88A2A05AE806} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Shadow of Chernobyl CZ\setup-bp.exe" -d "C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Shadow of Chernobyl CZ"
C:\WINDOWS\system32\tasks\{265CAA97-921B-49C4-8E39-A578DC712C69} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\UN\setup.exe" -d "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\UN"
C:\WINDOWS\system32\tasks\{2DFAC0CE-3B0B-4137-98A6-31C9FEE85052} - C:\Users\Honza\Desktop\WM9Codecs.exe
C:\WINDOWS\system32\tasks\{3236AD53-896C-448B-B66B-E3C2539B57B6} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\OnLineRecovery.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{36253562-2349-42FD-9572-EE17DB154F41} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Alwil Software\Avast5\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
C:\WINDOWS\system32\tasks\{3F1A04D6-F2EA-4F73-9247-055C7F8D300A} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{51C43EC8-167C-45CA-A5D8-16518A0E383A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\CT_Setup.exe" -d "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ"
C:\WINDOWS\system32\tasks\{543457B4-410F-4727-A1EB-ABD5CC846C33} - C:\Program Files\Lenovo\VeriFace\veriface.exe
C:\WINDOWS\system32\tasks\{584BA0CE-2400-477F-9FEC-43A9A1B55DA9} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{5AB5BC9F-218F-4558-8B9E-AF00537225D4} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Pro zabezpečení\VeriFace\verifaceiii20090312.exe" -d "C:\Program Files\Stažené programy\Pro zabezpečení\VeriFace"
C:\WINDOWS\system32\tasks\{5DAB54A2-E2D5-4DA5-B28C-6603B1B0D9BC} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{5E40FB2E-E6E6-4EF3-B22F-4DEDAB674E68} - C:\Program Files\Lenovo\VeriFaceIII\VeriFace.exe
C:\WINDOWS\system32\tasks\{64D0E8C1-2199-42E7-B05B-5E1CCCD4269E} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Chameleon\Setup.exe" -d "C:\Program Files\Stažené programy\Hry\Chameleon"
C:\WINDOWS\system32\tasks\{66F80683-2C08-4767-B69D-266901D47ECE} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{671CF5D5-FBED-47A9-8A5E-1A2D913C81F4} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\IN3STW01WW5.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{6C94B17D-635C-4507-BE6D-9283ECFC56BF} - C:\Windows\system32\pcalua.exe -a "C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBJHHIJM\vcredist_x64.exe" -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{6CC21FC3-3975-498A-8368-DE2EBBCC2A63} - C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\spybotsd162.exe
C:\WINDOWS\system32\tasks\{6DACAB32-5FF0-410E-B53E-86F3412B7E0A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" -d "C:\Program Files\Common Files\Nero\Nero Web\" -c -ScParameter=65 MODE="update"
C:\WINDOWS\system32\tasks\{724ABBB4-4901-465E-82A6-512AAE179AAE} - C:\Program Files\Mafia\Game.exe
C:\WINDOWS\system32\tasks\{74F2178F-EA7D-49B3-B3C4-E052DCA4F2E7} - C:\Users\Honza\Desktop\WM9Codecs.exe
C:\WINDOWS\system32\tasks\{7883B547-D6A8-40D9-9C1F-AD8161546847} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\WM9Codecs.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{7CCFF14A-B393-4124-92FE-09779F28DD18} - C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Clear Sky Cz\Hra\bin\xrEngine.exe
C:\WINDOWS\system32\tasks\{829F34AA-AEEC-4DB9-A582-8BEBE43BB1C6} - C:\Windows\system32\pcalua.exe -a E:\WMCodec\WM9Codecs9x.exe -d E:\WMCodec
C:\WINDOWS\system32\tasks\{8A03160D-80A0-4FC6-888C-08A2E5147BC4} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\CENEGA CZECH\Chameleon\Setup.exe" -d "C:\Program Files\CENEGA CZECH\Chameleon"
C:\WINDOWS\system32\tasks\{9960928D-71BA-4636-8E05-5E26F50B8ED3} - "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.101/cs/a ... rogressBar
C:\WINDOWS\system32\tasks\{9AA68FC7-8681-4A47-8BB8-650F1AABB2AD} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Pro zabezpečení\Ad-Aware\Ad-AwareInstallation.exe" -d "C:\Program Files\Stažené programy\Pro zabezpečení\Ad-Aware"
C:\WINDOWS\system32\tasks\{A1285FF2-40C2-4206-A989-64EB96EB0C20} - C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\Lenovo\VeriFace\veriface.exe"
C:\WINDOWS\system32\tasks\{ACF7FCEF-21A0-4BB9-9882-8B2A8408D7A1} - C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Clear Sky Cz\Hra\bin\xrEngine.exe
C:\WINDOWS\system32\tasks\{AE47ED6D-163A-4A0B-9ED1-DBF822413C69} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Nero\Balíčky do Nero Vision\Templates_Basic_HD.exe" -d "C:\Program Files\Stažené programy\Nero\Balíčky do Nero Vision"
C:\WINDOWS\system32\tasks\{B48B183C-2D39-45A9-AF94-FFF31E9A1744} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{EC42C2B7-FB1B-4BC2-AFCD-BB25EC8E72CF} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Setup.exe" -d "C:\Program Files\Mafia"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-1986333984-2678021812-3497317569-1003 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\TVT\ChangePWD - %RR%\rrcmd.exe test
C:\WINDOWS\system32\tasks\TVT\LaunchRnR - %RR%\rrcmd.exe BACKUP location=L name="Scheduled" scheduled
C:\WINDOWS\system32\tasks\TVT\UpdateRnR - %TVTCOMMON%\Scheduler\tvtsetsched.exe rnrupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - %systemroot%\system32\MusNotification.exe LogonUpdateResults
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Th1Eos:{}
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Th1Eos:{} /CalendarRun
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\rempl\shell - %ProgramFiles%\rempl\remsh.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\rempl\shell-unlock - %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files\Citrix\ICA Client\npicaN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3]
"Description"=DealPlyLive Update
"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9]
"Description"=DealPlyLive Update
"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\searchplugins\
bingp.xml

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\addons.json
Text Link - extension - {54BB9F3F-07E5-486c-9B39-C7398B99391C}

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\extensions.json
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Text Link - extension - {54BB9F3F-07E5-486c-9B39-C7398B99391C} - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox Screenshots - extension - screenshots@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Follow-on Search Telemetry - extension - followonsearch@mozilla.com - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\followonsearch@mozilla.com.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\shield-recipe-client@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\e10srollout@mozilla.org.xpi

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\pluginreg.dat
Plugin - Shockwave Flash - 26.0.0.151 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll

=========Google Chrome=========

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dkncgicdohgfdncecojfiapgebmlnaoc 1 Seznam.cz 2016.3.15.38507
Extension ecmgkhgjmodembdmiimbacpjgcdimiek 1 Plná Peněženka Lištička 3.1.7
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.222
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fjhemmolgagmlnmkijimihpihajekbdp 1 CloudCockpit Secure Logon 2016.3.15.39361
Extension fngmhnnpilhplaeedifhccceomclgfbg 1 EditThisCookie 1.4.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension ghgabhipcejejjmhhchfonmamedcbeod 1 Click&Clean 8.9.9.1
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 10.2.0.190
Extension kafhoidinlbamepifokmbjdkkciefhgh 1 Vyhledávání produktů podle obrazu na AliExpress.com 1.2.1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mbemagncoffhaeakhjpmfhmdhifkjfoo 1 diskuze.pozary.cz 2016.3.17.37731
Extension mbiihbcjjmpoicibkilghglikmfcjbjd 0 Plus 25 1.0
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mpochgjjobopmjeeoedohlnngbmlkloa 1 Portál ČHMÚ : Předpovědi : Předpovědi... 2016.3.17.37780
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pglfllomkadlhgbopeenbggbfekpkmpf 1 Předpověď počasí - Mrakoplašova předp... 2016.3.16.48171
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6017.605.1.4
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi]
"Path"=C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox;
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4631FF-5CC8-4EBC-A0DF-34C92291759E}]
CtxIEInterceptorBHO Class - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll [2012-04-05 85144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-09-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-09-08 174104]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-09-08 151064]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"TpShocks"=TpShocks.exe []
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-14 36864]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2013-01-17 267792]
"ConnectionCenter"=C:\Program Files\Citrix\ICA Client\concentr.exe [2012-04-05 371864]
"DynamicUSB"=C:\Program Files\DynamicUSBTool\DynamicUSB.exe [2007-03-02 94208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files\Stažené programy\QuickTime\QTTask.exe [2013-05-01 421888]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-06 205512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-11-21 3519656]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-11-21 126120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-05-04 601168]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2012-05-30 1842384]
"CCleaner Monitoring"=C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe [2014-11-21 5282584]
"OneDrive"=C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-07-30 1536208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2017-07-28 27815896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse]
C:\Program Files\Stažené programy\Myš SilverCrest 12018\English\StartAutorun.exe [2005-11-30 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PopTray.lnk]
C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe [2006-09-16 1666048]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PopTray.lnk - C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe

C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Stažené programy\FlashGet\FlashGet3.exe"="C:\Program Files\Stažené programy\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\60.0.3112.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{A6EADE66-0000-0000-484E-7E8A45000000}]
"StubPath"="C:\WINDOWS\system32\Rundll32.exe" "C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-08-18 21:19:07 ----D---- C:\Program Files\trend micro
2017-08-18 21:19:06 ----D---- C:\rsit
2017-08-16 19:17:46 ----HD---- C:\$WINDOWS.~BT
2017-08-15 20:32:32 ----D---- C:\ProgramData\SWCUTemp
2017-08-01 21:15:11 ----D---- C:\Program Files\rempl

======List of files/folders modified in the last 1 month======

2017-08-18 21:30:59 ----AD---- C:\ProgramData\TEMP
2017-08-18 21:30:20 ----D---- C:\WINDOWS\Temp
2017-08-18 21:19:07 ----RD---- C:\Program Files
2017-08-18 21:11:43 ----D---- C:\WINDOWS\system32\NDF
2017-08-18 20:51:14 ----D---- C:\WINDOWS\System32
2017-08-18 20:43:56 ----SHD---- C:\WINDOWS\Installer
2017-08-18 20:43:55 ----SHD---- C:\Config.Msi
2017-08-18 20:43:17 ----SHD---- C:\System Volume Information
2017-08-18 20:40:43 ----D---- C:\WINDOWS\SoftwareDistribution
2017-08-18 20:40:42 ----D---- C:\Windows
2017-08-18 20:37:47 ----D---- C:\WINDOWS\system32\sru
2017-08-18 00:15:57 ----D---- C:\WINDOWS\system32\config
2017-08-17 23:39:54 ----D---- C:\WINDOWS\Microsoft.NET
2017-08-17 23:22:11 ----D---- C:\WINDOWS\system32\drivers
2017-08-17 20:38:57 ----HD---- C:\Program Files\WindowsApps
2017-08-17 20:38:50 ----D---- C:\WINDOWS\AppReadiness
2017-08-16 21:42:50 ----D---- C:\CitrixUSBStore
2017-08-16 21:34:36 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2017-08-16 18:18:18 ----D---- C:\WINDOWS\Prefetch
2017-08-15 20:40:27 ----D---- C:\WINDOWS\system32\Tasks
2017-08-15 20:32:32 ----HD---- C:\ProgramData
2017-08-15 09:15:46 ----D---- C:\WINDOWS\debug
2017-08-15 09:06:11 ----D---- C:\WINDOWS\system32\MRT
2017-08-15 08:51:42 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-08-13 21:12:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-13 21:12:53 ----D---- C:\WINDOWS\INF
2017-08-13 19:42:46 ----D---- C:\Windows10Upgrade
2017-08-08 19:45:08 ----D---- C:\WINDOWS\system32\Macromed
2017-08-03 21:11:12 ----D---- C:\ProgramData\Skype
2017-07-30 22:46:06 ----A---- C:\WINDOWS\progress.ini
2017-07-30 21:56:16 ----HD---- C:\$GetCurrent

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [2017-03-06 148720]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [2017-03-06 267016]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [2017-03-06 41176]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-03-06 62152]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-03-14 278776]
R0 iaStor;@oem42.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2009-08-07 330264]
R0 sfdrv02;FrontLine Environment Driver (v2); C:\WINDOWS\system32\drivers\sfdrv02.sys [2006-09-11 67960]
R0 sfsync05;FrontLine Synchronization Driver (v5); C:\WINDOWS\system32\drivers\sfsync05.sys [2006-08-11 59776]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [2017-03-06 257288]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-03-06 31064]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-03-06 355752]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-03-06 90336]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-03-06 756200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-03-21 465024]
R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2012-02-14 67960]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-03-06 106392]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-03-06 118288]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-05-26 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-05-26 25888]
R2 regi;regi; C:\WINDOWS\system32\drivers\regi.sys [2007-04-18 11032]
R3 5U877;@oem28.inf,%USBVideo.SvcDesc%;USB Video Device; C:\WINDOWS\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2015-07-10 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 102912]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 61952]
R3 btwaudio;@oem20.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-12-18 86056]
R3 btwavdt;@oem19.inf,%btwavdt.SVCDESC%;Bluetooth AVDT Service; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-12-18 108072]
R3 btwl2cap;@oem53.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2011-05-05 29472]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-12-18 18472]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2015-06-26 59216]
R3 IntcHdmiAddService;@oem49.inf,%IntelHDMIDriverForHDAudio.SvcDesc%;Intel(R) High Definition Audio HDMI; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2009-07-09 122880]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-11-21 130048]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\WINDOWS\System32\drivers\NETwNs32.sys [2015-07-10 7518208]
R3 psadd;@oem24.inf,%psadd.SVCDESC%;Lenovo Parties Service Access Device Driver; C:\WINDOWS\System32\drivers\psadd.sys [2009-12-02 33088]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 129536]
R3 RimVSerPort;@oem3.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x86.sys [2015-07-10 492032]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-11-21 26792]
S0 amdagp;@machine.inf,%amdagp_svcdesc%;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\drivers\amdagp.sys [2015-07-10 55648]
S0 sisagp;@machine.inf,%sisagp_svcdesc%;SIS AGP Bus Filter; C:\WINDOWS\System32\drivers\sisagp.sys [2015-07-10 54112]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-26 697328]
S2 Parvdm;Parvdm; C:\WINDOWS\System32\drivers\parvdm.sys [2015-07-10 9216]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-03-06 34136]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-14 38984]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-11-21 725504]
S3 btusbflt;Bluetooth USB Filter; C:\WINDOWS\system32\drivers\btusbflt.sys [2013-12-18 45736]
S3 dtproscsibus;@oem4.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [2017-04-14 26168]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2015-07-10 19456]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2015-07-10 80384]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\C:\Program Files\PC-Doctor\pcdsrvc.pkms [2009-08-18 20848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-10-01 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-10-01 242976]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-06 262736]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-03-06 278784]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-06-13 628000]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-22 858384]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;@oem78.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2015-06-26 113904]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-21 1872808]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-11-21 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 OneSyncSvc_Session5;Hostitel synchronizace_Session5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-01-12 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2013-01-12 107832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-22 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2016-12-05 413696]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-25 15872]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-03-06 5545144]
R3 Blackberry Device Manager;Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-01-18 577536]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:\Windows\system32\sfrem02.exe [2006-05-11 358008]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-09 651720]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-05-07 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-07-10 175560]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-28 53248]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-28 53248]
S3 PimIndexMaintenanceSvc_Session5;Data kontaktů_Session5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-28 77824]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-03-15 45744]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 18 20:31:29 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: ICQ Service


***** [ Folders ] *****

Deleted: C:\Program Files\ICQ6Toolbar
Deleted: C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Deleted: C:\ProgramData\ICQ\ICQNewTab
Deleted: C:\ProgramData\Application Data\ICQ\ICQNewTab
Deleted: C:\Users\All Users\ICQ\ICQNewTab
Deleted: C:\Program Files\Ask.com
Deleted: C:\Program Files\Conduit
Deleted: C:\Users\Honza\AppData\Local\Conduit
Deleted: C:\Users\Honza\AppData\LocalLow\Conduit
Deleted: C:\Users\Honza\AppData\Roaming\OpenCandy
Deleted: C:\Program Files\DealPly
Deleted: C:\Users\Honza\AppData\Roaming\DealPly
Deleted: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Deleted: C:\ProgramData\DealPlyLive
Deleted: C:\ProgramData\Application Data\DealPlyLive
Deleted: C:\Program Files\DealPlyLive
Deleted: C:\Users\All Users\DealPlyLive
Deleted: C:\Users\Honza\AppData\Local\DealPlyLive
Deleted: C:\ProgramData\dealplylive
Deleted: C:\ProgramData\Application Data\dealplylive
Deleted: C:\Program Files\dealplylive
Deleted: C:\Users\All Users\dealplylive
Deleted: C:\Users\Honza\AppData\Local\dealplylive
Deleted: C:\Users\Honza\AppData\Local\FileViewPro
Deleted: C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}


***** [ Files ] *****

Deleted: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\searchplugins\bingp.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DealPlyUpdate
Deleted: Scheduled Update for Ask Toolbar


***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search [http:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=sm]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE9RunOnceCompletionTime [íଉnj:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=sm]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\AskToolbarInfo
Deleted: [Key] - HKCU\Software\AppDataLow\AskToolbarInfo
Deleted: [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\UpToDown
Deleted: [Key] - HKCU\Software\UpToDown
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\YahooPartnerToolbar
Deleted: [Key] - HKCU\Software\YahooPartnerToolbar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com\DealPlyLive Update;version=3
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com\DealPlyLive Update;version=9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.oneclickctrl.9
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.update3webcontrol.3
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Software\AskToolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AskToolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Ask.com
Deleted: [Key] - HKCU\Software\Ask.com
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKLM\SOFTWARE\ICQ\ICQToolbar
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Toolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Toolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Deleted: [Key] - HKLM\SOFTWARE\DealPlyLive
Deleted: [Key] - HKU\.DEFAULT\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-18\Software\DealPlyLive
Deleted: [Key] - HKCU\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKLM\SOFTWARE\Classes\Toolbar.CT3067892


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [14701 B] - [2017/8/18 20:13:48]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-08-2017
Ran by Honza (administrator) on LENOVO (19-08-2017 19:09:38)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza & DefaultAppPool)
Platform: Microsoft Windows 10 Pro (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\System32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Citrix Systems) C:\Program Files\DynamicUSBTool\DynamicUSB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
(Gadwin Systems, Inc) C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
(Piriform Ltd) C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Renier Crause) C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x86__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1604.21020.0_x86__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68976 2009-03-13] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPFNF6R] => C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [337184 2009-07-09] (Lenovo.)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-28] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-14] ()
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
HKLM\...\Run: [DynamicUSB] => C:\Program Files\DynamicUSBTool\DynamicUSB.exe [94208 2007-03-02] (Citrix Systems)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\Stažené programy\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-06] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519656 2015-11-21] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [126120 2015-11-21] (Synaptics)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [Google Update] => C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-04] (Google Inc.)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [Gadwin PrintScreen] => C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin Systems, Inc)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [25600 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll => C:\Program Files\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-12-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PopTray.lnk [2010-04-21]
ShortcutTarget: PopTray.lnk -> C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe (Renier Crause)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2015-03-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a02f118-28a0-46bf-872a-bc305e62476f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7a02f118-28a0-46bf-872a-bc305e62476f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
URLSearchHook: HKLM - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {C5761109-66CB-4308-B879-BF8F6D89BB32} URL = hxxp://www.csfd.cz/hledani-filmu-hercu-reziser ... earchTerms}
BHO: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22] (Trend Media Group)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> No Name - {1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} - No File
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> hxxp://www.seznam.cz/

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default [2017-08-19]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Extension: (Text Link) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2017-03-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @rim.com/npappworld -> C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll [2014-03-03] ()
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @powerchallenge.com/PowerLoader -> C:\Users\Honza\AppData\LocalLow\PowerChallenge\nppowerloader.dll [2009-09-21] (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: google.com/WidevineMediaOptimizer -> C:\Users\Honza\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2017-08-19]
CHR Extension: (Prezentace Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-31]
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-31]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-31]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Seznam.cz) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2016-03-15]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2017-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-06]
CHR Extension: (Tabulky Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-31]
CHR Extension: (CloudCockpit Secure Logon) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhemmolgagmlnmkijimihpihajekbdp [2016-03-15]
CHR Extension: (EditThisCookie) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Click&Clean) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2017-07-31]
CHR Extension: (Vyhledávání produktů podle obrazu na AliExpress.com) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafhoidinlbamepifokmbjdkkciefhgh [2017-03-30]
CHR Extension: (diskuze.pozary.cz) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbemagncoffhaeakhjpmfhmdhifkjfoo [2016-03-17]
CHR Extension: (Plus 25) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbiihbcjjmpoicibkilghglikmfcjbjd [2017-06-27]
CHR Extension: (Portál ČHMÚ : Předpovědi : Předpovědi...) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpochgjjobopmjeeoedohlnngbmlkloa [2016-03-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Předpověď počasí - Mrakoplašova předp...) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglfllomkadlhgbopeenbggbfekpkmpf [2016-03-16]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124192 2009-10-01] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [242976 2009-10-01] (Lenovo)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-03-06] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-06] (AVAST Software)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-09] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-21] (Maxthon)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-01-12] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2013-01-12] ()
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2016-12-05] () [File not signed]
S2 sfrem02; C:\Windows\system32\sfrem02.exe [358008 2006-05-11] (Protection Technology (StarForce))
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 SUService; c:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-09-25] (Lenovo Group Limited) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-11-21] (Synaptics Incorporated)
S2 ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-29] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-04] (Lenovo Group Limited) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2017-06-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [257288 2017-03-06] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148720 2017-03-06] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [267016 2017-03-06] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41176 2017-03-06] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-03-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-03-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [106392 2017-03-06] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [355752 2017-03-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-03-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-03-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [756200 2017-03-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [465024 2017-03-21] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118288 2017-03-06] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [38984 2015-03-14] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [278776 2017-03-14] (AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [281760 2010-05-26] ()
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [26168 2017-04-14] (Disc Soft Ltd)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2010-05-26] ()
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2015-07-10] (Intel Corporation)
S3 PCDSRVC{C4B36920-79E24793-06000000}_0; C:\Program Files\PC-Doctor\pcdsrvc.pkms [20848 2009-08-18] (PC-Doctor, Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R0 sfdrv02; C:\WINDOWS\System32\drivers\sfdrv02.sys [67960 2006-09-11] (Protection Technology (StarForce))
R0 sfsync05; C:\WINDOWS\System32\drivers\sfsync05.sys [59776 2006-08-11] (Protection Technology (StarForce))
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-11-21] (Synaptics Incorporated)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [697328 2010-05-26] (Duplex Secure Ltd.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-19 19:09 - 2017-08-19 19:11 - 000032828 _____ C:\Users\Honza\Desktop\FRST.txt
2017-08-19 19:09 - 2017-08-19 19:09 - 000000000 ____D C:\FRST
2017-08-19 19:07 - 2017-08-19 19:07 - 000112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2017-08-19 19:00 - 2017-08-19 19:00 - 001792512 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2017-08-19 18:57 - 2017-08-19 18:57 - 000016148 _____ C:\WINDOWS\system32\LENOVO_Honza_HistoryPrediction.bin
2017-08-18 22:37 - 2017-08-18 22:37 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-18 22:07 - 2017-08-18 22:31 - 000000000 ____D C:\AdwCleaner
2017-08-18 22:05 - 2017-08-18 22:07 - 008185288 _____ (Malwarebytes) C:\Users\Honza\Desktop\adwcleaner_7.0.1.0.exe
2017-08-18 21:19 - 2017-08-18 21:34 - 000000000 ____D C:\Program Files\trend micro
2017-08-18 21:19 - 2017-08-18 21:20 - 000000000 ____D C:\rsit
2017-08-18 21:18 - 2017-08-18 21:18 - 001206272 _____ C:\Users\Honza\Desktop\RSIT.exe
2017-08-16 19:17 - 2017-08-16 19:17 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-08 22:55 - 2017-08-08 22:55 - 000000279 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2017-08-01 21:15 - 2017-08-18 20:43 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-19 19:09 - 2017-03-26 23:30 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2017-08-19 15:51 - 2011-04-04 17:57 - 000000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
2017-08-19 15:21 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-18 22:58 - 2010-04-11 18:18 - 000000000 ____D C:\ProgramData\TEMP
2017-08-18 22:35 - 2017-07-13 20:04 - 000035042 _____ C:\Users\Public\Documents\AccConnAdvanced.dat
2017-08-18 22:35 - 2017-04-12 12:27 - 000069432 _____ C:\Users\Public\Documents\ACGinaWinlogon.dat
2017-08-18 22:34 - 2015-07-21 01:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-18 22:33 - 2015-07-10 08:59 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-08-18 22:30 - 2010-04-21 10:18 - 000000000 ____D C:\ProgramData\ICQ
2017-08-18 21:32 - 2011-10-16 23:33 - 000000000 ___RD C:\Users\Honza\Documents\Fotografie
2017-08-18 21:29 - 2015-11-21 14:44 - 000000000 ____D C:\Users\Honza
2017-08-18 21:25 - 2010-05-27 19:28 - 000000000 ___RD C:\Users\Honza\Filmy
2017-08-18 21:15 - 2015-11-23 22:24 - 000002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-18 21:15 - 2015-11-23 22:24 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-18 00:19 - 2015-08-16 23:07 - 000034092 _____ C:\Users\Honza\Desktop\udaje.txt
2017-08-17 23:32 - 2017-02-18 22:04 - 000027956 _____ C:\Users\Honza\Desktop\Slevomat-DámeJídlo.xlsx
2017-08-17 20:38 - 2015-07-10 10:28 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-17 20:38 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-16 21:42 - 2012-09-25 22:50 - 000000000 ____D C:\CitrixUSBStore
2017-08-16 21:34 - 2011-11-19 21:07 - 000000000 ____D C:\Users\Honza\AppData\Roaming\vlc
2017-08-15 20:40 - 2016-10-15 20:52 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-15 09:06 - 2013-07-31 00:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-15 08:51 - 2010-04-15 22:50 - 137505280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-13 21:12 - 2015-11-21 14:43 - 001987308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-13 21:12 - 2015-09-10 06:00 - 000825926 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-13 21:12 - 2015-09-10 06:00 - 000184012 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-13 21:12 - 2015-07-10 10:27 - 000000000 ____D C:\WINDOWS\INF
2017-08-13 19:42 - 2017-06-05 18:48 - 000000000 ____D C:\Windows10Upgrade
2017-08-13 19:38 - 2017-07-13 16:53 - 000000820 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PomocnĂ­k s aktualizacĂ­ Windows 10.lnk
2017-08-13 19:38 - 2017-07-13 16:53 - 000000808 _____ C:\Users\Honza\Desktop\PomocnĂ­k s aktualizacĂ­ Windows 10.lnk
2017-08-12 21:30 - 2015-12-01 16:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-08 19:45 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-05 20:19 - 2010-04-10 19:54 - 000000000 ____D C:\Users\Honza\AppData\Local\ElevatedDiagnostics
2017-08-03 21:11 - 2015-03-20 21:47 - 000000000 ____D C:\ProgramData\Skype
2017-07-31 00:12 - 2015-11-21 13:37 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2017-07-31 00:12 - 2015-11-21 13:37 - 000001908 _____ C:\WINDOWS\diagerr.xml
2017-07-30 22:46 - 2017-06-09 18:16 - 000000036 _____ C:\WINDOWS\progress.ini
2017-07-30 21:56 - 2017-06-05 18:53 - 000000000 ___HD C:\$GetCurrent
2017-07-30 18:42 - 2017-02-18 19:20 - 000002439 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-30 18:42 - 2015-11-21 15:37 - 000000000 ___RD C:\Users\Honza\OneDrive
2017-07-23 12:00 - 2009-12-02 03:44 - 000000340 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job

==================== Files in the root of some directories =======

2013-02-03 23:10 - 2008-03-09 08:25 - 000000236 ____H () C:\Program Files\Common Files\dx.reg
2013-02-03 23:10 - 2013-02-03 23:10 - 000002176 _____ () C:\Program Files\Common Files\unins000.dat
2013-02-03 23:10 - 2013-02-03 23:10 - 000728858 _____ () C:\Program Files\Common Files\unins000.exe
2010-04-20 19:43 - 2010-12-25 21:08 - 000000320 _____ () C:\Users\Honza\AppData\Roaming\lenovo_config.dat
2002-08-29 17:33 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Honza\AppData\Roaming\MafiaSetup.exe
2013-01-12 00:36 - 2013-01-12 00:36 - 000022328 _____ () C:\Users\Honza\AppData\Roaming\PnkBstrK.sys
2010-04-14 09:34 - 2010-04-14 09:38 - 000008192 _____ () C:\Users\Honza\AppData\Roaming\records_db
2011-01-03 20:09 - 2014-12-25 18:08 - 000000924 _____ () C:\Users\Honza\AppData\Roaming\Rim.Desktop.Exception.log
2011-01-03 20:08 - 2014-04-27 21:24 - 000003363 _____ () C:\Users\Honza\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-11-10 00:11 - 2014-12-25 18:08 - 000000539 _____ () C:\Users\Honza\AppData\Roaming\Rim.DesktopHelper.Exception.log
2011-09-05 22:23 - 2013-06-13 21:56 - 000010571 _____ () C:\Users\Honza\AppData\Roaming\SmarThruOptions.xml
2013-12-19 20:23 - 2015-03-25 14:07 - 000000161 _____ () C:\Users\Honza\AppData\Roaming\WB.CFG
2010-04-18 22:53 - 2010-04-18 22:53 - 000001478 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\suspend.ico
2013-11-21 20:54 - 2014-01-04 13:33 - 000000346 ___SH () C:\Users\Honza\AppData\Local\70149b02515b3bb20dd492.47983420
2010-05-24 20:01 - 2010-05-24 20:01 - 000003584 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-12 17:36 - 2010-04-12 17:36 - 000000017 _____ () C:\Users\Honza\AppData\Local\resmon.resmoncfg
2010-05-13 17:31 - 2010-05-13 17:31 - 000004886 _____ () C:\ProgramData\kgkketov.ixb
2010-05-13 17:31 - 2010-05-13 17:31 - 000005000 _____ () C:\ProgramData\xqkcebzs.dik

Files to move or delete:
====================
C:\Users\Honza\FordM.EXE


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exeK-backgroundmon scripts\backgroundmon.xml
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Honza\Desktop" je 17 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse
C:\Program Files\Sta§en‚ programy\Myç SilverCrest 12018\English\StartAutorun.exe MouseDrv.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PopTray.lnk
C:\Program Files\Sta§en‚ programy\Ozn menˇ poçty\PopTray.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Sta§en‚ programy\\FlashGet\\FlashGet3.exe"="C:\\Program Files\\Sta§en‚ programy\\FlashGet\\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
C:\Program Files\Microsoft\BingBar
C:\Program Files\Google\Google Toolbar
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\kgkketov.ixb
C:\ProgramData\xqkcebzs.dik
C:\Users\Honza\FordM.EXE

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 19-08-2017
Ran by Honza (19-08-2017 21:36:59) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
C:\Program Files\Microsoft\BingBar
C:\Program Files\Google\Google Toolbar
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\kgkketov.ixb
C:\ProgramData\xqkcebzs.dik
C:\Users\Honza\FordM.EXE

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key removed successfully.
HKLM\Software\Classes\CLSID\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key removed successfully.
HKLM\Software\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key removed successfully.
HKLM\Software\Classes\CLSID\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key removed successfully.
HKLM\Software\Classes\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully.
HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully.
C:\Program Files\Microsoft\BingBar => moved successfully
C:\Program Files\Google\Google Toolbar => moved successfully
Firefox SearchEngineOrder.3 removed successfully.
Firefox "Keyword.URL" removed successfully.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job => moved successfully
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\kgkketov.ixb => moved successfully
C:\ProgramData\xqkcebzs.dik => moved successfully
C:\Users\Honza\FordM.EXE => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11743804 B
Java, Flash, Steam htmlcache => 36220 B
Windows/system/drivers => 1646880 B
Edge => 2915577 B
Chrome => 162695978 B
Firefox => 20071333 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 83598 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 619454 B
NetworkService => 640 B
Honza => 20482487 B
DefaultAppPool => 75402 B

RecycleBin => 0 B
EmptyTemp: => 210.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:40:11 ====

Smazáno. Nastala nějaká změna?

Bohužel, internet opět vypadnul
Navíc při otevření prohlížeče se mi otevřou 2 záložky s nějakým Cleanem... (hotcleaner.com)

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Po Zoek restart neproběhl, ani se neobjevil log, nicméně jsem ho našel, tak posílám:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Honza on ne 20. 08. 2017 at 20:31:13,12.
Microsoft Windows 10 Pro 10.0.10240 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Honza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20. 8. 2017 20:37:18 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\Codemasters deleted successfully
C:\Program Files\Full Tilt Poker.Net deleted successfully
C:\Program Files\GUM6538.tmp deleted successfully
C:\Program Files\MetaGeek deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\eBay deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\ICQ deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Honza\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Honza\AppData\Local\EmieSiteList deleted successfully
C:\Users\Honza\AppData\Local\EmieUserList deleted successfully
C:\Users\Honza\AppData\Local\ms-drivers deleted successfully
C:\Users\Honza\AppData\Local\NetworkTiles deleted successfully
C:\Users\Honza\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Honza\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{252403bd-2b83-472d-ea80-92cbfe84dcd2} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70e791cc-1dc4-4390-2299-f3b2e3acf2ca} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SeaPort deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SeaPort deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\BBSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BBSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPHDEXLGSVC deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");

Added to C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\Codemasters not found
C:\Program Files\Full Tilt Poker.Net not found
C:\Program Files\GUM6538.tmp not found
C:\Program Files\MetaGeek not found
C:\Program Files\DVDFab 8 Qt deleted
C:\WINDOWS\system32\appdata deleted
C:\Program Files\Maple 14 deleted
C:\Users\Honza\AppData\LocalLow\Miniclip deleted
C:\install.exe deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Honza\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Honza\AppData\LocalLow\Unity deleted
C:\WINDOWS\System32\tmp4107.tmp deleted
C:\WINDOWS\System32\tmp4117.tmp deleted
C:\WINDOWS\System32\tmp979D.tmp deleted
"C:\Users\Honza\AppData\Roaming\records_db" deleted
"C:\Users\Honza\AppData\Roaming\MoveFab" deleted
"C:\Users\Honza\AppData\Local\Unity" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [11. 10. 2016 19:51]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
- Text Link - %ProfilePath%\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
7E63C9FB4627BFFDCF88B57FACD45695 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll - Shockwave Flash
CD656126C7A56461A4A57BE0BC1FE0DA - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
D9F9ED68815333915D0F54F87FD9B375 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll - Shockwave for Director / Shockwave for Director
2D45A8274592D965EDFB62ACCB1150B1 - C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
25FA8C3B9789A26CA7D61C8E9B4EA799 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader
3538BD1667DE3AF6E6FD0AA62A6DB55C - C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll - BlackBerry AppWorld
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
C45A130CA14334073C0FF795897A1D22 - c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll - Silverlight Plug-In
B24F014C6DDA5A39CE7FCB2A8B862C5A - c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrlui.dll - Microsoft® Silverlight
1E96525AE85D402F9F8047F8CAEF5F06 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U29
47AFF25B68CE4885FEC6CFDEF8FEBB5C - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.290.11
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
472B98790B5A7A048C58BA728A5372AB - C:\Program Files\Citrix\ICA Client\npicaN.dll - Citrix ICA Client
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\Honza\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
F34CD16B3BBB90B5B0A6565712598E2D - C:\Users\Honza\AppData\LocalLow\PowerChallenge\nppowerloader.dll - Power Challenge Loader
2D45A8274592D965EDFB62ACCB1150B1 - C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gnlaniokgfckpjblpafbfchhghecmifi - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]

Seznam.cz - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc
Plná Peněženka Lištička - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek
Avast SafePrice - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
CloudCockpit Secure Logon - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhemmolgagmlnmkijimihpihajekbdp
EditThisCookie - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg
diskuze.pozary.cz - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbemagncoffhaeakhjpmfhmdhifkjfoo
Plus 25 - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbiihbcjjmpoicibkilghglikmfcjbjd
Portál ČHMÚ : Předpovědi : Předpovědi... - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpochgjjobopmjeeoedohlnngbmlkloa
Předpověď počasí - Mrakoplašova předp... - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglfllomkadlhgbopeenbggbfekpkmpf
Chrome Media Router - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{10CFA866-3138-429D-BF75-F590E670B186}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{10CFA866-3138-429D-BF75-F590E670B186} Google Url="http://www.google.com/search?q={searchT ... NH_csCZ683"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} Seznam Url="http://search.seznam.cz/?q={searchTerms ... chmodule_2"
{C5761109-66CB-4308-B879-BF8F6D89BB32} ¬SFD Url="http://www.csfd.cz/hledani-filmu-hercu- ... earchTerms}"
{C5761109-66CB-4308-B879-BF8F6D89BB32} ¬SFD Url="http://www.csfd.cz/hledani-filmu-hercu- ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\Users\Honza\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1989 folders=285 1261296676 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot



JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x86
Ran by Honza (Administrator) on ne 20. 08. 2017 at 21:55:30,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job (Task)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20. 08. 2017 at 22:06:17,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vyčištěno. Nastala nějaká změna?

Bohužel net stále vypadne cca po 30min po zapnutí, ale změna nyní byla alespoň v tom, že už se mi načte seznam wifi, takže si tam najdu jen svoji síť a připojím se... Což dříve nešlo, musel jsem přes odstranit potíže.
Ale proč to stále vypadává, to nevím...

Zkuste přeinstalovat ovladač síťového adaptéru. Pokud to nepomůže, restartujte modem, router a příp. další síť. prvky v datové cestě. Pokud ani pak nedosáhněte změny, obraťte se na providera.

Na druhém PC problém není, takže to bude v PC, zkusím ten ovladač, každopádně vám moc díky za pomoc i vyčištění