VIRY.CZ

Ahoj Vsem,
prosim Vas timto o kontrolu logu. Pc bohuzel nefunguje jak ma. Mam podezreni na viry v pc. Pomalejsi odezva pc a antivirovy program Avast casto vyhazuje hlasu, nalezena skodliva hrozba. Prosim o Vasi pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by micha (administrator) on MISA_WIN10 (11-11-2017 13:39:58)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\P2PEnhance\p2penhance.exe
(Keepvid) C:\Program Files (x86)\KeepVid\KAF\2.4.2.222\KvAppService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Spotydl) C:\Program Files (x86)\Spotydl\spotydl.exe
(Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\micha\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-11] (AVAST Software)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [2447712 2017-06-11] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [949960 2015-06-07] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-10-18] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15375312 2017-06-21] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5388128 2017-06-11] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-15] (Western Digital Technologies, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-10] (Spotify Ltd)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotydl] => C:\Program Files (x86)\Spotydl\spotydl.exe [1878016 2014-02-22] (Spotydl)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [PQwick] => C:\Program Files (x86)\PQwick1.1\PQwick.exe [815992 2017-10-15] (Ashampoo)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotify Web Helper] => C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-10] (Spotify Ltd)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{bd374a84-fd92-49ff-81fd-5df053db3bd2}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.facebook.co ... oogle.com/"
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2017-11-11]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-10-11]
CHR Extension: (iPrima) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\alafgdbefgihkggefobnlmlpnifnfedd [2017-10-11]
CHR Extension: (Disk Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-26]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-26]
CHR Extension: (Vyhledávání Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-26]
CHR Extension: (Ulož.to) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjibnfalpbggjkaomijnloodkdkgcdj [2017-10-11]
CHR Extension: (HBO GO) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdpjjopjiimbecggfmcbkbifdgblapo [2017-10-11]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\knmnopfmccchnnfdoiddbihbcboeedll [2017-11-11]
CHR Extension: (Slovní fotbal) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkjfkiapgnfmeedpjapeiaajpjgmphf [2017-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-26]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [332368 2017-11-11] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 KvAppService; C:\Program Files (x86)\Keepvid\KAF\2.4.2.222\KvAppService.exe [474824 2017-03-10] (Keepvid)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2283984 2017-06-21] (Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 P2PEnhance; C:\Program Files (x86)\P2PEnhance\P2PEnhance.exe [53248 2015-09-04] () [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [675184 2017-06-11] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331632 2017-06-11] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [119008 2017-07-05] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-11] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-11] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-11] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455384 2017-11-11] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-11] (AVAST Software)
R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (AVerMedia TECHNOLOGIES, Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [22528 2017-03-14] () [File not signed]
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-06-07] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-11 13:39 - 2017-11-11 13:40 - 000020069 _____ C:\Users\micha\Desktop\FRST.txt
2017-11-11 13:39 - 2017-11-11 13:38 - 000112640 _____ (forum.viry.cz) C:\Users\micha\Desktop\FRSTLauncher.exe
2017-11-11 13:38 - 2017-11-11 13:38 - 000112640 _____ (forum.viry.cz) C:\Users\micha\Downloads\FRSTLauncher.exe
2017-11-11 13:37 - 2017-11-11 13:39 - 000000000 ____D C:\FRST
2017-11-11 13:34 - 2017-11-11 13:34 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-11 13:28 - 2017-11-11 13:28 - 002403328 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2017-11-11 13:24 - 2017-11-11 13:24 - 000000270 __RSH C:\Users\micha\ntuser.pol
2017-11-11 13:21 - 2017-11-11 13:21 - 000000000 ___HD C:\$AV_ASW
2017-11-11 13:16 - 2017-11-11 13:29 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-11-11 13:16 - 2017-11-11 13:16 - 000000000 ____D C:\Users\micha\AppData\Roaming\System Healer
2017-11-11 13:16 - 2017-11-11 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2017-11-11 13:16 - 2017-11-11 13:16 - 000000000 ____D C:\ProgramData\8a3aa5c6-4981-0
2017-11-11 13:16 - 2017-11-11 13:16 - 000000000 ____D C:\ProgramData\8a3aa5c6-2881-1
2017-11-11 13:15 - 2017-11-11 13:15 - 000000000 ____D C:\Program Files (x86)\PQwick1.1
2017-11-11 13:15 - 2017-11-11 13:15 - 000000000 ____D C:\Program Files (x86)\CompanyKooxa
2017-11-11 13:14 - 2017-11-11 13:14 - 000000000 ____D C:\ProgramData\QuteClient
2017-11-11 13:14 - 2017-11-11 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\P2PEnhance
2017-11-11 13:14 - 2017-11-11 13:14 - 000000000 ____D C:\ProgramData\Microleaves
2017-11-11 13:14 - 2017-11-11 13:14 - 000000000 ____D C:\Program Files (x86)\P2PEnhance
2017-11-11 13:12 - 2017-11-11 13:24 - 000000390 _____ C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2017-11-11 13:12 - 2017-11-11 13:24 - 000000310 _____ C:\WINDOWS\Tasks\PjDfytumxbayONn.job
2017-11-11 13:12 - 2017-11-11 13:14 - 000930816 _____ C:\Users\micha\AppData\Local\po.db
2017-11-11 13:12 - 2017-11-11 13:12 - 000140800 _____ C:\Users\micha\AppData\Local\installer.dat
2017-11-11 13:12 - 2017-11-11 13:12 - 000011568 _____ C:\Users\micha\AppData\Local\InstallationConfiguration.xml
2017-11-11 13:12 - 2017-11-11 13:12 - 000003722 _____ C:\WINDOWS\System32\Tasks\{FFDDB183-9748-ECE9-037F-2334DDAABD36}
2017-11-11 13:12 - 2017-11-11 13:12 - 000003214 _____ C:\WINDOWS\System32\Tasks\zjwPaeaadZaNwF
2017-11-11 13:12 - 2017-11-11 13:12 - 000002864 _____ C:\WINDOWS\System32\Tasks\PjDfytumxbayONn2
2017-11-11 13:12 - 2017-11-11 13:12 - 000002848 _____ C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator
2017-11-11 13:12 - 2017-11-11 13:12 - 000002630 _____ C:\WINDOWS\System32\Tasks\PjDfytumxbayONn
2017-11-11 13:12 - 2017-11-11 13:12 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Users\micha\Documents\PCSpeedUp
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Users\micha\AppData\LocalLow\CelGrfgXIrZdI
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\ProgramData\34237f02-7801-0
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\ProgramData\34237f02-18a3-1
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\zTWnHlzwjSUn
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\ZfJRwqLPhIE
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\kqEuPYMaU
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\JIdcnntTvnKU2
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\FastDataX
2017-11-11 13:11 - 2017-11-11 13:24 - 000000404 _____ C:\WINDOWS\Tasks\Updater_Online_Application.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G6.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G5.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G4.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G3.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G2.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G1.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000000 ____D C:\Disk
2017-11-11 13:11 - 2017-11-11 13:11 - 000003298 _____ C:\WINDOWS\System32\Tasks\Updater_Online_Application
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G6
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G5
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G4
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G3
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G2
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G1
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Windat
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microleaves
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Users\micha\AppData\Local\AdvinstAnalytics
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnjoyWiFi
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Program Files\LaCie Private Public
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Program Files (x86)\Microleaves
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Program Files (x86)\EnjoyWiFi
2017-11-11 13:10 - 2017-11-11 13:22 - 000000000 ____D C:\Users\micha\AppData\Local\AdService
2017-11-11 13:06 - 2017-11-11 13:06 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-11 13:06 - 2017-11-11 13:06 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-09 21:48 - 2017-11-09 21:48 - 000001042 _____ C:\Users\micha\Desktop\fb text reklama.txt
2017-11-07 20:46 - 2017-11-10 19:10 - 000000000 ____D C:\Users\micha\Desktop\maminka job
2017-11-05 21:13 - 2017-11-05 21:13 - 000686196 _____ C:\WINDOWS\Minidump\110517-8031-01.dmp
2017-11-02 21:17 - 2017-11-02 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-02 21:16 - 2017-11-02 21:16 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\Program Files\iTunes
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\Program Files\iPod
2017-10-17 20:42 - 2017-10-18 20:33 - 000568102 _____ C:\Users\micha\Desktop\Wedding Day Kata and Radek 8.9.2017.pds
2017-10-17 19:54 - 2017-11-05 21:13 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-17 19:54 - 2017-10-17 19:54 - 000681772 _____ C:\WINDOWS\Minidump\101717-6328-01.dmp
2017-10-15 13:49 - 2017-10-15 13:49 - 000000000 ____D C:\TempProjekty
2017-10-15 13:26 - 2017-10-15 20:42 - 000000000 ____D C:\ProgramData\Extreme Picture Finder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-11 13:34 - 2016-09-05 17:18 - 000000000 ____D C:\Program Files\trend micro
2017-11-11 13:30 - 2017-07-05 09:27 - 002649098 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-11 13:30 - 2017-03-20 05:43 - 001192930 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-11 13:30 - 2017-03-20 05:43 - 000286670 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-11 13:26 - 2017-07-05 09:25 - 000003806 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-11-11 13:25 - 2017-04-18 15:36 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2017-11-11 13:24 - 2017-07-05 09:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-11 13:24 - 2017-07-05 09:18 - 000000000 ____D C:\Users\micha
2017-11-11 13:24 - 2017-07-05 09:18 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-11 13:24 - 2017-04-18 15:36 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2017-11-11 13:24 - 2016-02-12 21:10 - 000000000 ___RD C:\Users\micha\iCloudDrive
2017-11-11 13:23 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-11 13:17 - 2017-09-24 15:41 - 000001376 _____ C:\Users\Public\Desktop\Wondershare TunesGo.lnk
2017-11-11 13:13 - 2017-07-05 09:25 - 000004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8921971B-2D18-480B-8C11-EE2A78699D52}
2017-11-11 13:12 - 2015-07-10 12:04 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-11-11 13:07 - 2016-01-26 21:06 - 000000000 ____D C:\Users\micha\AppData\Roaming\uTorrent
2017-11-11 13:06 - 2017-07-05 09:25 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-11-11 13:06 - 2017-06-14 19:10 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-11 13:06 - 2017-01-26 14:26 - 000570152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-11 12:59 - 2017-05-08 09:16 - 000000000 ____D C:\Users\micha\AppData\LocalLow\uTorrent
2017-11-11 12:39 - 2017-07-05 09:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-11 10:55 - 2016-02-12 21:11 - 000000000 ____D C:\Users\micha\AppData\Local\781CD1E9-0D91-40D0-8603-FAF49C786103.aplzod
2017-11-10 17:44 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-10 17:44 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-03 22:00 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Roaming\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000002278 _____ C:\Users\micha\Desktop\WhatsApp.lnk
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Local\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Local\SquirrelTemp
2017-11-02 21:30 - 2016-01-26 15:38 - 000000000 ___RD C:\Users\micha\OneDrive
2017-11-02 20:36 - 2017-07-19 17:22 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2976775506-2560316150-966240833-1001
2017-11-02 20:36 - 2016-01-26 15:38 - 000002427 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-30 21:05 - 2017-07-05 09:25 - 000004714 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-30 21:05 - 2017-07-05 09:25 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-10-30 21:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-30 21:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-22 12:07 - 2017-09-10 19:05 - 000000000 ____D C:\Users\micha\Desktop\Videoclip Svatba
2017-10-20 17:04 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-20 17:00 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-17 19:50 - 2016-01-26 15:36 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2017-10-17 17:17 - 2017-08-06 16:57 - 000000000 ____D C:\Users\micha\Documents\CyberLink
2017-10-15 21:35 - 2016-01-26 20:48 - 000000000 ____D C:\Users\micha\AppData\Local\JDownloader v2.0
2017-10-15 20:54 - 2016-02-27 11:09 - 000000000 ____D C:\Users\micha\AppData\Roaming\MPC-HC
2017-10-15 13:01 - 2017-08-28 19:51 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 18:29 - 2016-01-31 09:09 - 000000000 ____D C:\Users\micha\Desktop\Amazon
2017-10-12 18:05 - 2017-08-31 19:09 - 000000000 ____D C:\Users\micha\AppData\Local\OfficeBSCache-OD-michaela.strnadova@email.cz
2017-10-12 17:59 - 2016-02-01 11:24 - 000000000 ____D C:\Users\micha\AppData\Local\Adobe
2017-10-12 17:26 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-12 17:26 - 2016-01-26 15:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-12 17:15 - 2017-07-05 09:17 - 000431520 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2017-11-11 13:12 - 2017-11-11 13:12 - 000011568 _____ () C:\Users\micha\AppData\Local\InstallationConfiguration.xml
2017-11-11 13:12 - 2017-11-11 13:12 - 000140800 _____ () C:\Users\micha\AppData\Local\installer.dat
2017-11-11 13:12 - 2017-11-11 13:14 - 000930816 _____ () C:\Users\micha\AppData\Local\po.db

Some files in TEMP:
====================
2017-10-15 13:55 - 2017-10-15 13:55 - 000040448 ____N () C:\Users\micha\AppData\Local\Temp\proxy_vole429136364760764545.dll
2017-10-15 13:55 - 2017-10-15 13:55 - 000040448 ____N () C:\Users\micha\AppData\Local\Temp\proxy_vole9109582225113044753.dll
2017-11-11 13:15 - 2017-11-09 23:45 - 004285440 _____ () C:\Users\micha\AppData\Local\Temp\sourse.exe
2017-11-11 13:16 - 2017-11-11 13:16 - 004084712 _____ (SystemHealer ) C:\Users\micha\AppData\Local\Temp\SystemHealer.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-03 17:48

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.35 GB) (Free:18.84 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (ZALOHA) (Fixed) (Total:931.51 GB) (Free:229.97 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:101.68 GB) NTFS

Available physical RAM: 5328.67 MB
Total physical RAM: 8120.02 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A380F967)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 15B65200)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 15B65201)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PjDfytumxbayONn.job => C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\micha\Desktop" je 19237 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 11 16:04:30 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: P2PEnhance


***** [ Folders ] *****

Deleted: C:\Users\micha\Documents\PCSpeedUp
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Deleted: C:\Users\micha\AppData\Local\\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Deleted: C:\Users\micha\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Users\micha\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Deleted: C:\Users\micha\AppData\Local\AdService
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
Deleted: C:\Users\micha\AppData\Roaming\System Healer
Deleted: C:\Program Files (x86)\SystemHealer
Deleted: C:\ProgramData\Microleaves
Deleted: C:\Program Files (x86)\Microleaves
Deleted: C:\Users\All Users\Microleaves
Deleted: C:\Users\micha\AppData\Roaming\Microleaves
Deleted: C:\Program Files (x86)\zTWnHlzwjSUn
Deleted: C:\Program Files (x86)\kqEuPYMaU
Deleted: C:\Program Files (x86)\ZfJRwqLPhIE
Deleted: C:\Program Files (x86)\JIdcnntTvnKU2
Deleted: C:\\Users\Public\Documents\XMUpdate
Deleted: C:\ProgramData\34237f02-18a3-1
Deleted: C:\ProgramData\34237f02-7801-0
Deleted: C:\ProgramData\8a3aa5c6-2881-1
Deleted: C:\ProgramData\8a3aa5c6-4981-0


***** [ Files ] *****

Deleted: C:\Users\micha\appdata\local\installationconfiguration.xml
Deleted: C:\Windows\SysNative\drivers\wfcre.sys
Deleted: C:\Users\micha\AppData\Local\PO.DB


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Online Application V2G1
Deleted: Online Application V2G3
Deleted: Online Application V2G2
Deleted: PC SpeedUp Service Deactivator
Deleted: LaCieS
Deleted: zjwPaeaadZaNwF
Deleted: PjDfytumxbayONn2
Deleted: PjDfytumxbayONn
Deleted: Updater_Online_Application


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted: [Key] - HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Software\FastDataX
Deleted: [Key] - HKCU\Software\FastDataX
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup
Deleted: [Key] - HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Software\System Healer
Deleted: [Key] - HKCU\Software\System Healer
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer_is1
Deleted: [Value] - HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Software\Microsoft\Windows\CurrentVersion\Run|PQwick
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|PQwick
Deleted: [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SpeedCheckerService.exe
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Deleted: [Key] - HKLM\SOFTWARE\Speedchecker Limited
Deleted: [Key] - HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Software\Speedchecker Limited
Deleted: [Key] - HKCU\Software\Speedchecker Limited
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted: [Key] - HKU\S-1-5-21-2976775506-2560316150-966240833-1001\Software\SetupCompany
Deleted: [Key] - HKCU\Software\SetupCompany
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|AdsServiceGroup


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Ask Search - ask search
SearchProvider deleted: slunecnice.cz - slunecnice.cz
SearchProvider deleted: Conduit - search.conduit.com
SearchProvider deleted: ICQ Search - search.icq.com
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.seznam.cz/
Startpage deleted: http://www.facebook.com/michaelastrnadova
Startpage deleted: http://www.youtube.com/
Startpage deleted: http://www.gmail.com/
Startpage deleted: http://search.conduit.com/?ctid=CT33071 ... pv=TB_CNI3
Startpage deleted: http://www.google.com/


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [3949 B] - [2016/9/5 18:26:36]
C:/AdwCleaner/AdwCleaner[S0].txt - [3992 B] - [2016/9/5 18:25:9]
C:/AdwCleaner/AdwCleaner[S1].txt - [6913 B] - [2017/11/11 16:4:1]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-11-2017
Ran by micha (administrator) on MISA_WIN10 (11-11-2017 17:47:33)
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Keepvid) C:\Program Files (x86)\KeepVid\KAF\2.4.2.222\KvAppService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotydl) C:\Program Files (x86)\Spotydl\spotydl.exe
(Spotify Ltd) C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-11] (AVAST Software)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [2447712 2017-06-11] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [949960 2015-06-07] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-10-18] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15375312 2017-06-21] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5388128 2017-06-11] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-15] (Western Digital Technologies, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotify] => C:\Users\micha\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-10] (Spotify Ltd)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotydl] => C:\Program Files (x86)\Spotydl\spotydl.exe [1878016 2014-02-22] (Spotydl)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-2976775506-2560316150-966240833-1001\...\Run: [Spotify Web Helper] => C:\Users\micha\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-10] (Spotify Ltd)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{bd374a84-fd92-49ff-81fd-5df053db3bd2}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.facebook.co ... google.com"
CHR Profile: C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default [2017-11-11]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-10-11]
CHR Extension: (iPrima) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\alafgdbefgihkggefobnlmlpnifnfedd [2017-10-11]
CHR Extension: (Disk Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-26]
CHR Extension: (YouTube) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-26]
CHR Extension: (Vyhledávání Google) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-26]
CHR Extension: (Ulož.to) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjibnfalpbggjkaomijnloodkdkgcdj [2017-10-11]
CHR Extension: (HBO GO) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdpjjopjiimbecggfmcbkbifdgblapo [2017-10-11]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\knmnopfmccchnnfdoiddbihbcboeedll [2017-11-11]
CHR Extension: (Slovní fotbal) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkjfkiapgnfmeedpjapeiaajpjgmphf [2017-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-26]
CHR Extension: (Chrome Media Router) - C:\Users\micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [332368 2017-11-11] (AVAST Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 KvAppService; C:\Program Files (x86)\Keepvid\KAF\2.4.2.222\KvAppService.exe [474824 2017-03-10] (Keepvid)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2283984 2017-06-21] (Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [675184 2017-06-11] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331632 2017-06-11] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo Retro\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-11] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-11] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-11] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455384 2017-11-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-11] (AVAST Software)
R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (AVerMedia TECHNOLOGIES, Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 wfcre; C:\WINDOWS\System32\drivers\wfcre.sys [124288 2017-07-04] ()
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [22528 2017-03-14] () [File not signed]
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-06-07] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-11 17:47 - 2017-11-11 17:47 - 000000000 ____D C:\Users\micha\Desktop\FRST-OlderVersion
2017-11-11 17:01 - 2017-11-11 17:01 - 008261584 _____ (Malwarebytes) C:\Users\micha\Desktop\adwcleaner_7.0.4.0.exe
2017-11-11 15:50 - 2017-11-11 15:50 - 000000566 _____ C:\Users\micha\Documents\starburn.txt
2017-11-11 15:50 - 2017-11-11 15:50 - 000000000 ____D C:\Users\micha\Documents\Wondershare Filmora
2017-11-11 13:47 - 2017-11-11 13:47 - 000015022 _____ C:\Users\micha\Desktop\Addition.rar
2017-11-11 13:40 - 2017-11-11 13:40 - 000054657 _____ C:\Users\micha\Desktop\Addition.txt
2017-11-11 13:39 - 2017-11-11 17:47 - 000018600 _____ C:\Users\micha\Desktop\FRST.txt
2017-11-11 13:37 - 2017-11-11 17:47 - 000000000 ____D C:\FRST
2017-11-11 13:34 - 2017-11-11 13:34 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-11 13:28 - 2017-11-11 17:47 - 002392576 _____ (Farbar) C:\Users\micha\Desktop\FRST64.exe
2017-11-11 13:24 - 2017-11-11 13:24 - 000000270 __RSH C:\Users\micha\ntuser.pol
2017-11-11 13:21 - 2017-11-11 13:21 - 000000000 ___HD C:\$AV_ASW
2017-11-11 13:15 - 2017-11-11 13:15 - 000000000 ____D C:\Program Files (x86)\CompanyKooxa
2017-11-11 13:12 - 2017-11-11 13:12 - 000140800 _____ C:\Users\micha\AppData\Local\installer.dat
2017-11-11 13:12 - 2017-11-11 13:12 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Users\micha\AppData\LocalLow\CelGrfgXIrZdI
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-11-11 13:12 - 2017-11-11 13:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G6.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G5.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000372 _____ C:\WINDOWS\Tasks\Online Application V2G4.job
2017-11-11 13:11 - 2017-11-11 13:24 - 000000000 ____D C:\Disk
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G6
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G5
2017-11-11 13:11 - 2017-11-11 13:11 - 000003262 _____ C:\WINDOWS\System32\Tasks\Online Application V2G4
2017-11-11 13:11 - 2017-11-11 13:11 - 000000000 ____D C:\Windat
2017-11-11 13:06 - 2017-11-11 13:06 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-11 13:06 - 2017-11-11 13:06 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-09 21:48 - 2017-11-09 21:48 - 000001042 _____ C:\Users\micha\Desktop\fb text reklama.txt
2017-11-07 20:46 - 2017-11-10 19:10 - 000000000 ____D C:\Users\micha\Desktop\maminka job
2017-11-02 21:17 - 2017-11-02 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-02 21:16 - 2017-11-02 21:16 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\Program Files\iTunes
2017-11-02 21:16 - 2017-11-02 21:16 - 000000000 ____D C:\Program Files\iPod
2017-10-17 20:42 - 2017-10-18 20:33 - 000568102 _____ C:\Users\micha\Desktop\Wedding Day Kata and Radek 8.9.2017.pds
2017-10-17 19:54 - 2017-11-11 14:19 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-15 13:49 - 2017-10-15 13:49 - 000000000 ____D C:\TempProjekty
2017-10-15 13:26 - 2017-10-15 20:42 - 000000000 ____D C:\ProgramData\Extreme Picture Finder

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-11 17:09 - 2017-07-05 09:27 - 002702518 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-11 17:09 - 2017-03-20 05:43 - 001220018 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-11 17:09 - 2017-03-20 05:43 - 000295034 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-11 17:07 - 2017-07-05 09:25 - 000003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-11-11 17:05 - 2017-07-05 09:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-11 17:05 - 2017-07-05 09:18 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-11 17:05 - 2017-04-18 15:36 - 000000000 ____D C:\Users\micha\AppData\Roaming\Spotify
2017-11-11 17:05 - 2017-04-18 15:36 - 000000000 ____D C:\Users\micha\AppData\Local\Spotify
2017-11-11 17:05 - 2016-02-12 21:10 - 000000000 ___RD C:\Users\micha\iCloudDrive
2017-11-11 17:04 - 2017-08-28 19:51 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-11-11 17:04 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-11-11 17:04 - 2016-09-05 19:24 - 000000000 ____D C:\AdwCleaner
2017-11-11 17:01 - 2017-07-05 09:18 - 000000000 ____D C:\Users\micha
2017-11-11 14:36 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-11 14:36 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-11 14:20 - 2017-05-08 06:43 - 000000000 ____D C:\Users\micha\AppData\Roaming\Wondershare
2017-11-11 14:20 - 2016-06-20 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-11-11 14:19 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-11 14:19 - 2016-02-27 11:09 - 000000000 ____D C:\Users\micha\AppData\Roaming\MPC-HC
2017-11-11 14:19 - 2016-01-26 21:06 - 000000000 ____D C:\Users\micha\AppData\Roaming\uTorrent
2017-11-11 13:45 - 2016-01-26 17:12 - 000000000 ____D C:\Users\micha\AppData\Roaming\Skype
2017-11-11 13:34 - 2016-09-05 17:18 - 000000000 ____D C:\Program Files\trend micro
2017-11-11 13:13 - 2017-07-05 09:25 - 000004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8921971B-2D18-480B-8C11-EE2A78699D52}
2017-11-11 13:12 - 2015-07-10 12:04 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-11-11 13:06 - 2017-07-05 09:25 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-11-11 13:06 - 2017-06-14 19:10 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-11 13:06 - 2017-02-09 14:17 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-11 13:06 - 2017-01-26 14:26 - 000570152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-11 13:06 - 2016-01-26 17:16 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-11 12:59 - 2017-05-08 09:16 - 000000000 ____D C:\Users\micha\AppData\LocalLow\uTorrent
2017-11-11 12:39 - 2017-07-05 09:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-11 10:55 - 2016-02-12 21:11 - 000000000 ____D C:\Users\micha\AppData\Local\781CD1E9-0D91-40D0-8603-FAF49C786103.aplzod
2017-11-03 22:00 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Roaming\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000002278 _____ C:\Users\micha\Desktop\WhatsApp.lnk
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Local\WhatsApp
2017-11-03 19:57 - 2017-09-05 20:58 - 000000000 ____D C:\Users\micha\AppData\Local\SquirrelTemp
2017-11-02 21:30 - 2016-01-26 15:38 - 000000000 ___RD C:\Users\micha\OneDrive
2017-11-02 20:36 - 2017-07-19 17:22 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2976775506-2560316150-966240833-1001
2017-11-02 20:36 - 2016-01-26 15:38 - 000002427 _____ C:\Users\micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-30 21:05 - 2017-07-05 09:25 - 000004714 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-30 21:05 - 2017-07-05 09:25 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-10-30 21:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-30 21:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-22 12:07 - 2017-09-10 19:05 - 000000000 ____D C:\Users\micha\Desktop\Videoclip Svatba
2017-10-20 17:00 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-17 19:50 - 2016-01-26 15:36 - 000000000 ____D C:\Users\micha\AppData\Local\Packages
2017-10-17 17:17 - 2017-08-06 16:57 - 000000000 ____D C:\Users\micha\Documents\CyberLink
2017-10-15 21:35 - 2016-01-26 20:48 - 000000000 ____D C:\Users\micha\AppData\Local\JDownloader v2.0
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 18:29 - 2016-01-31 09:09 - 000000000 ____D C:\Users\micha\Desktop\Amazon
2017-10-12 18:05 - 2017-08-31 19:09 - 000000000 ____D C:\Users\micha\AppData\Local\OfficeBSCache-OD-michaela.strnadova@email.cz
2017-10-12 17:59 - 2016-02-01 11:24 - 000000000 ____D C:\Users\micha\AppData\Local\Adobe
2017-10-12 17:26 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-12 17:26 - 2016-01-26 15:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-12 17:15 - 2017-07-05 09:17 - 000431520 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2017-11-11 13:12 - 2017-11-11 13:12 - 000140800 _____ () C:\Users\micha\AppData\Local\installer.dat

Some files in TEMP:
====================
2017-11-11 13:15 - 2017-11-09 23:45 - 004285440 _____ () C:\Users\micha\AppData\Local\Temp\sourse.exe
2017-11-11 13:16 - 2017-11-11 13:16 - 004084712 _____ (SystemHealer ) C:\Users\micha\AppData\Local\Temp\SystemHealer.exe
2017-11-11 14:20 - 2017-11-11 13:15 - 000099888 _____ () C:\Users\micha\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-03 17:48

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
BHO-x32: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
C:\Users\micha\AppData\LocalLow\CelGrfgXIrZdI
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\micha\AppData\Local\Temp
System Healer (HKLM-x32\...\SystemHealer_is1) (Version: 4.4.0.3 - SystemHealer) <==== ATTENTION
YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.381 - Company Inc.) <==== ATTENTION
Task: {273EFE91-4069-4C83-9589-61345838E8FB} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: {678FF561-F947-435F-9B3A-D579A9530B95} - \{0E040547-0A08-0879-7A11-7E7E0C0E1178} -> No File <==== ATTENTION
Task: {6B91B182-D491-4AED-AE48-E6467E2C1E7E} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C8A924B-5647-471C-B24F-BED3CE0C4108} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C979C02-1AD6-49D7-8362-3466D6FE91D3} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {73C4E648-41F5-4F2E-B23E-5336F6D9C8D0} - \LaCieS -> No File <==== ATTENTION
Task: {DF5B84CE-BD68-4DA9-A124-23F12B00049C} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PjDfytumxbayONn.job => C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
(Microsoft Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy?click_id=yEyEzz0AyD0ByD0F0C0Azy0E0ByE0DyE2RtBtDtCyCtDtCtByCtBtDyEzytDyDtCzzzy

EmptyTemp:
ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-11-2017
Ran by micha (11-11-2017 21:03:30) Run:1
Running from C:\Users\micha\Desktop
Loaded Profiles: micha (Available Profiles: micha)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
BHO-x32: No Name -> {C0D38E5A-7CF8-4105-8FE8-31B81443A114} -> No File
C:\Users\micha\AppData\LocalLow\CelGrfgXIrZdI
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\micha\AppData\Local\Temp
System Healer (HKLM-x32\...\SystemHealer_is1) (Version: 4.4.0.3 - SystemHealer) <==== ATTENTION
YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.381 - Company Inc.) <==== ATTENTION
Task: {273EFE91-4069-4C83-9589-61345838E8FB} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: {678FF561-F947-435F-9B3A-D579A9530B95} - \{0E040547-0A08-0879-7A11-7E7E0C0E1178} -> No File <==== ATTENTION
Task: {6B91B182-D491-4AED-AE48-E6467E2C1E7E} - System32\Tasks\Online Application V2G6 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C8A924B-5647-471C-B24F-BED3CE0C4108} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {6C979C02-1AD6-49D7-8362-3466D6FE91D3} - System32\Tasks\Online Application V2G4 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-11-02] () <==== ATTENTION
Task: {73C4E648-41F5-4F2E-B23E-5336F6D9C8D0} - \LaCieS -> No File <==== ATTENTION
Task: {DF5B84CE-BD68-4DA9-A124-23F12B00049C} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G4.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G5.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G6.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\PjDfytumxbayONn.job => C:\Program Files (x86)\kqEuPYMaU\ukIowE.dll
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
(Microsoft Corporation) -> hxxp://mmotraffic.com/catalog/goplay/10 ... tDyDtCzzzy

EmptyTemp:
ResetHosts:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} => key not found.
C:\Users\micha\AppData\LocalLow\CelGrfgXIrZdI => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully

"C:\Users\micha\AppData\Local\Temp" folder move:

Could not move "C:\Users\micha\AppData\Local\Temp" => Scheduled to move on reboot.

System Healer (HKLM-x32\...\SystemHealer_is1) (Version: 4.4.0.3 - SystemHealer) <==== ATTENTION => Error: No automatic fix found for this entry.
YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.381 - Company Inc.) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{273EFE91-4069-4C83-9589-61345838E8FB} => key not found.
C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC SpeedUp Service Deactivator => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{678FF561-F947-435F-9B3A-D579A9530B95} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{678FF561-F947-435F-9B3A-D579A9530B95} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0E040547-0A08-0879-7A11-7E7E0C0E1178} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B91B182-D491-4AED-AE48-E6467E2C1E7E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B91B182-D491-4AED-AE48-E6467E2C1E7E} => key removed successfully
C:\WINDOWS\System32\Tasks\Online Application V2G6 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G6 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C8A924B-5647-471C-B24F-BED3CE0C4108} => key not found.
C:\WINDOWS\System32\Tasks\Online Application V2G1 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G1 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C979C02-1AD6-49D7-8362-3466D6FE91D3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C979C02-1AD6-49D7-8362-3466D6FE91D3} => key removed successfully
C:\WINDOWS\System32\Tasks\Online Application V2G4 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G4 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73C4E648-41F5-4F2E-B23E-5336F6D9C8D0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaCieS => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5B84CE-BD68-4DA9-A124-23F12B00049C} => key not found.
C:\WINDOWS\System32\Tasks\Updater_Online_Application => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application => key not found.
C:\WINDOWS\Tasks\Online Application V2G1.job => not found.
C:\WINDOWS\Tasks\Online Application V2G2.job => not found.
C:\WINDOWS\Tasks\Online Application V2G3.job => not found.
C:\WINDOWS\Tasks\Online Application V2G4.job => moved successfully
C:\WINDOWS\Tasks\Online Application V2G5.job => moved successfully
C:\WINDOWS\Tasks\Online Application V2G6.job => moved successfully
C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => not found.
C:\WINDOWS\Tasks\PjDfytumxbayONn.job => not found.
C:\WINDOWS\Tasks\Updater_Online_Application.job => not found.
-> hxxp://mmotraffic.com/catalog/goplay/10 ... tDyDtCzzzy => No running process found
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 83010850 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 73790457 B
Edge => 518082 B
Chrome => 563062030 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 0 B
micha => 51477156 B

RecycleBin => 15415 B
EmptyTemp: => 743.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-11-2017 21:15:49)

C:\Users\micha\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:15:49 ====

Smazáno. Nastala nějaká změna?

Rudy moc dekuji za pomoc, pc pracuje perfektne

Jsi sikula.

Preji hezky den.

Misa

Dík za uznání a nemáte zač!