VIRY.CZ

Logfile of random's system information tool 1.16 (written by random/random)
Run by admin at 2018-02-13 15:01:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (27%) free of 238 GB
Total RAM: 2013 MB (20% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:52, on 13.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\admin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\Setup\Instup.exe
C:\Users\admin\Desktop\RSIT (2).exe
C:\Program Files\trend micro\admin_RSIT (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\admin\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .203.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Hydrup - Software - C:\Program Files\Common Files\Hydrup\hydrup.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Tekla Warehouse - Tekla - C:\Program Files\Tekla Warehouse\Tekla.Warehouse.WindowsService.exe

--
End of file - 8386 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d1ea437ada7bd5 - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1d1ea437f58347a - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468488872 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{08D06A52-1801-4FB3-933C-9A6B8B75EAC8} - C:\Program Files\Skype\\Phone\Skype.exe
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1189625069-2542699651-1591823224-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\Windows\system32\tasks\AVAST Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\extensions\
battlefieldheroespatcher@ea.com
sko-extension@firma.seznam.cz

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\addons.json
Seznam pro Firefox - Esko - extension - sko-extension@firma.seznam.cz

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\extensions.json
Battlefield Heroes Updater - extension - battlefieldheroespatcher@ea.com -
Seznam pro Firefox - Esko - webextension - sko-extension@firma.seznam.cz -
Avast Online Security - webextension - wrc@avast.com - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles/buwccx2j.default\extensions\wrc@avast.com.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles/buwccx2j.default\extensions\sp@avast.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Firefox Screenshots - extension - screenshots@mozilla.org -
Web Compat - extension - webcompat@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Activity Stream - extension - activity-stream@mozilla.org -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\pluginreg.dat
Plugin - Shockwave Flash - 27.0.0.187 - C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll

=========Google Chrome=========

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension almaegelniajagnlfnlbobmgnkangcoi 0 Runtime 2.9 1.0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam pro Chrome - Email 4.1.1
Extension blmojkbhnkkphngknkmgccmlenfaelkd 0 Seznam pro Chrome - Esko- 4.1.1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bpimjanmknifnoiajikmhmhmlihdccbd 1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension ddiblodcpaaieoopolanaoecbhicgjfo 1
Extension dlggapfljcnbmajohkhhapaoajopbncm 1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension ehloibeiaffhibffchiobihgcainmcep 1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.433
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension geklbcigmpeljogplgbgnakkbajkkmbb 1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension ginepjojjbmfbfiibfdebddmbkjmgfle 1
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.296
Extension ibgbdgngjflpkahkoabmiijlaggkinaj 1
Extension ilfoopambfaclfjmpiaijnccgcmbeigi 1 FormApps Extension 2.5.0.27
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mmebmmnpohfhoknnlpohjaembcipocaa 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.6
Extension nmbfljkmcghmakofbhhgemjhboabdkcn 1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension ogminpmldncgcmokldnmmapddoccmhfl 1
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam pro Chrome - Esko 4.1.1
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6417.1211.0.0
Homepage:
default_search_provider.search_url:
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?trackid=s ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-22 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-22 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-04 246120]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Autodesk Desktop App"=C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2017-06-15 704424]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"cz.seznam.software.autoupdate"=C:\Users\admin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Akamai NetSession Interface"=C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [2017-01-03 4490200]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2017-02-03 1772568]

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\64.0.3282.140\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-02-13 15:01:38 ----D---- C:\Program Files\trend micro
2018-02-13 15:01:37 ----D---- C:\rsit
2018-02-13 14:47:19 ----D---- C:\ProgramData\SWCUTemp
2018-02-11 11:32:59 ----A---- C:\Windows\system32\aswBoot.exe
2018-02-10 13:31:05 ----D---- C:\ProgramData\BSD
2018-02-10 13:27:11 ----D---- C:\Program Files\Solvusoft
2018-02-10 13:25:12 ----D---- C:\Users\admin\AppData\Roaming\Solvusoft
2018-02-10 13:25:12 ----D---- C:\ProgramData\Solvusoft
2018-02-10 13:25:11 ----D---- C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}

======List of files/folders modified in the last 1 month======

2018-02-13 15:01:38 ----RD---- C:\Program Files
2018-02-13 15:01:15 ----D---- C:\Windows\Temp
2018-02-13 14:53:22 ----D---- C:\Users\admin\AppData\Roaming\Seznam.cz
2018-02-13 14:51:36 ----D---- C:\Windows\system32\config
2018-02-13 14:51:08 ----D---- C:\ProgramData\boost_interprocess
2018-02-13 14:48:28 ----D---- C:\Program Files\TeamViewer
2018-02-13 14:47:19 ----HD---- C:\ProgramData
2018-02-13 14:46:34 ----D---- C:\Program Files\Google
2018-02-13 14:46:33 ----D---- C:\Windows\system32\drivers
2018-02-11 21:21:13 ----D---- C:\Stereo2017 v19
2018-02-11 19:45:56 ----SHD---- C:\System Volume Information
2018-02-11 19:24:38 ----SHD---- C:\Windows\Installer
2018-02-11 19:03:37 ----D---- C:\Windows\system32\FxsTmp
2018-02-11 16:47:46 ----D---- C:\Windows\System32
2018-02-11 16:47:46 ----D---- C:\Windows\inf
2018-02-11 16:47:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-11 11:39:33 ----D---- C:\Windows\system32\Tasks
2018-02-11 11:31:35 ----D---- C:\Windows\Tasks
2018-02-11 11:31:35 ----D---- C:\Windows\system32\wfp
2018-02-11 11:31:33 ----D---- C:\Windows\system32\wbem
2018-02-11 11:31:33 ----D---- C:\Windows
2018-02-11 11:30:41 ----D---- C:\Windows\system32\DriverStore
2018-02-11 11:30:41 ----D---- C:\Windows\system32\drivers\etc
2018-02-11 11:30:41 ----D---- C:\Windows\system32\catroot2
2018-02-11 11:30:25 ----D---- C:\Stereo2016 v18
2018-02-11 11:30:24 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-02-11 11:30:24 ----D---- C:\Program Files\Mozilla Firefox
2018-02-11 11:30:07 ----D---- C:\Windows\registration
2018-02-11 10:38:33 ----D---- C:\Windows\Prefetch
2018-01-20 07:26:29 ----D---- C:\Windows\Microsoft.NET

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-04 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-04 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-04 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-04 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-04 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-04 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-04 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-04 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-09-11 39784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-04 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-04 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-17 242240]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-04 151328]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-04 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 17408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2017-06-15 1353208]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-04 301168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 99896]
R2 Hydrup;Hydrup; C:\Program Files\Common Files\Hydrup\hydrup.exe [2015-03-27 266536]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-02-27 75136]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2018-02-02 6634224]
R2 Tekla Warehouse;Tekla Warehouse; C:\Program Files\Tekla Warehouse\Tekla.Warehouse.WindowsService.exe [2017-01-23 18192]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-22 272384]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-04 5906816]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2017-09-20 1233376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-17 175568]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-01 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Ahoj

Ak nepouzivas, odporcam odinstalovat Seznam.cz listicku (Start -> Ovladaci panel -> Odinstalovat program), vratane doplnkov v prehliadacoch.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

# AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 13 15:52:24 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: Hydrup


***** [ Folders ] *****

Deleted: C:\ProgramData\BSD\DriverHive
Deleted: C:\ProgramData\Application Data\BSD\DriverHive
Deleted: C:\Users\All Users\BSD\DriverHive
Deleted: C:\Program Files\Common Files\Hydrup
Deleted: C:\ProgramData\BSD\DriverHiveEngine
Deleted: C:\ProgramData\Application Data\BSD\DriverHiveEngine
Deleted: C:\Users\All Users\BSD\DriverHiveEngine
Deleted: C:\Program Files\Iminent
Deleted: C:\Users\admin\AppData\Local\Temp\Iminent
Deleted: C:\ProgramData\Solvusoft
Deleted: C:\ProgramData\Application Data\Solvusoft
Deleted: C:\Program Files\Solvusoft
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
Deleted: C:\Users\admin\AppData\Roaming\Solvusoft
Deleted: C:\Users\All Users\Solvusoft


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin
Deleted: [Key] - HKLM\SOFTWARE\Iminent
Deleted: [Key] - HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Iminent
Deleted: [Key] - HKCU\Software\Iminent
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\qualitink
Deleted: [Key] - HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\qualitink
Deleted: [Key] - HKCU\Software\qualitink
Deleted: [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Deleted: [Key] - HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4839 B] - [2018/2/13 15:51:4]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Poprosim o logy z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12.02.2018
Ran by admin (administrator) on ADMIN-PC (13-02-2018 17:03:43)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-04] (AVAST Software)
HKLM\...\Run: [Autodesk Desktop App] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG)
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1772568 2017-02-03] (Autodesk, Inc.)
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: {4404d920-0b01-11e6-8fd2-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1772568 2017-02-03] (Autodesk, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2011-03-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 10.140.6.1
Tcpip\..\Interfaces\{3466E51E-DFCA-4499-9A4C-A6D76A0FFC6C}: [DhcpNameServer] 192.168.2.1 10.140.6.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> {7494A462-49D8-482C-84AE-176E4C8343D2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-22] (Oracle Corporation)
Toolbar: HKLM - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default [2018-02-11]
FF Homepage: Mozilla\Firefox\Profiles\buwccx2j.default -> about:home
FF Extension: (Battlefield Heroes Updater) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\battlefieldheroespatcher@ea.com [2011-08-10] [Legacy] [not signed]
FF Extension: (Avast SafePrice) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\sp@avast.com.xpi [2017-11-20]
FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\wrc@avast.com.xpi [2017-11-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-22] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1189625069-2542699651-1591823224-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1189625069-2542699651-1591823224-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-08-29] (Pando Networks)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-02-13]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Runtime 2.9) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\almaegelniajagnlfnlbobmgnkangcoi [2017-06-12]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-13]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-01-14]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-14]
CHR Extension: (FormApps Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-11]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2018-01-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-04] (AVAST Software)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2017-09-20] (Flexera Software LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-02-27] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
S2 Tekla Warehouse; C:\Program Files\Tekla Warehouse\Tekla.Warehouse.WindowsService.exe [18192 2017-01-23] (Tekla)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2018-01-04] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2018-01-04] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2018-01-04] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2018-01-04] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2018-01-04] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2018-01-04] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2018-01-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2018-01-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2018-01-04] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2018-01-04] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2018-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2018-01-04] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-11-17] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 17:03 - 2018-02-13 17:05 - 000016654 _____ C:\Users\admin\Desktop\FRST.txt
2018-02-13 17:02 - 2018-02-13 17:02 - 001764352 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2018-02-13 17:02 - 2018-02-13 17:02 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2018-02-13 16:56 - 2018-02-13 16:56 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-13 16:49 - 2018-02-13 16:52 - 000000000 ____D C:\AdwCleaner
2018-02-13 16:47 - 2018-02-13 16:48 - 008222496 _____ (Malwarebytes) C:\Users\admin\Downloads\adwcleaner_7.0.8.0.exe
2018-02-13 15:01 - 2018-02-13 15:03 - 000000000 ____D C:\rsit
2018-02-13 15:01 - 2018-02-13 15:02 - 000000000 ____D C:\Program Files\trend micro
2018-02-13 15:01 - 2018-02-13 15:01 - 001206272 _____ C:\Users\admin\Desktop\RSIT (2).exe
2018-02-13 15:01 - 2018-02-13 15:01 - 001107968 _____ C:\Users\admin\Downloads\RSIT (1).exe
2018-02-13 15:00 - 2018-02-13 15:01 - 001107968 _____ C:\Users\admin\Downloads\RSIT.exe
2018-02-11 19:02 - 2018-02-11 19:04 - 000000000 ____D C:\Users\admin\Documents\Fax
2018-02-11 19:02 - 2018-02-11 19:02 - 000000000 ___RD C:\Users\admin\Documents\Scanned Documents
2018-02-11 19:01 - 2018-02-11 19:01 - 000139260 _____ C:\Users\admin\Downloads\DPFDP5-XXXXXXXXXX-20180211-190032.pdf
2018-02-11 18:48 - 2018-02-11 18:48 - 000004272 _____ C:\Users\admin\Downloads\nabídka_Gold (1).odt
2018-02-11 18:19 - 2018-02-11 18:19 - 000004092 _____ C:\Users\admin\Downloads\nabídka_Gold.odt
2018-02-11 15:33 - 2018-02-11 15:33 - 000116875 _____ C:\Users\admin\Downloads\DPFZC1-0681501946-20180211-153136.pdf
2018-02-11 11:32 - 2018-01-04 17:21 - 000305840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-02-10 13:31 - 2018-02-13 16:52 - 000000000 ____D C:\ProgramData\BSD
2018-02-10 13:25 - 2018-02-11 11:30 - 000000000 ____D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
2018-02-10 11:23 - 2018-02-10 11:23 - 000000000 ____D C:\Users\Public\Documents\Tekla
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017.pdf
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017 (2).pdf
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017 (1).pdf
2018-02-09 18:30 - 2018-02-09 18:30 - 000067312 _____ C:\Users\admin\Downloads\osvc_2017_v1.0_vzp_web (1).pdf
2018-02-03 20:57 - 2018-02-03 21:02 - 780427264 _____ C:\Users\admin\Downloads\Nedotknutelní (2011) CZ-dabing.avi
2018-01-27 13:18 - 2018-01-27 13:25 - 1037401406 _____ C:\Users\admin\Downloads\Fargo.1996.DVDRip.XviD.CZ.avi
2018-01-27 13:02 - 2018-01-27 13:17 - 2093217070 _____ C:\Users\admin\Downloads\Velký dar [Gifted] (2017) HD 1080p CZ dabing.avi
2018-01-24 18:09 - 2018-01-24 17:38 - 000557128 _____ C:\Users\admin\Desktop\dfg.bak
2018-01-21 15:20 - 2018-01-21 15:25 - 737694592 _____ C:\Users\admin\Downloads\Kral.drozdia.brada.1984.DVDRip.XviD.MP3.SK.GTK.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-13 17:03 - 2015-04-23 18:09 - 000000000 ____D C:\FRST
2018-02-13 17:03 - 2009-07-14 05:34 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-13 17:03 - 2009-07-14 05:34 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-13 16:54 - 2017-09-20 18:28 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-13 16:54 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-13 16:52 - 2017-01-03 21:09 - 000000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2018-02-13 16:49 - 2017-03-02 20:21 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
2018-02-13 16:48 - 2017-03-02 20:21 - 000000000 ____D C:\Program Files\Seznam.cz
2018-02-13 16:13 - 2011-01-25 19:37 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-02-13 15:43 - 2017-09-20 17:32 - 000000000 ____D C:\Users\admin\AppData\Local\Akamai
2018-02-13 14:48 - 2015-04-22 22:51 - 000000000 ____D C:\Program Files\TeamViewer
2018-02-13 14:46 - 2012-03-24 20:20 - 000000000 ____D C:\Program Files\Google
2018-02-11 21:21 - 2017-01-29 22:09 - 000000000 ____D C:\Stereo2017 v19
2018-02-11 19:03 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-11 16:47 - 2011-01-25 19:37 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-11 16:47 - 2009-07-14 09:44 - 000668882 _____ C:\Windows\system32\perfh005.dat
2018-02-11 16:47 - 2009-07-14 09:44 - 000141542 _____ C:\Windows\system32\perfc005.dat
2018-02-11 16:47 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-02-11 12:11 - 2016-01-25 19:22 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-11 12:11 - 2016-01-25 19:22 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-11 11:52 - 2011-02-04 19:40 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2018-02-11 11:38 - 2015-04-26 20:26 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-02-11 11:37 - 2015-04-22 22:51 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2018-02-11 11:37 - 2015-04-22 22:51 - 000000917 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2018-02-11 11:31 - 2011-01-25 19:34 - 000000000 ____D C:\Users\admin
2018-02-11 11:30 - 2017-03-26 21:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-11 11:30 - 2016-01-12 21:10 - 000000000 ____D C:\Stereo2016 v18
2018-02-11 11:30 - 2013-12-22 02:00 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-11 11:30 - 2012-08-28 21:35 - 000000000 ____D C:\Users\admin\Documents\ZPS14
2018-02-11 11:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
2018-02-10 18:04 - 2017-04-10 06:06 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2018-02-10 10:09 - 2011-03-20 18:54 - 000000000 ____D C:\Users\admin\Documents\Nová složka
2018-01-24 18:32 - 2017-09-16 13:59 - 000000000 ____D C:\Users\admin\Desktop\Štěpa - škola

==================== Files in the root of some directories =======

2015-04-23 13:34 - 2015-05-22 03:46 - 000000020 _____ () C:\Users\admin\AppData\Roaming\appdataFr3.bin
2011-02-07 22:20 - 2017-06-21 05:28 - 000479983 _____ () C:\Users\admin\AppData\Roaming\default.pls
2011-02-06 18:15 - 2013-02-27 17:03 - 000138056 _____ () C:\Users\admin\AppData\Roaming\PnkBstrK.sys

Some files in TEMP:
====================
2015-12-27 13:41 - 2015-12-27 13:41 - 000065536 _____ () C:\Users\admin\AppData\Local\Temp\1bqt6tdp.dll
2015-09-17 04:19 - 2015-09-17 04:19 - 000010240 _____ () C:\Users\admin\AppData\Local\Temp\4vera2uf.dll
2017-09-20 18:26 - 2017-01-18 03:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\admin\AppData\Local\Temp\AcDeltree.exe
2016-09-25 17:38 - 2016-09-25 17:38 - 000000000 _____ () C:\Users\admin\AppData\Local\Temp\gmwbnzaa.dll
2015-05-11 04:33 - 2015-05-11 04:33 - 000032768 _____ () C:\Users\admin\AppData\Local\Temp\r_qrrdxl.dll
2016-09-19 19:55 - 2016-09-19 19:55 - 000000000 _____ () C:\Users\admin\AppData\Local\Temp\satge5v8.dll
2017-05-14 09:50 - 2017-05-14 09:50 - 000074240 _____ () C:\Users\admin\AppData\Local\Temp\upd.exE
2017-03-16 20:54 - 2017-03-16 20:54 - 014456872 _____ (Microsoft Corporation) C:\Users\admin\AppData\Local\Temp\vc_redist.x86.exe
2015-11-09 15:30 - 2015-11-09 15:30 - 000065536 _____ () C:\Users\admin\AppData\Local\Temp\w-li1jqb.dll
2016-07-31 19:43 - 2016-07-31 19:43 - 000004608 _____ () C:\Users\admin\AppData\Local\Temp\yh6cpvku.dll
2016-03-27 02:15 - 2016-03-27 02:15 - 003225688 _____ (Google Inc.) C:\Users\admin\AppData\Local\Temp\{9416C905-E5DD-450F-93C9-7AE68A31628E}-49.0.2623.110_49.0.2623.87_chrome_updater.exe
2017-05-20 06:08 - 2018-02-13 16:48 - 000534528 _____ () C:\Users\admin\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-09-25 06:00 - 2016-09-25 06:00 - 001246584 _____ (Google Inc.) C:\Users\admin\AppData\Local\Temp\{EDF8F406-0E86-457F-9CE7-024DC52436C2}-53.0.2785.143_53.0.2785.116_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768 [1431]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432 [703]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104 [2302]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\admin\Desktop" je 42094 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Poprosim este o log Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12.02.2018
Ran by admin (13-02-2018 17:05:55)
Running from C:\Users\admin\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-01-25 18:33:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-1189625069-2542699651-1591823224-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1189625069-2542699651-1591823224-500 - Administrator - Disabled)
Guest (S-1-5-21-1189625069-2542699651-1591823224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1189625069-2542699651-1591823224-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5002-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x86) - 3.1 (HKLM\...\{F217E438-6D3D-4330-BA97-82271926CC5A}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x86) - 5.1.4 (HKLM\...\{36AC22AD-5E3A-436E-ABF0-911257790BC6}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Dropbox (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
hppLaserJetService (HKLM\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Import souborů SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 57.0.4 (x86 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x86 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{A5CCD0C8-6D5E-4515-BDD7-2A22D5D91029}) (Version: 8.3.569 - Nero AG)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Počítačová aplikace Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Speciální aplikace Autodesk 2016-2018 (HKLM\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Stereo 2011 - ekonomický software, v.13.1.3 (HKLM\...\suc13_is1) (Version: 13.1.3 - KASTNER software s.r.o.)
Stereo 2012 - ekonomický software, v.14.1.3 (HKLM\...\suc14_is1) (Version: 14.1.3 - KASTNER software s.r.o.)
Stereo 2013 - ekonomický software, v.15.1.1 (HKLM\...\suc15_is1) (Version: 15.1.1 - KASTNER software s.r.o.)
Stereo 2014 - ekonomický software, v.16.1.1 (HKLM\...\suc16_is1) (Version: 16.1.1 - KASTNER software s.r.o.)
Stereo 2015 - ekonomický software, v.17.1.3 (HKLM\...\suc17_is1) (Version: 17.1.3 - KASTNER software s.r.o.)
Stereo 2016 - ekonomický software (HKLM\...\suc18_is1) (Version: 18.1 - KASTNER software s.r.o.)
Stereo 2017 - ekonomický software (HKLM\...\suc19_is1) (Version: 19.1 - KASTNER software s.r.o.)
TeamSpeak 3 Client (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
Tekla Warehouse Service (HKLM\...\{EFE7618B-A103-4D6F-9337-D06B60035C75}) (Version: 1.1.126.0 - Trimble Solutions Corporation)
Unity Web Player (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {018DD4CE-4B47-4AA9-809D-6D77C4D19F88} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {27B1AFAE-3BAF-45C1-8AE9-FF1329A70D32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {3C1455BA-A8BF-4C1D-AD95-3676F6639D08} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5AB64E53-034B-41FF-BDBD-9B28D231B480} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-22] (Adobe Systems Incorporated)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6313B82E-6ED7-4A16-B9D8-714122D764DC} - System32\Tasks\SafeZone scheduled Autoupdate 1468488872 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {6A56E7C7-A60D-4671-9C83-AD63D51AE1AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {75E5F267-1D14-4402-8445-929C38B62D9F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-04] (AVAST Software)
Task: {7718DDC6-63BA-427B-8EAC-331E00430832} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ea437f58347a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {9FD7C643-C489-41FE-8656-1088F8F7240B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {A2FBE91E-1178-4EB3-836C-D5AFB9D7C06F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B3A0CF63-8B6A-439C-8390-3AB02677FD2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {B4E94455-DBB4-4F21-90F7-D2AFCBDC25A0} - System32\Tasks\{08D06A52-1801-4FB3-933C-9A6B8B75EAC8} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
Task: {C67655B4-B4F9-4F10-9144-33715DA3EC1B} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ea437ada7bd5 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C8D96FD5-FF30-4B12-8107-CAFCC4FD2828} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-04 17:21 - 2018-01-04 17:21 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-02-13 14:54 - 2018-02-13 14:54 - 005777552 _____ () C:\Program Files\AVAST Software\Avast\defs\18021300\algo.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-10-05 19:17 - 2012-08-31 14:01 - 000151552 _____ () C:\Windows\System32\HP1100LM.DLL
2011-03-15 15:34 - 2012-08-31 14:01 - 000069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2017-09-20 18:20 - 2017-06-15 15:16 - 000061944 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-09-20 18:20 - 2017-06-15 15:15 - 000110584 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qjson0.dll
2011-02-06 18:14 - 2013-02-27 17:03 - 000075136 _____ () C:\Windows\system32\PnkBstrA.exe
2009-08-04 17:23 - 2009-08-04 17:23 - 000063032 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 17:23 - 2009-08-04 17:23 - 000075320 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPToolkit.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000052224 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000742400 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000195584 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000043912 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2017-09-20 18:20 - 2017-06-15 14:49 - 000279976 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
2017-07-11 10:40 - 2017-07-11 10:40 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 040640808 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000912384 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000134144 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000950272 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2018-02-11 12:10 - 2018-02-01 06:58 - 003730264 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.140\libglesv2.dll
2018-02-11 12:10 - 2018-02-01 06:58 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.140\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768 [1431]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432 [703]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104 [2302]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-02-11 11:54 - 000000856 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1 - 10.140.6.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{78F4D853-D06F-40A6-8129-158F976F1747}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{C27A8EB5-FBDB-429C-ACDC-9D0CE61C4BCC}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{676AB25D-4443-468E-8BFB-92B8F23CFDCE}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{307ED057-A774-4B4C-8520-D3B39A474E2B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{DB486AD7-5302-491E-ADF8-DE8E24C2308D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A768BF92-D56F-4BF7-BE04-8DAABB91DD2B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6414453F-BEF4-42CC-8107-20A5BB0E8473}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F309A135-6EBF-4B4E-B354-696548A4BB83}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{97663D34-674F-416C-B0E0-25B1D385E63F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{571D510D-EB68-40BE-A214-A741A6E9020F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{D10B9523-FEA1-4685-9640-679A32BBCA76}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{9CDABA41-352F-428D-AA78-8AC714A2681F}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{A24299A2-0E86-4304-AA53-760DD0A03035}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{21E2892C-E232-45B8-80D0-CE7537738EA5}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7A6E99E4-2841-41AD-9043-ADE97EE6068C}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{C0BD33BF-24E1-48CF-B779-77D2DE0EC8B5}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{330FCD53-A972-49BD-8FCA-FCC5B8D8E01A}C:\program files\nero\nero8\nero home\nerohome.exe] => (Block) C:\program files\nero\nero8\nero home\nerohome.exe
FirewallRules: [UDP Query User{BEA2757A-FB1C-4A2C-8D33-B74D1BB24EC3}C:\program files\nero\nero8\nero home\nerohome.exe] => (Block) C:\program files\nero\nero8\nero home\nerohome.exe
FirewallRules: [{AC210582-36B9-4B57-B50E-18E2C3A1D58A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{31B3EA6B-C92A-4037-AD3D-07ABBC30A0CD}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{C300C92A-D12F-4C96-8674-8A8DAF5E32A3}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{F3783A84-873D-45FC-B44C-CAB7680B2207}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{35D6F384-B9EE-411F-A6E9-BC4F4E0DF136}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{547481A9-A932-4AA9-BD83-4D5DC877954C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AA9F5141-6C83-4649-81C2-689B073991F9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{378739B4-3F5D-4CF1-9FF9-1905F3937366}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0A7CA04A-F94B-4B0A-8517-A491253F88BB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{9D9019FE-AD7C-4922-82C0-22AC51BBAC60}C:\users\admin\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\admin\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{85F9B84B-59D4-4C43-9AC1-1671EFB0A334}C:\users\admin\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\admin\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{C163F4C3-E8CB-482E-AD56-0E18E9C6E376}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4F665C21-6029-42AA-98E3-5B3835D2F33F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F820DBE7-06A3-4D9C-B426-B575964E647D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{BA947A99-4A35-4145-91CB-1737E11CB3DF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{0141ABD5-CAD7-4F0F-A91C-B292D529CFDF}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{9823E444-8DE2-4DD4-9ED7-FB85F5601980}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F1A4F4F1-3E24-48CE-AD55-D6ADECF8A9E9}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A7038AF1-5519-4C7F-AE7F-F0217BA37D87}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BAD02413-920A-4ADD-A0A0-32EA3DA4662C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{526F201C-AF85-499F-9F07-E919E3770E73}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0E15F5C2-4B2A-4C42-BC27-609847A84FE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F604A348-B610-45C5-B462-624626F825FE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9BF0377E-6B89-4826-A919-C29968FE00F0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

Doinstaluj vsetky dolezite aktualizacie cez Windows Update.

Log Addition.txt nie je cely. Ak sa nevyjde do 1 prispevku, rozdel ho na viac prispevkov alebo ho zabal do RAR/ZIP archivu a posli ako prilohu.

doinstaluju ale log je tam vlozeny cely ted jsem to kontroloval

"Velikost slozky "C:\Users\admin\Desktop" je 42094 MB."

• Toto je prilis vela a moze to sposobovat spomalenie systemu. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov.

Ked doinstalujes tie aktualizacie, pokracuj nasledovne:

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Users\admin\AppData\Roaming\PnkBstrK.sys
  File: C:\Users\admin\AppData\Local\Temp\1bqt6tdp.dll
  File: C:\Users\admin\AppData\Local\Temp\4vera2uf.dll
  File: C:\Users\admin\AppData\Local\Temp\r_qrrdxl.dll
  
  HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Policies\Explorer: [] 
  HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: {4404d920-0b01-11e6-8fd2-806e6f6e6963} - F:\HiSuiteDownLoader.exe
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> {7494A462-49D8-482C-84AE-176E4C8343D2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
  Toolbar: HKLM - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} -  No File
  Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {D5D47440-0750-463D-BAEF-A47D02414806} -  No File
  Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
  CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
  2018-02-13 16:49 - 2017-03-02 20:21 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
  2018-02-13 16:48 - 2017-03-02 20:21 - 000000000 ____D C:\Program Files\Seznam.cz
  
  CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
  CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
  CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
  CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
  CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
  Task: {018DD4CE-4B47-4AA9-809D-6D77C4D19F88} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
  Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
  Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
  Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
  Task: {9FD7C643-C489-41FE-8656-1088F8F7240B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
  Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768 [1431]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473 [2302]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764 [2302]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966 [2302]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750 [2302]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432 [703]
  AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104 [2302]
  HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
  
  Hosts:
  EmptyTemp:
  End
  

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x86) Version: 12.02.2018
Ran by admin (14-02-2018 18:46:50) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\admin\AppData\Roaming\PnkBstrK.sys
File: C:\Users\admin\AppData\Local\Temp\1bqt6tdp.dll
File: C:\Users\admin\AppData\Local\Temp\4vera2uf.dll
File: C:\Users\admin\AppData\Local\Temp\r_qrrdxl.dll

HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\MountPoints2: {4404d920-0b01-11e6-8fd2-806e6f6e6963} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> {7494A462-49D8-482C-84AE-176E4C8343D2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
Toolbar: HKLM - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
2018-02-13 16:49 - 2017-03-02 20:21 - 000000000 ____D C:\Users\admin\AppData\Roaming\Seznam.cz
2018-02-13 16:48 - 2017-03-02 20:21 - 000000000 ____D C:\Program Files\Seznam.cz

CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
Task: {018DD4CE-4B47-4AA9-809D-6D77C4D19F88} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {9FD7C643-C489-41FE-8656-1088F8F7240B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768 [1431]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750 [2302]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432 [703]
AlternateDataStreams: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104 [2302]
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\admin\AppData\Roaming\PnkBstrK.sys ========================

C:\Users\admin\AppData\Roaming\PnkBstrK.sys
File is digitally signed
MD5: 73709547A3B136DE4FCFDE3EF78C1B8F
Creation and modification date: 2011-02-06 18:15 - 2013-02-27 17:03
Size: 000138056
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/ef45702 ... 508655589/

====== End of File: ======


========================= File: C:\Users\admin\AppData\Local\Temp\1bqt6tdp.dll ========================

C:\Users\admin\AppData\Local\Temp\1bqt6tdp.dll
File not signed
MD5: F6BD3AACE6AA1520C2D77A1F3ACC98A0
Creation and modification date: 2015-12-27 13:41 - 2015-12-27 13:41
Size: 000065536
Attributes: ----A
Company Name:
Internal Name: 1bqt6tdp.dll
Original Name: 1bqt6tdp.dll
Product:
Description:
File Version: 4.118.181.0
Product Version: 4.118.181.0
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\admin\AppData\Local\Temp\4vera2uf.dll ========================

C:\Users\admin\AppData\Local\Temp\4vera2uf.dll
File not signed
MD5: 469081B260403FBBBAC545B44509996E
Creation and modification date: 2015-09-17 04:19 - 2015-09-17 04:19
Size: 000010240
Attributes: ----A
Company Name:
Internal Name: 4vera2uf.dll
Original Name: 4vera2uf.dll
Product:
Description:
File Version: 4.118.181.0
Product Version: 4.118.181.0
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\admin\AppData\Local\Temp\r_qrrdxl.dll ========================

C:\Users\admin\AppData\Local\Temp\r_qrrdxl.dll
File not signed
MD5: 581A85EEFE9E492BCC28C85DFD452980
Creation and modification date: 2015-05-11 04:33 - 2015-05-11 04:33
Size: 000032768
Attributes: ----A
Company Name:
Internal Name: r_qrrdxl.dll
Original Name: r_qrrdxl.dll
Product:
Description:
File Version: 4.118.181.0
Product Version: 4.118.181.0
Copyright:
VirusTotal: 0

====== End of File: ======

"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4404d920-0b01-11e6-8fd2-806e6f6e6963}" => removed successfully.
HKLM\Software\Classes\CLSID\{4404d920-0b01-11e6-8fd2-806e6f6e6963} => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7494A462-49D8-482C-84AE-176E4C8343D2}" => removed successfully.
HKLM\Software\Classes\CLSID\{7494A462-49D8-482C-84AE-176E4C8343D2} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806}" => removed successfully.
HKLM\Software\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806} => not found
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806}" => removed successfully.
HKLM\Software\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806} => not found
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Chrome NewTab" => removed successfully.
C:\Users\admin\AppData\Roaming\Seznam.cz => moved successfully
C:\Program Files\Seznam.cz => moved successfully
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{018DD4CE-4B47-4AA9-809D-6D77C4D19F88}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{018DD4CE-4B47-4AA9-809D-6D77C4D19F88}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FD7C643-C489-41FE-8656-1088F8F7240B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FD7C643-C489-41FE-8656-1088F8F7240B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_email1229235768" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_firmy-216282473" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_novinky-1609642764" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_prozeny771666966" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_sport6476750" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_stream1444311432" ADS removed successfully.
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website => ":DESTICON_super-41222104" ADS removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\AutoCADScriptFile" => removed successfully.
"HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Classes\.scr" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30461500 B
Java, Flash, Steam htmlcache => 5086 B
Windows/system/drivers => 262116786 B
Edge => 0 B
Chrome => 447671407 B
Firefox => 485471324 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 5442 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 121168 B
admin => 1244681340 B

RecycleBin => 2601704492 B
EmptyTemp: => 4.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:53:30 ====

Poprosim o nove logy z FRST (vloz sem obidva, pripadne zabal do archivu RAR alebo ZIP a posli ako prilohu, ak budu prilis velke).

Ako to vyzera s PC, nastala nejaka zmena, pripadne su este nejake problemy?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12.02.2018
Ran by admin (administrator) on ADMIN-PC (15-02-2018 18:44:02)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Tekla) C:\Program Files\Tekla Warehouse\Tekla.Warehouse.WindowsService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\admin\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-04] (AVAST Software)
HKLM\...\Run: [Autodesk Desktop App] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG)
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [Akamai NetSession Interface] => C:\Users\admin\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1772568 2017-02-03] (Autodesk, Inc.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1772568 2017-02-03] (Autodesk, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2011-03-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 10.140.6.1
Tcpip\..\Interfaces\{3466E51E-DFCA-4499-9A4C-A6D76A0FFC6C}: [DhcpNameServer] 192.168.2.1 10.140.6.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-20] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-22] (Oracle Corporation)
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default [2018-02-14]
FF Homepage: Mozilla\Firefox\Profiles\buwccx2j.default -> about:home
FF Extension: (Battlefield Heroes Updater) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\battlefieldheroespatcher@ea.com [2011-08-10] [Legacy] [not signed]
FF Extension: (Avast SafePrice) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\sp@avast.com.xpi [2017-11-20]
FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\buwccx2j.default\Extensions\wrc@avast.com.xpi [2017-11-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-22] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-22] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1189625069-2542699651-1591823224-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1189625069-2542699651-1591823224-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-08-29] (Pando Networks)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-02-15]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Runtime 2.9) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\almaegelniajagnlfnlbobmgnkangcoi [2017-06-12]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-13]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-01-14]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-14]
CHR Extension: (FormApps Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-14]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-11]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2018-01-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-04] (AVAST Software)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2017-09-20] (Flexera Software LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-02-27] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH)
R2 Tekla Warehouse; C:\Program Files\Tekla Warehouse\Tekla.Warehouse.WindowsService.exe [18192 2017-01-23] (Tekla)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2018-01-04] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2018-01-04] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2018-01-04] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2018-01-04] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2018-01-04] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2018-01-04] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2018-01-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2018-01-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2018-01-04] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2018-01-04] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2018-01-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2018-01-04] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-11-17] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 18:44 - 2018-02-15 18:45 - 000015676 _____ C:\Users\admin\Desktop\FRST.txt
2018-02-15 18:41 - 2018-02-15 18:41 - 000001176 _____ C:\Users\admin\Desktop\Videa – zástupce.lnk
2018-02-15 18:39 - 2018-02-15 18:39 - 000001338 _____ C:\Users\admin\Desktop\Hra o Truny – zástupce.lnk
2018-02-15 18:38 - 2018-02-15 18:38 - 000000868 _____ C:\Users\admin\Desktop\Hudba – zástupce.lnk
2018-02-15 18:36 - 2018-02-15 18:36 - 000001956 _____ C:\Users\admin\Desktop\foto babička 90 – zástupce.lnk
2018-02-15 18:36 - 2018-02-15 18:36 - 000001926 _____ C:\Users\admin\Desktop\Štěpa - škola – zástupce.lnk
2018-02-15 18:36 - 2018-02-15 18:36 - 000001926 _____ C:\Users\admin\Desktop\fotky spartan – zástupce.lnk
2018-02-15 18:36 - 2018-02-15 18:36 - 000001802 _____ C:\Users\admin\Desktop\Fotky – zástupce.lnk
2018-02-15 18:35 - 2018-02-15 18:35 - 000002009 _____ C:\Users\admin\Desktop\DOMČA SPARTA N2017 – zástupce.lnk
2018-02-15 18:25 - 2018-02-15 18:25 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-14 18:46 - 2018-02-14 18:53 - 000014265 _____ C:\Users\admin\Desktop\Fixlog.txt
2018-02-13 23:03 - 2018-02-10 20:03 - 000347296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-02-13 23:03 - 2018-02-10 07:20 - 020274176 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-02-13 23:03 - 2018-02-10 07:08 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-02-13 23:03 - 2018-02-10 07:07 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-02-13 23:03 - 2018-02-10 06:57 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-02-13 23:03 - 2018-02-10 06:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-02-13 23:03 - 2018-02-10 06:57 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-02-13 23:03 - 2018-02-10 06:57 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-02-13 23:03 - 2018-02-10 06:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-02-13 23:03 - 2018-02-10 06:54 - 002294272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-02-13 23:03 - 2018-02-10 06:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-02-13 23:03 - 2018-02-10 06:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-02-13 23:03 - 2018-02-10 06:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-02-13 23:03 - 2018-02-10 06:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-02-13 23:03 - 2018-02-10 06:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-02-13 23:03 - 2018-02-10 06:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-02-13 23:03 - 2018-02-10 06:49 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-02-13 23:03 - 2018-02-10 06:45 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-02-13 23:03 - 2018-02-10 06:42 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-02-13 23:03 - 2018-02-10 06:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-02-13 23:03 - 2018-02-10 06:38 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-02-13 23:03 - 2018-02-10 06:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-02-13 23:03 - 2018-02-10 06:36 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-02-13 23:03 - 2018-02-10 06:35 - 004498944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-02-13 23:03 - 2018-02-10 06:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-02-13 23:03 - 2018-02-10 06:35 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-02-13 23:03 - 2018-02-10 06:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-02-13 23:03 - 2018-02-10 06:33 - 013680640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-02-13 23:03 - 2018-02-10 06:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-02-13 23:03 - 2018-02-10 06:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-02-13 23:03 - 2018-02-10 06:27 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-02-13 23:03 - 2018-02-10 06:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-02-13 23:03 - 2018-02-10 06:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-02-13 23:03 - 2018-02-10 06:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-02-13 23:03 - 2018-02-10 06:10 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-02-13 23:03 - 2018-02-10 06:08 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-02-13 23:03 - 2018-01-12 17:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-02-13 23:03 - 2018-01-12 17:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-13 23:03 - 2018-01-12 17:29 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-13 23:03 - 2018-01-12 17:29 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-13 23:03 - 2018-01-12 17:29 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-13 23:03 - 2018-01-12 17:29 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-13 23:03 - 2018-01-12 17:29 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-13 23:03 - 2018-01-12 17:29 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-13 23:03 - 2018-01-12 17:27 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-02-13 23:03 - 2018-01-12 17:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-02-13 23:03 - 2018-01-12 17:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-13 23:03 - 2018-01-12 17:05 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-13 23:03 - 2018-01-12 17:05 - 000025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-13 23:03 - 2018-01-12 17:05 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-13 23:03 - 2018-01-12 17:02 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-13 23:03 - 2018-01-12 17:02 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-13 23:03 - 2018-01-12 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-13 23:03 - 2018-01-12 17:02 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-13 23:03 - 2018-01-12 17:02 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-13 23:03 - 2018-01-12 16:59 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-13 23:03 - 2018-01-12 16:57 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-13 23:03 - 2018-01-12 16:57 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-13 23:03 - 2018-01-12 16:57 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-13 23:03 - 2018-01-12 16:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-02-13 23:03 - 2018-01-12 16:56 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-02-13 23:03 - 2018-01-12 16:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-02-13 23:03 - 2018-01-12 16:56 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-02-13 23:03 - 2018-01-11 17:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-13 23:03 - 2018-01-11 17:01 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-13 23:03 - 2018-01-05 17:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-13 23:03 - 2018-01-05 17:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-13 23:03 - 2018-01-05 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-13 23:03 - 2018-01-05 17:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-02-13 23:03 - 2018-01-05 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-13 23:03 - 2018-01-05 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-13 23:03 - 2017-12-05 18:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-02-13 23:03 - 2017-12-05 16:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-02-13 23:01 - 2018-01-22 00:42 - 000117480 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-13 23:01 - 2018-01-22 00:20 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-13 23:01 - 2018-01-19 15:05 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-13 23:01 - 2018-01-19 15:05 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-13 21:42 - 2018-02-13 23:08 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-13 17:02 - 2018-02-13 17:02 - 001764352 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2018-02-13 17:02 - 2018-02-13 17:02 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2018-02-13 16:49 - 2018-02-13 16:52 - 000000000 ____D C:\AdwCleaner
2018-02-13 16:47 - 2018-02-13 16:48 - 008222496 _____ (Malwarebytes) C:\Users\admin\Downloads\adwcleaner_7.0.8.0.exe
2018-02-13 15:01 - 2018-02-13 15:03 - 000000000 ____D C:\rsit
2018-02-13 15:01 - 2018-02-13 15:02 - 000000000 ____D C:\Program Files\trend micro
2018-02-13 15:01 - 2018-02-13 15:01 - 001206272 _____ C:\Users\admin\Desktop\RSIT (2).exe
2018-02-13 15:01 - 2018-02-13 15:01 - 001107968 _____ C:\Users\admin\Downloads\RSIT (1).exe
2018-02-13 15:00 - 2018-02-13 15:01 - 001107968 _____ C:\Users\admin\Downloads\RSIT.exe
2018-02-11 19:02 - 2018-02-11 19:04 - 000000000 ____D C:\Users\admin\Documents\Fax
2018-02-11 19:02 - 2018-02-11 19:02 - 000000000 ___RD C:\Users\admin\Documents\Scanned Documents
2018-02-11 19:01 - 2018-02-11 19:01 - 000139260 _____ C:\Users\admin\Downloads\DPFDP5-XXXXXXXXXX-20180211-190032.pdf
2018-02-11 18:48 - 2018-02-11 18:48 - 000004272 _____ C:\Users\admin\Downloads\nabídka_Gold (1).odt
2018-02-11 18:19 - 2018-02-11 18:19 - 000004092 _____ C:\Users\admin\Downloads\nabídka_Gold.odt
2018-02-11 15:33 - 2018-02-11 15:33 - 000116875 _____ C:\Users\admin\Downloads\DPFZC1-0681501946-20180211-153136.pdf
2018-02-11 11:32 - 2018-01-04 17:21 - 000305840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-02-10 13:31 - 2018-02-13 16:52 - 000000000 ____D C:\ProgramData\BSD
2018-02-10 13:25 - 2018-02-11 11:30 - 000000000 ____D C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
2018-02-10 11:23 - 2018-02-10 11:23 - 000000000 ____D C:\Users\Public\Documents\Tekla
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017.pdf
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017 (2).pdf
2018-02-10 10:28 - 2018-02-10 10:28 - 000076433 _____ C:\Users\admin\Downloads\prehled-osvc-2017 (1).pdf
2018-02-09 18:30 - 2018-02-09 18:30 - 000067312 _____ C:\Users\admin\Downloads\osvc_2017_v1.0_vzp_web (1).pdf
2018-02-03 20:57 - 2018-02-03 21:02 - 780427264 _____ C:\Users\admin\Downloads\Nedotknutelní (2011) CZ-dabing.avi
2018-01-27 13:18 - 2018-01-27 13:25 - 1037401406 _____ C:\Users\admin\Downloads\Fargo.1996.DVDRip.XviD.CZ.avi
2018-01-27 13:02 - 2018-01-27 13:17 - 2093217070 _____ C:\Users\admin\Downloads\Velký dar [Gifted] (2017) HD 1080p CZ dabing.avi
2018-01-24 18:09 - 2018-01-24 17:38 - 000557128 _____ C:\Users\admin\Desktop\dfg.bak
2018-01-21 15:20 - 2018-01-21 15:25 - 737694592 _____ C:\Users\admin\Downloads\Kral.drozdia.brada.1984.DVDRip.XviD.MP3.SK.GTK.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 18:44 - 2015-04-23 18:09 - 000000000 ____D C:\FRST
2018-02-15 18:41 - 2011-01-25 19:34 - 000000000 ____D C:\Users\admin
2018-02-15 18:38 - 2009-07-14 05:34 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-15 18:38 - 2009-07-14 05:34 - 000023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-15 18:27 - 2017-09-20 17:32 - 000000000 ____D C:\Users\admin\AppData\Local\Akamai
2018-02-15 18:25 - 2017-09-20 18:28 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-15 18:25 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-15 00:28 - 2016-01-25 19:22 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-15 00:28 - 2016-01-25 19:22 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-14 18:40 - 2016-01-10 20:47 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 18:31 - 2011-01-25 19:37 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-14 18:31 - 2009-07-14 09:44 - 000668882 _____ C:\Windows\system32\perfh005.dat
2018-02-14 18:31 - 2009-07-14 09:44 - 000141542 _____ C:\Windows\system32\perfc005.dat
2018-02-14 18:31 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-02-14 18:24 - 2009-07-14 05:33 - 000483640 _____ C:\Windows\system32\FNTCACHE.DAT
2018-02-13 23:57 - 2014-12-13 16:25 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-13 23:13 - 2013-10-20 18:50 - 000000000 ____D C:\Windows\system32\MRT
2018-02-13 23:07 - 2011-01-25 19:54 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-13 16:52 - 2017-01-03 21:09 - 000000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2018-02-13 16:13 - 2011-01-25 19:37 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-02-13 14:48 - 2015-04-22 22:51 - 000000000 ____D C:\Program Files\TeamViewer
2018-02-13 14:46 - 2012-03-24 20:20 - 000000000 ____D C:\Program Files\Google
2018-02-11 21:21 - 2017-01-29 22:09 - 000000000 ____D C:\Stereo2017 v19
2018-02-11 19:03 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-11 11:52 - 2011-02-04 19:40 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2018-02-11 11:38 - 2015-04-26 20:26 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-02-11 11:37 - 2015-04-22 22:51 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2018-02-11 11:37 - 2015-04-22 22:51 - 000000917 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2018-02-11 11:30 - 2017-03-26 21:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-11 11:30 - 2016-01-12 21:10 - 000000000 ____D C:\Stereo2016 v18
2018-02-11 11:30 - 2013-12-22 02:00 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-11 11:30 - 2012-08-28 21:35 - 000000000 ____D C:\Users\admin\Documents\ZPS14
2018-02-11 11:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
2018-02-10 18:04 - 2017-04-10 06:06 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2018-02-10 10:09 - 2011-03-20 18:54 - 000000000 ____D C:\Users\admin\Documents\Nová složka

==================== Files in the root of some directories =======

2015-04-23 13:34 - 2015-05-22 03:46 - 000000020 _____ () C:\Users\admin\AppData\Roaming\appdataFr3.bin
2011-02-07 22:20 - 2017-06-21 05:28 - 000479983 _____ () C:\Users\admin\AppData\Roaming\default.pls
2011-02-06 18:15 - 2013-02-27 17:03 - 000138056 _____ () C:\Users\admin\AppData\Roaming\PnkBstrK.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-08 17:30

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:232.35 GB) (Free:78.99 GB) NTFS
\\?\Volume{efe52e5a-28b0-11e0-af11-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{31201521-1de1-11e6-8ebb-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS

Available physical RAM: 637.61 MB
Total physical RAM: 2013.05 MB
Percentage of memory in use: 68%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 53D74895)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
Stav:Neznámý
Stav:Neznámý
Stav:Neznámý
Stav:Neznámý
Stav:Neznámý
Stav:
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\admin\Desktop" je 13 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12.02.2018
Ran by admin (15-02-2018 18:46:20)
Running from C:\Users\admin\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-01-25 18:33:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-1189625069-2542699651-1591823224-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1189625069-2542699651-1591823224-500 - Administrator - Disabled)
Guest (S-1-5-21-1189625069-2542699651-1591823224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1189625069-2542699651-1591823224-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5002-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x86) - 3.1 (HKLM\...\{F217E438-6D3D-4330-BA97-82271926CC5A}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x86) - 5.1.4 (HKLM\...\{36AC22AD-5E3A-436E-ABF0-911257790BC6}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Dropbox (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
hppLaserJetService (HKLM\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Import souborů SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 57.0.4 (x86 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x86 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{A5CCD0C8-6D5E-4515-BDD7-2A22D5D91029}) (Version: 8.3.569 - Nero AG)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Počítačová aplikace Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Speciální aplikace Autodesk 2016-2018 (HKLM\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Stereo 2011 - ekonomický software, v.13.1.3 (HKLM\...\suc13_is1) (Version: 13.1.3 - KASTNER software s.r.o.)
Stereo 2012 - ekonomický software, v.14.1.3 (HKLM\...\suc14_is1) (Version: 14.1.3 - KASTNER software s.r.o.)
Stereo 2013 - ekonomický software, v.15.1.1 (HKLM\...\suc15_is1) (Version: 15.1.1 - KASTNER software s.r.o.)
Stereo 2014 - ekonomický software, v.16.1.1 (HKLM\...\suc16_is1) (Version: 16.1.1 - KASTNER software s.r.o.)
Stereo 2015 - ekonomický software, v.17.1.3 (HKLM\...\suc17_is1) (Version: 17.1.3 - KASTNER software s.r.o.)
Stereo 2016 - ekonomický software (HKLM\...\suc18_is1) (Version: 18.1 - KASTNER software s.r.o.)
Stereo 2017 - ekonomický software (HKLM\...\suc19_is1) (Version: 19.1 - KASTNER software s.r.o.)
TeamSpeak 3 Client (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
Tekla Warehouse Service (HKLM\...\{EFE7618B-A103-4D6F-9337-D06B60035C75}) (Version: 1.1.126.0 - Trimble Solutions Corporation)
Unity Web Player (HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1189625069-2542699651-1591823224-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-08-25] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-01-04] (AVAST Software)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2011-02-09] (WinZip Computing, S.L.)
ContextMenuHandlers1_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1189625069-2542699651-1591823224-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27B1AFAE-3BAF-45C1-8AE9-FF1329A70D32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {311CCC35-360F-40B6-8C3E-985B45AEE9CC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {3C1455BA-A8BF-4C1D-AD95-3676F6639D08} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5AB64E53-034B-41FF-BDBD-9B28D231B480} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-22] (Adobe Systems Incorporated)
Task: {6313B82E-6ED7-4A16-B9D8-714122D764DC} - System32\Tasks\SafeZone scheduled Autoupdate 1468488872 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {6A56E7C7-A60D-4671-9C83-AD63D51AE1AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {75E5F267-1D14-4402-8445-929C38B62D9F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-04] (AVAST Software)
Task: {7718DDC6-63BA-427B-8EAC-331E00430832} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ea437f58347a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A2FBE91E-1178-4EB3-836C-D5AFB9D7C06F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B3A0CF63-8B6A-439C-8390-3AB02677FD2F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {B4E94455-DBB4-4F21-90F7-D2AFCBDC25A0} - System32\Tasks\{08D06A52-1801-4FB3-933C-9A6B8B75EAC8} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-06] (Skype Technologies S.A.)
Task: {C67655B4-B4F9-4F10-9144-33715DA3EC1B} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ea437ada7bd5 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-04 17:21 - 2018-01-04 17:21 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-02-14 18:27 - 2018-02-14 18:27 - 005822608 _____ () C:\Program Files\AVAST Software\Avast\defs\18021408\algo.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-15 18:28 - 2018-02-15 18:28 - 005822608 _____ () C:\Program Files\AVAST Software\Avast\defs\18021502\algo.dll
2017-10-05 19:17 - 2012-08-31 14:01 - 000151552 _____ () C:\Windows\System32\HP1100LM.DLL
2011-03-15 15:34 - 2012-08-31 14:01 - 000069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2017-09-20 18:20 - 2017-06-15 15:16 - 000061944 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2017-09-20 18:20 - 2017-06-15 15:15 - 000110584 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qjson0.dll
2011-02-06 18:14 - 2013-02-27 17:03 - 000075136 _____ () C:\Windows\system32\PnkBstrA.exe
2009-08-04 17:23 - 2009-08-04 17:23 - 000063032 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 17:23 - 2009-08-04 17:23 - 000075320 _____ () C:\Program Files\HP\HP UT LEDM\bin\HPToolkit.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000052224 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000742400 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000195584 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2017-09-20 18:20 - 2017-04-04 20:11 - 000043912 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2017-09-20 18:20 - 2017-06-15 14:49 - 000279976 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
2017-07-11 10:40 - 2017-07-11 10:40 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-04 17:21 - 2018-01-04 17:21 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 040640808 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000912384 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000134144 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2017-09-20 18:20 - 2017-02-14 07:39 - 000950272 _____ () C:\Program Files\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2018-02-15 00:28 - 2018-02-13 05:12 - 003730264 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.167\libglesv2.dll
2018-02-15 00:28 - 2018-02-13 05:12 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.167\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-02-14 18:49 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1189625069-2542699651-1591823224-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1 - 10.140.6.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{78F4D853-D06F-40A6-8129-158F976F1747}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{C27A8EB5-FBDB-429C-ACDC-9D0CE61C4BCC}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{676AB25D-4443-468E-8BFB-92B8F23CFDCE}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{307ED057-A774-4B4C-8520-D3B39A474E2B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{DB486AD7-5302-491E-ADF8-DE8E24C2308D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A768BF92-D56F-4BF7-BE04-8DAABB91DD2B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6414453F-BEF4-42CC-8107-20A5BB0E8473}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F309A135-6EBF-4B4E-B354-696548A4BB83}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{97663D34-674F-416C-B0E0-25B1D385E63F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{571D510D-EB68-40BE-A214-A741A6E9020F}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{D10B9523-FEA1-4685-9640-679A32BBCA76}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{9CDABA41-352F-428D-AA78-8AC714A2681F}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{A24299A2-0E86-4304-AA53-760DD0A03035}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{21E2892C-E232-45B8-80D0-CE7537738EA5}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7A6E99E4-2841-41AD-9043-ADE97EE6068C}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{C0BD33BF-24E1-48CF-B779-77D2DE0EC8B5}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{330FCD53-A972-49BD-8FCA-FCC5B8D8E01A}C:\program files\nero\nero8\nero home\nerohome.exe] => (Block) C:\program files\nero\nero8\nero home\nerohome.exe
FirewallRules: [UDP Query User{BEA2757A-FB1C-4A2C-8D33-B74D1BB24EC3}C:\program files\nero\nero8\nero home\nerohome.exe] => (Block) C:\program files\nero\nero8\nero home\nerohome.exe
FirewallRules: [{AC210582-36B9-4B57-B50E-18E2C3A1D58A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{31B3EA6B-C92A-4037-AD3D-07ABBC30A0CD}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{C300C92A-D12F-4C96-8674-8A8DAF5E32A3}C:\program files\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{F3783A84-873D-45FC-B44C-CAB7680B2207}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{35D6F384-B9EE-411F-A6E9-BC4F4E0DF136}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{547481A9-A932-4AA9-BD83-4D5DC877954C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AA9F5141-6C83-4649-81C2-689B073991F9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{378739B4-3F5D-4CF1-9FF9-1905F3937366}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0A7CA04A-F94B-4B0A-8517-A491253F88BB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{9D9019FE-AD7C-4922-82C0-22AC51BBAC60}C:\users\admin\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\admin\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{85F9B84B-59D4-4C43-9AC1-1671EFB0A334}C:\users\admin\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\admin\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{C163F4C3-E8CB-482E-AD56-0E18E9C6E376}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4F665C21-6029-42AA-98E3-5B3835D2F33F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F820DBE7-06A3-4D9C-B426-B575964E647D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{BA947A99-4A35-4145-91CB-1737E11CB3DF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{0141ABD5-CAD7-4F0F-A91C-B292D529CFDF}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{9823E444-8DE2-4DD4-9ED7-FB85F5601980}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F1A4F4F1-3E24-48CE-AD55-D6ADECF8A9E9}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A7038AF1-5519-4C7F-AE7F-F0217BA37D87}C:\users\admin\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\admin\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BAD02413-920A-4ADD-A0A0-32EA3DA4662C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{526F201C-AF85-499F-9F07-E919E3770E73}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0E15F5C2-4B2A-4C42-BC27-609847A84FE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F604A348-B610-45C5-B462-624626F825FE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9C7A958D-B70F-4178-8E85-20631FBD1209}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

03-01-2018 11:09:14 Naplánovaný kontrolní bod
09-01-2018 06:01:15 Windows Update
10-01-2018 22:47:31 Windows Update
19-01-2018 20:59:12 Windows Update
29-01-2018 17:43:40 Naplánovaný kontrolní bod
08-02-2018 17:37:54 Naplánovaný kontrolní bod
11-02-2018 11:20:03 Operace obnovení
13-02-2018 21:39:55 Windows Update
13-02-2018 22:39:04 Windows Update
13-02-2018 23:04:04 Windows Update
14-02-2018 18:47:17 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2018 06:27:15 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/15/2018 06:26:49 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/14/2018 10:53:41 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/14/2018 10:53:23 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/14/2018 06:47:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d0231480-fa8c-4d90-964e-6146c90161c7}

Error: (02/14/2018 06:28:03 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/14/2018 06:27:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.

Error: (02/13/2018 07:57:25 PM) (Source: MsiInstaller) (EventID: 11310) (User: admin-PC)
Description: Produkt: Akamai NetSession Interface - Chyba 1310 Při zápisu do souboru C:\Users\admin\AppData\Local\Akamai\admintool.exe došlo k chybě. Systémová chyba 0. Přesvědčte se, zda máte přístup do adresáře.


System errors:
=============
Error: (02/15/2018 06:41:09 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:41:07 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:41:04 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:41:01 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:40:59 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:40:56 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom0.

Error: (02/15/2018 06:27:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (02/15/2018 06:27:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535


Windows Defender:
===================================
Date: 2015-03-30 19:37:08.609
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\DDealExparess\DDealExparess.exe;file:C:\Program Files\DieGiSaver\KhPewLCB1xC51S.exe;file:C:\Program Files\FindBesstDeal\tRqFiPhTIkYqfn.exe;regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{25F259ED-12F6-429F-5783-527C3E2F8586};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7223EDAC-E091-B3C1-BD91-B66CE557800F};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{25F259ED-12F6-429F-5783-527C3E2F8586};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7223EDAC-E091-B3C1-BD91-B66CE557800F};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-03-30 19:01:56.589
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\DDealExparess\DDealExparess.exe;file:C:\Program Files\DieGiSaver\KhPewLCB1xC51S.exe;file:C:\Program Files\FindBesstDeal\tRqFiPhTIkYqfn.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-03-30 19:01:24.656
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\DDealExparess\DDealExparess.exe;file:C:\Program Files\DieGiSaver\KhPewLCB1xC51S.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-03-30 19:00:53.362
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\DDealExparess\DDealExparess.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-03-15 19:07:01.820
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\50COOupons\O3IXK2UNTxGuKG.exe;file:C:\Program Files\BestSaVeFaoRYou\2JsByJpwzbJ9k0.exe;file:C:\Program Files\BetterGaia\BetterGaia.exe;file:C:\Program Files\Isaveer\Isaveer.exe;regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CA1838EF-A497-194E-3850-37A62CEE398B};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CF987D06-1DCF-7B36-5B43-13BC8699C44C};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F1422DAA-0829-09A1-7536-73936CAB8FFA};regkey:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F6A71DC7-28F4-C6C7-8FA9-8A56C80FC96A};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CA1838EF-A497-194E-3850-37A62CEE398B};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CF987D06-1DCF-7B36-5B43-13BC8699C44C};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F1422DAA-0829-09A1-7536-73936CAB8FFA};uninstall:HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F6A71DC7-28F4-C6C7-8FA9-8A
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-02-28 17:49:36.304
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=207768
Uživatel:\
Název:Adware:Win32/SaverExtension
ID:207768
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:

CodeIntegrity:
===================================

Date: 2016-09-08 19:07:39.161
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 19:07:38.942
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 08:53:13.880
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 08:53:13.771
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-06 16:59:37.442
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-06 16:59:37.348
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-05 16:29:27.613
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-05 16:29:27.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz
Percentage of memory in use: 68%
Total physical RAM: 2013.05 MB
Available physical RAM: 637.61 MB
Total Virtual: 4026.11 MB
Available Virtual: 2506.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.35 GB) (Free:78.99 GB) NTFS

\\?\Volume{efe52e5a-28b0-11e0-af11-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{31201521-1de1-11e6-8ebb-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 53D74895)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

PC vypadá rychlejší