VIRY.CZ

Dobrý den,
už pár dní mám problém s internetovými prohlížeči. Vždy, když otevřu nějakou stránku, automaticky se přesměruji jinam a mnou požadovaná stránka se otevře na vedlejším listě a tak se to děje asi třikrát, po té už mnou požadovaná stránka normálně funguje. Jedná se o prohlížeče Chrome a Opera. Děkuji za pomoc

přikládám log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by Vojtěch (administrator) on VOJTA-PC (21-02-2018 19:21:14)
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\windows\System32\atiesrxx.exe
(AMD) C:\windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Conexant Systems Inc.) C:\windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
() C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(BitTorrent Inc.) C:\Users\Vojtěch\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Microsoft Corporation) C:\windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Greyfirst Corporation) C:\Program Files (x86)\Celtx\celtx.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddpe.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(forum.viry.cz) C:\Users\Vojtěch\Desktop\Viry\FRSTLauncher.exe
(Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-09-09] (Adobe Systems Incorporated)
HKLM\...\Run: [MRT] => C:\windows\system32\MRT.exe [148601744 2017-04-13] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [pdfSaver3] => c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [icq.desktop] => C:\Users\Vojtěch\AppData\Roaming\ICQ\bin\icq.exe [25789064 2017-11-13] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #5] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #3] => C:\Users\Vojtěch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\MountPoints2: {c6ee9d95-6520-11e7-829c-3010b3a29d32} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
Startup: C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-01-03]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{173A98E2-94CF-4C66-96EE-C074DC1B9306}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ECE2C3ED-447F-484F-8245-99B223E062FE}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
ManualProxies: 0hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
URLSearchHook: [S-1-5-21-866432661-1050328576-855569735-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-866432661-1050328576-855569735-1002 -> {ECAD7C5B-257A-4BBE-80AD-94EC3417AC9C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Vojtěch\AppData\Roaming\Greyfirst\Celtx\Profiles\03mji8zv.default [2018-02-14]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2015-12-28] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2015-12-28] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-18] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Tabulky) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-21]
CHR Extension: (AdBlock) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-866432661-1050328576-855569735-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-04]
OPR Extension: (Adblocker pro Youtube™) - C:\Users\Vojtěch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-14] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-14] (Lenovo)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
U0 sptd; C:\windows\System32\Drivers\sptd.sys [394296 2017-12-31] (Duplex Secure Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 19:24 - 2018-02-21 19:24 - 000003625 _____ C:\Users\Vojtěch\Documents\zakon.celtx
2018-02-21 19:23 - 2018-02-21 19:23 - 000000154 _____ C:\Users\Vojtěch\Desktop\prubezne_poznamky.txt
2018-02-21 19:21 - 2018-02-21 19:23 - 000024679 _____ C:\Users\Vojtěch\Desktop\FRST.txt
2018-02-21 19:20 - 2018-02-21 19:20 - 000015327 _____ C:\Users\Vojtěch\Desktop\LM.bat
2018-02-21 19:15 - 2018-02-21 19:20 - 000000000 ____D C:\Users\Vojtěch\Desktop\Viry
2018-02-21 19:15 - 2018-02-21 19:16 - 002403328 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2018-02-21 19:12 - 2018-02-21 19:24 - 000000000 ____D C:\Users\Vojtěch\Desktop\MOTOL
2018-02-18 16:53 - 2018-02-18 16:53 - 000001235 _____ C:\Users\Vojtěch\Desktop\Torino 2006.lnk
2018-02-18 16:53 - 2018-02-18 16:53 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-18 16:49 - 2018-02-18 16:50 - 000000000 ____D C:\Users\Vojtěch\Desktop\tor322
2018-02-18 16:49 - 2006-01-26 01:24 - 695432304 _____ C:\Users\Vojtěch\Desktop\rld-tora.bin
2018-02-18 16:49 - 2006-01-26 01:24 - 000000074 _____ C:\Users\Vojtěch\Desktop\rld-tora.cue
2018-02-18 16:46 - 2018-02-18 16:46 - 000000000 ____D C:\Users\Vojtěch\Desktop\Torino.Winter.Olympics.2006-RELOADED
2018-02-18 16:01 - 2018-02-18 16:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\ESET
2018-02-18 15:48 - 2018-02-18 16:41 - 1245928509 _____ C:\Users\Vojtěch\Downloads\Torino.Winter.Olympics.2006-RELOADED.7z
2018-02-18 15:41 - 2018-02-18 15:41 - 004260984 _____ (ESET) C:\Users\Vojtěch\Downloads\eset_nod32_antivirus_live_installer.exe
2018-02-18 15:29 - 2018-02-18 15:30 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key (1).iso
2018-02-18 15:29 - 2018-02-18 15:29 - 000901120 _____ C:\Users\Vojtěch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key.iso
2018-02-18 15:22 - 2018-02-18 15:30 - 000000000 ____D C:\Program Files (x86)\DllKitPRO
2018-02-18 15:22 - 2018-02-18 15:29 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-02-18 15:22 - 2018-02-18 15:27 - 000003306 _____ C:\windows\System32\Tasks\DllKitPRO
2018-02-18 15:13 - 2018-02-18 15:13 - 000000000 ____D C:\windows\System32\Tasks\Games
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\windows\SysWOW64\xlive
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2018-02-18 14:56 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2018-02-18 14:54 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2018-02-18 14:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2018-02-18 14:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2018-02-18 14:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2018-02-18 14:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2018-02-18 14:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2018-02-18 14:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2018-02-18 14:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2018-02-18 14:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2018-02-18 14:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2018-02-18 14:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2018-02-17 20:59 - 2018-02-17 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-17 20:26 - 2018-02-18 16:51 - 000000000 ____D C:\Program Files (x86)\2K Sports
2018-02-05 20:59 - 2018-02-05 20:59 - 011047898 _____ C:\Users\Vojtěch\Downloads\SoupalJ_ExtracorporalniOxygenace_LD_2016.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 006449264 _____ C:\Users\Vojtěch\Downloads\DPTX_2013_1_11110_0_376713_0_141163.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 000998622 _____ C:\Users\Vojtěch\Downloads\BPTX_2011_1__0_299860_0_120473.pdf
2018-02-05 20:55 - 2018-02-05 20:55 - 001809523 _____ C:\Users\Vojtěch\Downloads\kardioanestezie-a-perioperacni-pece-v-kardiochirurgii_nahled.pdf
2018-01-31 14:40 - 2018-01-31 14:40 - 000973131 _____ C:\Users\Vojtěch\Downloads\IPTX_2010_1_11150_F1P009_193093_0_95091 (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 19:24 - 2015-01-19 00:01 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\uTorrent
2018-02-21 19:23 - 2017-03-20 17:10 - 000000154 _____ C:\Users\Vojtěch\Desktop\Nový textový dokument (2).txt
2018-02-21 19:23 - 2017-02-04 14:54 - 008643130 _____ C:\windows\ZAM_Guard.krnl.trace
2018-02-21 19:23 - 2017-02-04 14:54 - 008399970 _____ C:\windows\ZAM.krnl.trace
2018-02-21 19:21 - 2017-03-12 16:55 - 000000000 ____D C:\FRST
2018-02-21 19:20 - 2017-03-12 16:51 - 000029696 _____ C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2018-02-21 18:49 - 2015-01-18 23:58 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-866432661-1050328576-855569735-1002
2018-02-21 16:02 - 2015-01-18 23:57 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 15:59 - 2015-01-19 00:13 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\Skype
2018-02-21 14:17 - 2015-01-18 23:56 - 000003834 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AC9158A3-4C3C-4033-B028-C1C6C126075D}
2018-02-21 13:09 - 2015-01-19 15:55 - 000000568 _____ C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
2018-02-20 22:14 - 2015-01-18 23:58 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421621899
2018-02-20 19:58 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-02-20 19:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-02-19 19:55 - 2015-01-19 00:13 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 21:04 - 2016-02-11 23:16 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\WOW
2018-02-18 16:57 - 2016-04-04 18:05 - 001425408 ___SH C:\Users\Vojtěch\Desktop\Thumbs.db
2018-02-18 16:54 - 2015-01-31 13:27 - 000000000 ____D C:\Users\Vojtěch\AppData\Local\CrashDumps
2018-02-18 15:32 - 2014-09-13 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-17 21:01 - 2017-12-31 11:58 - 000000000 ____D C:\Users\Vojtěch\Documents\My ISO Files
2018-02-16 22:36 - 2017-12-09 19:25 - 000000000 ____D C:\Users\Vojtěch\Downloads\Ed Sheeran - x [Deluxe Edition] [2014 ALBUM]
2018-02-14 12:04 - 2015-08-24 14:39 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 12:03 - 2017-05-19 05:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-12 15:38 - 2014-09-13 23:17 - 005789688 _____ C:\windows\system32\perfh005.dat
2018-02-12 15:38 - 2014-09-13 23:17 - 001778134 _____ C:\windows\system32\perfc005.dat
2018-02-12 15:38 - 2014-03-18 10:53 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-07 20:33 - 2017-03-12 19:05 - 000000000 ____D C:\Users\Vojtěch\Downloads\ICQ
2018-02-07 16:08 - 2015-05-25 16:41 - 000004294 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 16:08 - 2015-05-25 16:41 - 000004236 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-02-04 23:46 - 2015-01-19 01:35 - 000000000 ____D C:\Users\Vojtěch\AppData\Roaming\vlc
2018-01-30 14:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-26 11:27 - 2015-12-25 18:21 - 000000000 ___RD C:\Users\Vojtěch\Desktop\Fotky

==================== Files in the root of some directories =======

2017-03-12 16:51 - 2018-02-21 19:20 - 000029696 _____ () C:\Users\Vojtěch\AppData\Local\MSGBOX.EXE
2017-03-07 15:47 - 2017-03-07 15:47 - 000000031 _____ () C:\Users\Vojtěch\AppData\Local\SQ.RemoverDelete.bat
2017-03-07 15:37 - 2017-03-07 15:37 - 000032038 _____ () C:\Users\Vojtěch\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

Some files in TEMP:
====================
2018-02-17 21:01 - 2018-02-18 16:51 - 000046596 _____ (Sony DADC Austria AG) C:\Users\Vojtěch\AppData\Local\Temp\drm_dialogs.dll
2017-04-03 14:30 - 2018-01-11 09:37 - 058804680 _____ (Skype Technologies S.A.) C:\Users\Vojtěch\AppData\Local\Temp\SkypeSetup.exe
2018-01-11 20:35 - 2017-04-25 15:44 - 000380928 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Vojtěch\AppData\Local\Temp\_unps.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-16 02:57

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.8.0 - Logfile created on Wed Feb 21 19:03:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\Elex-tech
Deleted: C:\Users\Vojtěch\AppData\Roaming\\Firefox
Deleted: C:\Users\Vojtěch\AppData\Roaming\Kuaizip
Deleted: C:\Program Files (x86)\DllKitPRO

***** [ Files ] *****

Deleted: C:\Users\All Users\Documents\\report.dat
Deleted: C:\Users\Public\Documents\\report.dat
Deleted: C:\Users\All Users\Documents\\temp.dat
Deleted: C:\Users\Public\Documents\\temp.dat
Deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DllKitPRO

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\SpyHunter\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{735CBB11-3E26-4197-9B1D-8E26F2AE9E66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [15542 B] - [2017/3/12 15:26:34]
C:/AdwCleaner/AdwCleaner[C2].txt - [1370 B] - [2017/3/12 15:37:57]
C:/AdwCleaner/AdwCleaner[C3].txt - [26933 B] - [2017/3/21 13:22:51]
C:/AdwCleaner/AdwCleaner[S0].txt - [14350 B] - [2017/3/12 15:21:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [1596 B] - [2017/3/12 15:35:18]
C:/AdwCleaner/AdwCleaner[S2].txt - [1663 B] - [2017/3/12 16:29:11]
C:/AdwCleaner/AdwCleaner[S3].txt - [1736 B] - [2017/3/12 17:37:1]
C:/AdwCleaner/AdwCleaner[S4].txt - [23621 B] - [2017/3/21 13:21:11]
C:/AdwCleaner/AdwCleaner[S5].txt - [4587 B] - [2018/2/21 19:2:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by VojtÄ›ch (administrator) on VOJTA-PC (21-02-2018 21:06:14)
Running from C:\Users\VojtÄ›ch\Desktop
Loaded Profiles: VojtÄ›ch (Available Profiles: VojtÄ›ch)
Platform: Windows 8.1 (Update) (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\windows\System32\atiesrxx.exe
(AMD) C:\windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Conexant Systems Inc.) C:\windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(QualcommÂ®AtherosÂ®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Tracker Software Products Ltd.) C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Users\VojtÄ›ch\AppData\Roaming\ICQ\bin\icq.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\51.0.2830.34\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\VojtÄ›ch\Desktop\Viry\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-09-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-09-09] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (QualcommÂ®AtherosÂ®)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [pdfSaver3] => c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [385024 2004-05-19] (Tracker Software Products Ltd.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-02] (Disc Soft Ltd)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\Run: [icq.desktop] => C:\Users\VojtÄ›ch\AppData\Roaming\ICQ\bin\icq.exe [25955976 2018-02-16] ()
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #5] => C:\Users\VojtÄ›ch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\RunOnce: [Application Restart #3] => C:\Users\VojtÄ›ch\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-866432661-1050328576-855569735-1002\...\MountPoints2: {c6ee9d95-6520-11e7-829c-3010b3a29d32} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\VojtÄ›ch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
Startup: C:\Users\VojtÄ›ch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VĂ˝Ĺ™ezy obrazovky a spuĹˇtÄ›nĂ aplikace OneNote 2010.lnk [2017-01-03]
ShortcutTarget: VĂ˝Ĺ™ezy obrazovky a spuĹˇtÄ›nĂ aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959
Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{05CF0A7E-DD6F-497E-872F-01343F145810}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{0EDF9A7D-0520-4EDA-B1AF-599F40EB1EA4}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{173A98E2-94CF-4C66-96EE-C074DC1B9306}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C3F2F1D7-4152-4CBC-9669-AF64F5A0A198}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ECE2C3ED-447F-484F-8245-99B223E062FE}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{EE4BA6AD-43B2-49C1-B22B-4A902A7EE229}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
ManualProxies: 0hxxp://access-unstop.net/wpad.dat?aba2b2a532234b6c8c37f7517676d0ef38278959

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
URLSearchHook: [S-1-5-21-866432661-1050328576-855569735-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-866432661-1050328576-855569735-1002 -> {ECAD7C5B-257A-4BBE-80AD-94EC3417AC9C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\VojtÄ›ch\AppData\Roaming\Greyfirst\Celtx\Profiles\03mji8zv.default [2018-02-21]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2015-12-28] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2015-12-28] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2015-12-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... XXW3828BJH"
CHR Profile: C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
CHR Extension: (YouTube) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
CHR Extension: (Adblock Plus) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-17]
CHR Extension: (Adobe Acrobat) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-06]
CHR Extension: (Tabulky) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-21]
CHR Extension: (AdBlock) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-17]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-21]
CHR Extension: (Chrome Media Router) - C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-14]
CHR Profile: C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-866432661-1050328576-855569735-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\VojtÄ›ch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-02-04]
OPR Extension: (Adblocker pro Youtubeâ„˘) - C:\Users\VojtÄ›ch\AppData\Roaming\Opera Software\Opera Stable\Extensions\oiiphhgajcopkkkglmilkjfokamokgni [2017-03-10]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-02] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-14] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-14] (Lenovo)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-02-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-02-04] (Disc Soft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R0 sptd; C:\windows\System32\Drivers\sptd.sys [394296 2017-12-31] (Duplex Secure Ltd.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 19:31 - 2018-02-21 19:31 - 000016748 _____ C:\Users\VojtÄ›ch\Desktop\Addition.rar
2018-02-21 19:24 - 2018-02-21 19:24 - 000003625 _____ C:\Users\VojtÄ›ch\Documents\zakon.celtx
2018-02-21 19:23 - 2018-02-21 19:23 - 000000154 _____ C:\Users\VojtÄ›ch\Desktop\prubezne_poznamky.txt
2018-02-21 19:21 - 2018-02-21 21:07 - 000023329 _____ C:\Users\VojtÄ›ch\Desktop\FRST.txt
2018-02-21 19:15 - 2018-02-21 21:06 - 000000000 ____D C:\Users\VojtÄ›ch\Desktop\Viry
2018-02-21 19:15 - 2018-02-21 19:16 - 002403328 _____ (Farbar) C:\Users\VojtÄ›ch\Desktop\FRST64.exe
2018-02-21 19:12 - 2018-02-21 19:29 - 000000000 ____D C:\Users\VojtÄ›ch\Desktop\MOTOL
2018-02-18 16:53 - 2018-02-18 16:53 - 000001235 _____ C:\Users\VojtÄ›ch\Desktop\Torino 2006.lnk
2018-02-18 16:53 - 2018-02-18 16:53 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-18 16:49 - 2018-02-18 16:50 - 000000000 ____D C:\Users\VojtÄ›ch\Desktop\tor322
2018-02-18 16:49 - 2006-01-26 01:24 - 695432304 _____ C:\Users\VojtÄ›ch\Desktop\rld-tora.bin
2018-02-18 16:49 - 2006-01-26 01:24 - 000000074 _____ C:\Users\VojtÄ›ch\Desktop\rld-tora.cue
2018-02-18 16:46 - 2018-02-18 16:46 - 000000000 ____D C:\Users\VojtÄ›ch\Desktop\Torino.Winter.Olympics.2006-RELOADED
2018-02-18 16:01 - 2018-02-18 16:01 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Local\ESET
2018-02-18 15:48 - 2018-02-18 16:41 - 1245928509 _____ C:\Users\VojtÄ›ch\Downloads\Torino.Winter.Olympics.2006-RELOADED.7z
2018-02-18 15:41 - 2018-02-18 15:41 - 004260984 _____ (ESET) C:\Users\VojtÄ›ch\Downloads\eset_nod32_antivirus_live_installer.exe
2018-02-18 15:29 - 2018-02-18 15:30 - 000901120 _____ C:\Users\VojtÄ›ch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key (1).iso
2018-02-18 15:29 - 2018-02-18 15:29 - 000901120 _____ C:\Users\VojtÄ›ch\Downloads\DLL_Files_Fixer_Full_Version_Crack_Activator_Serial_Key.iso
2018-02-18 15:22 - 2018-02-18 15:29 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2018-02-18 15:13 - 2018-02-18 15:13 - 000000000 ____D C:\windows\System32\Tasks\Games
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\windows\SysWOW64\xlive
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2018-02-18 14:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2018-02-18 14:56 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2018-02-18 14:56 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2018-02-18 14:54 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2018-02-18 14:54 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2018-02-18 14:54 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2018-02-18 14:54 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2018-02-18 14:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2018-02-18 14:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2018-02-18 14:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2018-02-18 14:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2018-02-18 14:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2018-02-18 14:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2018-02-18 14:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2018-02-18 14:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2018-02-18 14:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2018-02-18 14:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2018-02-18 14:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2018-02-18 14:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2018-02-18 14:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2018-02-18 14:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2018-02-18 14:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2018-02-18 14:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2018-02-18 14:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2018-02-18 14:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2018-02-18 14:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2018-02-18 14:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2018-02-18 14:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2018-02-18 14:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2018-02-18 14:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2018-02-18 14:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2018-02-18 14:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2018-02-17 20:59 - 2018-02-17 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
2018-02-17 20:26 - 2018-02-18 16:51 - 000000000 ____D C:\Program Files (x86)\2K Sports
2018-02-05 20:59 - 2018-02-05 20:59 - 011047898 _____ C:\Users\VojtÄ›ch\Downloads\SoupalJ_ExtracorporalniOxygenace_LD_2016.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 006449264 _____ C:\Users\VojtÄ›ch\Downloads\DPTX_2013_1_11110_0_376713_0_141163.pdf
2018-02-05 20:59 - 2018-02-05 20:59 - 000998622 _____ C:\Users\VojtÄ›ch\Downloads\BPTX_2011_1__0_299860_0_120473.pdf
2018-02-05 20:55 - 2018-02-05 20:55 - 001809523 _____ C:\Users\VojtÄ›ch\Downloads\kardioanestezie-a-perioperacni-pece-v-kardiochirurgii_nahled.pdf
2018-01-31 14:40 - 2018-01-31 14:40 - 000973131 _____ C:\Users\VojtÄ›ch\Downloads\IPTX_2010_1_11150_F1P009_193093_0_95091 (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-21 21:07 - 2017-02-04 14:54 - 000068699 _____ C:\windows\ZAM.krnl.trace
2018-02-21 21:07 - 2017-02-04 14:54 - 000037996 _____ C:\windows\ZAM_Guard.krnl.trace
2018-02-21 21:06 - 2017-03-12 16:55 - 000000000 ____D C:\FRST
2018-02-21 20:42 - 2014-09-13 23:17 - 005803340 _____ C:\windows\system32\perfh005.dat
2018-02-21 20:42 - 2014-09-13 23:17 - 001782534 _____ C:\windows\system32\perfc005.dat
2018-02-21 20:42 - 2014-03-18 10:53 - 000005430 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-21 20:41 - 2015-01-18 23:56 - 000003834 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{AC9158A3-4C3C-4033-B028-C1C6C126075D}
2018-02-21 20:40 - 2015-01-18 23:58 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-866432661-1050328576-855569735-1002
2018-02-21 20:15 - 2015-08-24 14:38 - 000001279 _____ C:\Users\VojtÄ›ch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2018-02-21 20:15 - 2015-01-18 23:59 - 000000000 ____D C:\ProgramData\LU
2018-02-21 20:09 - 2015-01-31 13:27 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Local\CrashDumps
2018-02-21 20:08 - 2017-03-22 14:15 - 000000000 ___DO C:\Users\VojtÄ›ch\OneDrive
2018-02-21 20:08 - 2015-01-23 18:37 - 000000000 ____D C:\windows\system32\MRT
2018-02-21 20:06 - 2017-03-12 11:46 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\ICQ
2018-02-21 20:06 - 2015-01-19 15:55 - 000000568 _____ C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
2018-02-21 20:06 - 2014-09-14 00:13 - 000000000 ____D C:\ProgramData\Energy Manager
2018-02-21 20:04 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-21 20:04 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-02-21 20:03 - 2017-03-22 13:47 - 000000000 ____D C:\windows\system32\log
2018-02-21 20:03 - 2015-01-18 23:47 - 000000000 ____D C:\Users\VojtÄ›ch
2018-02-21 20:03 - 2014-09-14 00:01 - 000006656 _____ C:\windows\system32\VfService.trf
2018-02-21 20:03 - 2014-09-13 23:11 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-02-21 20:02 - 2017-03-12 16:17 - 000000000 ____D C:\AdwCleaner
2018-02-21 20:00 - 2015-01-19 00:01 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\uTorrent
2018-02-21 19:55 - 2015-01-19 01:35 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\vlc
2018-02-21 19:23 - 2017-03-20 17:10 - 000000154 _____ C:\Users\VojtÄ›ch\Desktop\NovĂ˝ textovĂ˝ dokument (2).txt
2018-02-21 16:02 - 2015-01-18 23:57 - 000000000 ____D C:\Program Files (x86)\Opera
2018-02-21 15:59 - 2015-01-19 00:13 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\Skype
2018-02-20 22:14 - 2015-01-18 23:58 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421621899
2018-02-20 19:58 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2018-02-20 19:58 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 19:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2018-02-19 19:55 - 2015-01-19 00:13 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 21:04 - 2016-02-11 23:16 - 000000000 ____D C:\Users\VojtÄ›ch\AppData\Roaming\WOW
2018-02-18 16:57 - 2016-04-04 18:05 - 001425408 ___SH C:\Users\VojtÄ›ch\Desktop\Thumbs.db
2018-02-18 15:32 - 2014-09-13 23:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-17 21:01 - 2017-12-31 11:58 - 000000000 ____D C:\Users\VojtÄ›ch\Documents\My ISO Files
2018-02-16 22:36 - 2017-12-09 19:25 - 000000000 ____D C:\Users\VojtÄ›ch\Downloads\Ed Sheeran - x [Deluxe Edition] [2014 ALBUM]
2018-02-14 12:04 - 2015-08-24 14:39 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-14 12:03 - 2017-05-19 05:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 03:29 - 2017-03-22 15:47 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-07 20:33 - 2017-03-12 19:05 - 000000000 ____D C:\Users\VojtÄ›ch\Downloads\ICQ
2018-02-07 16:08 - 2015-05-25 16:41 - 000004294 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 16:08 - 2015-05-25 16:41 - 000004236 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 16:08 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2018-01-30 14:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2018-01-26 11:27 - 2015-12-25 18:21 - 000000000 ___RD C:\Users\VojtÄ›ch\Desktop\Fotky

==================== Files in the root of some directories =======

2017-03-07 15:47 - 2017-03-07 15:47 - 000000031 _____ () C:\Users\VojtÄ›ch\AppData\Local\SQ.RemoverDelete.bat
2017-03-07 15:37 - 2017-03-07 15:37 - 000032038 _____ () C:\Users\VojtÄ›ch\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

Some files in TEMP:
====================
2018-02-17 21:01 - 2018-02-18 16:51 - 000046596 _____ (Sony DADC Austria AG) C:\Users\VojtÄ›ch\AppData\Local\Temp\drm_dialogs.dll
2017-04-03 14:30 - 2018-01-11 09:37 - 058804680 _____ (Skype Technologies S.A.) C:\Users\VojtÄ›ch\AppData\Local\Temp\SkypeSetup.exe
2018-01-11 20:35 - 2017-04-25 15:44 - 000380928 _____ (Rational Intellectual Holdings Ltd.) C:\Users\VojtÄ›ch\AppData\Local\Temp\_unps.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d19311776010e3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\VojtŘch\Desktop" je 582239 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

LastRegBack: 2016-05-16 02:57

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\VojtÄ›ch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b ... ef38278959
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH"
CHR Profile: C:\Users\VojtÄ›ch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
C:\Users\VojtÄ›ch\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\VojtŘch\Desktop" je 582239 MB.

To je příloš mnoho (a troufám si tvrdit, že jste překonal rekord) a může to způsobovat zpomalení startu systému. Vytpořte v C:\Users\Vojtěch novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by Vojtěch (21-02-2018 22:14:45) Run:4
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available Profiles: Vojtěch)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellExecuteHooks: No Name - {21E0FCA4-DE4A-11E6-844B-64006A5CFC23} - C:\Users\Vojtěch\AppData\Roaming\Vonepy\Sugophghilither.dll -> No File <==== ATTENTION
AutoConfigURL: [S-1-5-21-866432661-1050328576-855569735-1002] => hxxp://access-unstop.net/wpad.dat?aba2b ... ef38278959
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH"
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-02-21] <==== ATTENTION
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-02-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-02-04] (Zemana Ltd.)
C:\Users\Vojtěch\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKLM\Software\Classes\CLSID\{21E0FCA4-DE4A-11E6-844B-64006A5CFC23}" => removed successfully
"HKU\S-1-5-21-866432661-1050328576-855569735-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
uid=ST1000LM014-SSHD-8GB_W3828BJHXXXXW3828BJH&type=hp","hxxp://www.startpageing123.com/?type=hp&ts=149 ... XXW3828BJH" => Error: No automatic fix found for this entry.
C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
ZAM => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
ZAM_Guard => Unable to stop service.
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully

"C:\Users\Vojtěch\AppData\Local\Temp" folder move:

Could not move "C:\Users\Vojtěch\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11833428 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 139018918 B
Edge => 0 B
Chrome => 245760 B
Firefox => 0 B
Opera => 361065305 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 3328 B
NetworkService => -654 B
Vojtěch => 9988286621 B

RecycleBin => 0 B
EmptyTemp: => 9.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-02-2018 22:34:16)

C:\Users\Vojtěch\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:34:19 ====

Vše se zdá být funkční...Mockrát děkuji za pomoc

Tak to jsem rád. Nemáte zač!

VIRY.CZ

Prosím o kontrolu LOGu, infiltrované prohlížeče

Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče

Re: Prosím o kontrolu LOGu, infiltrované prohlížeče