VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Doma (administrator) on MAMKA (17-06-2018 14:05:40)
Running from C:\Users\Doma\Desktop
Loaded Profiles: Doma (Available Profiles: Doma)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Egis Technology Inc.) C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-04-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-09-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1821240 2014-04-10] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-03-21] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-4000983731-1756305657-2284263128-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [831488 2013-12-13] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{52392619-BC96-4164-ABFD-EDD8C54F099C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-4000983731-1756305657-2284263128-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={E5ED2D52-7B0E-4EC4-B192-D4F51F94B621}&mid=3f1fdbcb92e547cd9d24ed3ea0e9cf55-de270fc241625289c0600553d2fd1b9257e51ad8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 17:16:13&v=4.3.6.255&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4000983731-1756305657-2284263128-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-4000983731-1756305657-2284263128-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E5ED2D52-7B0E-4EC4-B192-D4F51F94B621}&mid=3f1fdbcb92e547cd9d24ed3ea0e9cf55-de270fc241625289c0600553d2fd1b9257e51ad8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 17:16:13&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4000983731-1756305657-2284263128-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E5ED2D52-7B0E-4EC4-B192-D4F51F94B621}&mid=3f1fdbcb92e547cd9d24ed3ea0e9cf55-de270fc241625289c0600553d2fd1b9257e51ad8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117av&pr=fr&d=2017-01-20 17:16:13&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4000983731-1756305657-2284263128-1001 -> {FC418FCB-A6AB-4946-88AC-79A020646BBA} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-03-21] (AVG)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2013-04-24] (Egis Technology Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-03-21] (AVG)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-4000983731-1756305657-2284263128-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\apu7xz99.default [2018-06-17]
FF Homepage: Mozilla\Firefox\Profiles\apu7xz99.default -> hxxp://www.centrum.cz/
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\apu7xz99.default\features\{395e0319-3464-47ba-bb99-5a0b9ba69fa4}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-27] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt
FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt [2013-09-19] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20
FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt20 [2013-09-19] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\4.3.9.626
FF Extension: (No Name) - C:\ProgramData\AVG Web TuneUp\FireFoxExt\4.3.9.626 [2018-03-21] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-09] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2012-06-21] (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default [2018-05-27]
CHR Extension: (Prezentace) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-11]
CHR Extension: (Dokumenty) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-11]
CHR Extension: (Disk Google) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-19]
CHR Extension: (YouTube) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-19]
CHR Extension: (AVG Secure Search) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
CHR Extension: (Tabulky) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-05-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-23]
CHR Extension: (Online Accounts Extension ) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ladimmjldcgbeamniagencjbodhnmgen [2017-08-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-18]
CHR Extension: (Gmail) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-19]
CHR Extension: (Chrome Media Router) - C:\Users\Doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-26]
CHR HKU\S-1-5-21-4000983731-1756305657-2284263128-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-12-07]
CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2013-04-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [314688 2018-04-17] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7653992 2018-04-17] (AVG Technologies CZ, s.r.o.)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [222184 2013-04-24] (Egis Technology Inc. )
R3 eLockServ; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [24552 2013-04-23] (Egis Technology Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-09-19] (Dritek System INC.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2018-03-21] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-05-18] (AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-05-18] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [151504 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-05-18] (AVG Technologies CZ, s.r.o.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [69672 2012-06-22] (McAfee, Inc.)
R1 eLock2BurnerLockDriver; C:\WINDOWS\system32\DRIVERS\eLock2BurnerLockDriver.sys [20072 2013-09-19] (Egis Technology Inc.)
R2 eLock2FSCTLDriver; C:\WINDOWS\System32\DRIVERS\eLock2FSCTLDriver.sys [26264 2013-09-19] (Egis Technology Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\WINDOWS\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [66712 2012-06-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-09-19] (Dritek System Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 14:05 - 2018-06-17 14:06 - 000021410 _____ C:\Users\Doma\Desktop\FRST.txt
2018-06-17 14:05 - 2018-06-17 14:05 - 000000000 ____D C:\FRST
2018-06-17 13:26 - 2018-06-17 13:26 - 000000000 _____ C:\Users\Doma\Desktop\FRSTLauncher.exe
2018-06-17 13:24 - 2018-06-17 13:24 - 002413056 _____ (Farbar) C:\Users\Doma\Desktop\FRST64.exe
2018-05-27 13:06 - 2018-05-27 13:08 - 000000000 ____D C:\Users\Doma\Desktop\Pam str výběr
2018-05-18 18:22 - 2018-05-18 18:22 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 13:19 - 2013-12-07 23:10 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4000983731-1756305657-2284263128-1001
2018-06-17 12:52 - 2016-11-18 18:54 - 000000000 ____D C:\Users\Doma\AppData\LocalLow\Mozilla
2018-06-16 12:00 - 2015-01-15 19:41 - 000000000 __SHD C:\Users\Doma\IntelGraphicsProfiles
2018-06-15 20:14 - 2017-08-19 11:37 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-15 20:14 - 2017-08-19 11:37 - 000002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-15 20:01 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-15 19:55 - 2017-06-09 10:13 - 000004174 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-06-09 11:03 - 2018-03-13 18:26 - 000004520 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-09 11:03 - 2013-12-26 18:27 - 000004372 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-06-09 11:03 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-09 11:03 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-09 10:58 - 2013-12-07 23:08 - 000001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-09 10:58 - 2013-12-07 23:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-05 17:23 - 2014-09-24 18:23 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-05 17:23 - 2014-09-24 17:39 - 000739924 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-05 17:23 - 2014-09-24 17:39 - 000151610 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-05 17:23 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-05-27 14:15 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-05-25 07:57 - 2017-08-19 11:36 - 000003386 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-25 07:57 - 2017-08-19 11:36 - 000003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 18:22 - 2018-02-02 18:30 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-05-18 18:22 - 2017-06-09 10:13 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-05-18 18:21 - 2017-07-07 09:41 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-05-18 18:21 - 2017-07-07 09:41 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-05-18 18:21 - 2017-07-07 09:41 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-05-18 18:21 - 2017-07-07 09:41 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys

==================== Files in the root of some directories =======

2013-12-24 20:22 - 2014-06-04 17:52 - 000003743 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml

Some files in TEMP:
====================
2015-10-26 17:25 - 2015-10-26 17:25 - 002892128 _____ (AVG Technologies) C:\Users\Doma\AppData\Local\Temp\avg-15689f53-7de9-4063-8bb4-51216a48704c.exe
2015-11-22 15:12 - 2015-11-22 15:12 - 002892128 _____ (AVG Technologies) C:\Users\Doma\AppData\Local\Temp\avg-349d761b-ef40-4416-b27c-347596b2786d.exe
2016-04-03 12:46 - 2016-01-12 17:23 - 000179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Doma\AppData\Local\Temp\avguirn_081018162877.exe
2016-04-15 19:12 - 2016-02-18 12:09 - 000179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Doma\AppData\Local\Temp\avguirn_08457464062.exe
2016-08-26 13:46 - 2016-07-20 14:01 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Doma\AppData\Local\Temp\avguirn_08514660463.exe
2015-12-27 21:46 - 2015-12-12 18:26 - 002099600 _____ (AVG Technologies) C:\Users\Doma\AppData\Local\Temp\UNINSTALL.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-25 08:10

==================== End of FRST.txt ============================

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi