VIRY.CZ

Dlouhé načítání stránek, nemožnost se přepínat mezi stránkami či programy aj. I FRST nahlásil eror a byl ukončen předčasně. Zde jsou nějaké pokusy o logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-01-2019
Ran by Ivo Brož (administrator) on BROZ-NB (21-01-2019 10:23:24)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [360cloudenterprise] => C:\Program Files\360\360eyun\360EnterpriseDiskUI.exe [5987232 2018-03-19] (360.cn)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {e1bc058f-2eb7-11e8-abcc-002243c6c20d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198

Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-01-21]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-12]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [2018-03-23] (Tencent)
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [2018-03-23] (Tencent)
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-20]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-Media Electronics Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 10:23 - 2019-01-21 10:25 - 000019252 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-01-21 10:23 - 2019-01-21 10:23 - 000000000 ____D C:\FRST
2019-01-21 10:22 - 2019-01-21 10:22 - 001787904 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-03 21:48 - 2000-03-24 18:43 - 000079002 _____ C:\TESTSND.WAV
2018-12-28 15:59 - 2018-12-28 16:08 - 000000000 ____D C:\Users\Ivo Brož\Video

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 10:16 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-01-21 10:14 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-21 10:12 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-01-21 09:56 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-01-21 09:56 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-01-21 09:54 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-21 09:54 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-21 09:53 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-21 09:53 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-20 20:39 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-01-20 19:51 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-01-20 19:51 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-01-20 19:51 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-01-20 19:51 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-20 19:35 - 2015-12-03 15:08 - 000004268 _____ C:\Windows\bthservsdp.dat
2019-01-20 19:35 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-19 13:54 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-29 09:44 - 2015-12-16 03:11 - 000000000 ___RD C:\Users\Ivo Brož\Disk Google
2018-12-28 15:59 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2018-12-26 18:08 - 2017-12-07 23:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-26 18:08 - 2015-12-07 14:51 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat

Some files in TEMP:
====================
2017-11-24 22:24 - 2018-04-05 19:47 - 000534528 _____ () C:\Users\Ivo Brož\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed




Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-01-2019
Ran by Ivo Brož (21-01-2019 10:26:00)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360安全云盘 (HKLM\...\360云盘（企业版）) (Version: 1.0.6.1115 - 360安全中心)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\SeznamInstall) (Version: - Seznam.cz)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} - \Update Service for Youtube AdBlock2 -> No File <==== ATTENTION
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {6B201AE7-B933-44CB-AF72-8CDF165ED19A} - \Update Service for Youtube AdBlock -> No File <==== ATTENTION
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {BAEE3681-C223-430E-9A77-F47F672D705F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {EA287CA0-8529-47E8-BF07-631D2DABF675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-21 09:57 - 2019-01-21 09:57 - 005759632 _____ () C:\Program Files\AVAST Software\Avast\defs\19012100\algo.dll
2017-11-24 22:35 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\10771libfoxloader.dll
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2014-05-01 15:15 - 2016-11-30 06:05 - 000564736 _____ () C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2017-11-24 22:35 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-11-24 22:35 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\lightspeed.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Rainlendar:com.dropbox.attributes [168]
AlternateDataStreams: C:\TESTSND.WAV:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2019-01-21 09:55 - 000000831 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [{D7E873DB-58A6-4F4E-B34B-6108540B936B}] => (Allow) C:\Users\Ivo Brož\AppData\Roaming\Tencent\QQ\STemp\SetupEx~0\QQSetupEx.exe (Tencent)
FirewallRules: [{FEAEF39B-CE06-469E-BFBA-CD449A84ABBB}] => (Allow) C:\Program Files\Tencent\QQIntl\Bin\QQ.exe No File
FirewallRules: [{3164E086-7A90-4F36-A9C0-0F55083F813B}] => (Allow) C:\Program Files\Tencent\QQIntl\Bin\QQ.exe No File
FirewallRules: [{15112122-BD92-4557-8881-78B70D454161}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe (Tencent)
FirewallRules: [{D1C2FE9C-7F8E-41C6-9976-C9CC2ADC0282}] => (Allow) C:\Program Files\Common Files\Tencent\QQDownload\119\Tencentdl.exe (Tencent)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

19-01-2019 11:47:05 Naplánovaný kontrolní bod
20-01-2019 02:14:11 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2019 09:53:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Děkuji za snahu pomoci.


# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:06
# OS: Windows Vista (TM) Business
# Cleaned: 30
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Ivo Brož\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Ivo Brož\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted C:\Users\Ivo Brož\AppData\Roaming\driveridentifier
Deleted C:\Program Files\Common Files\Tencent
Deleted C:\Users\Ivo Brož\AppData\Roaming\Tencent
Deleted C:\Users\Public\Documents\Tencent
Deleted C:\Users\Ivo Brož\AppData\Local\DriverToolkit
Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\IObit\Advanced SystemCare
Deleted HKLM\Software\IOBIT\ASC
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
Deleted HKCU\Software\Media Get LLC
Deleted HKCU\Software\DriverToolkit
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D1C2FE9C-7F8E-41C6-9976-C9CC2ADC0282}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{15112122-BD92-4557-8881-78B70D454161}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3164E086-7A90-4F36-A9C0-0F55083F813B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FEAEF39B-CE06-469E-BFBA-CD449A84ABBB}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D7E873DB-58A6-4F4E-B34B-6108540B936B}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4258 octets] - [21/01/2019 15:09:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

Opět havárie



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-01-2019
Ran by Ivo Brož (administrator) on BROZ-NB (21-01-2019 17:18:49)
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\Atomic Alarm Clock\timeserv.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Winstep Software Technologies) C:\Program Files\Winstep\WsxService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
(Drive Software Company) C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Winstep Software Technologies) C:\Program Files\Winstep\Nexus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2015-12-07] (Realtek Semiconductor)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2009-04-01] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2015-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-12] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Alpha Clock] => C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe [69120 2003-10-23] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [3621376 2016-03-22] (Drive Software Company)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [2739240 2015-11-13] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [NeXuS-Ultimate] => C:\Program Files\Winstep\Nexus.exe [14688896 2016-10-06] (Winstep Software Technologies)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [360cloudenterprise] => C:\Program Files\360\360eyun\360EnterpriseDiskUI.exe [5987232 2018-03-19] (360.cn)
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {e1bc058f-2eb7-11e8-abcc-002243c6c20d} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2006-11-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\system32\ac3filter.acm [1075200 2012-04-09] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\USB Multi-Channel Audio Device – zástupce.lnk [2016-01-20]
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{8F985A02-AFC7-4F31-9AEB-B906A326FEEF}: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{E4F7D5EC-A14C-4D43-80CC-AD22C07F8A51}: [DhcpNameServer] 10.111.0.1 10.114.1.1 91.221.212.198

Internet Explorer:
==================
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131230232319602000&GUID=8055860F-EFF5-4C63-9C53-171B90716F95
SearchScopes: HKU\S-1-5-21-698314851-3235763532-1396065412-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-11] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00111-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_111-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rxbgig8q.default
FF ProfilePath: C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default [2019-01-21]
FF Homepage: Mozilla\Firefox\Profiles\rxbgig8q.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\rxbgig8q.default -> is enabled.
FF Extension: (FaviconizeTab) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2016-11-17] [Legacy]
FF Extension: (To Google Translate) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2018-07-15]
FF Extension: (Avast Passwords) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-01-11]
FF Extension: (WebToPDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\manish.p05@gmail.com.xpi [2017-08-12] [Legacy]
FF Extension: (Print Edit) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\printedit@DW-dev.xpi [2018-03-23] [Legacy]
FF Extension: (Save as PDF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2017-11-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\translator@zoli.bod.xpi [2018-03-25] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\wrc@avast.com.xpi [2019-01-21]
FF Extension: (FxIF) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2016-08-06] [Legacy]
FF Extension: (FireTray) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{9533f794-00b4-4354-aa15-c2bbda6989f8} [2016-08-06] [Legacy]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-12]
FF Extension: (Tab Mix Plus) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-01] [Legacy]
FF Extension: (Web2PDF converter) - C:\Users\Ivo Brož\AppData\Roaming\Mozilla\Firefox\Profiles\rxbgig8q.default\Extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}.xpi [2016-08-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-07] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Windows\system32\npdeployJava1.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-11] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [No File]
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default [2019-01-20]
CHR Extension: (Prezentace) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-16]
CHR Extension: (Dokumenty) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Disk Google) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-16]
CHR Extension: (YouTube) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-16]
CHR Extension: (Tabulky) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-16]
CHR Extension: (Gmail) - C:\Users\Ivo Brož\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-09] (Adobe Systems Incorporated) [File not signed]
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-13] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-12-12] (AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-12] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-04-23] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [931200 2016-02-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService.exe [774656 2016-06-07] (Winstep Software Technologies) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-12-12] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-12-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-12-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-12-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-12-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-12] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-12-12] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-12-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-12-12] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-12-12] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-12-12] (AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-12-12] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114368 2015-10-08] (Power Software Ltd)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [191200 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM106.sys [3105280 2012-10-04] (C-Media Electronics Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 15:07 - 2019-01-21 15:07 - 007320272 _____ (Malwarebytes) C:\Users\Ivo Brož\Desktop\adwcleaner_7.2.6.0.exe
2019-01-21 10:26 - 2019-01-21 10:31 - 000035154 _____ C:\Users\Ivo Brož\Desktop\Addition.txt
2019-01-21 10:23 - 2019-01-21 17:20 - 000019315 _____ C:\Users\Ivo Brož\Desktop\FRST.txt
2019-01-21 10:23 - 2019-01-21 10:23 - 000000000 ____D C:\FRST
2019-01-21 10:22 - 2019-01-21 10:22 - 001787904 _____ (Farbar) C:\Users\Ivo Brož\Desktop\FRST.exe
2019-01-20 20:18 - 2018-12-12 17:33 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 18:19 - 2019-01-16 18:19 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-16 18:19 - 2019-01-16 18:19 - 000001978 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-03 21:48 - 2000-03-24 18:43 - 000079002 _____ C:\TESTSND.WAV
2018-12-28 15:59 - 2018-12-28 16:08 - 000000000 ____D C:\Users\Ivo Brož\Video

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 17:12 - 2016-11-05 09:02 - 000000896 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-21 17:11 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-21 17:11 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-21 15:56 - 2018-12-16 19:59 - 000000000 ____D C:\Program Files\RQMONEY
2019-01-21 15:17 - 2016-11-17 10:32 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\Mozilla
2019-01-21 15:16 - 2016-10-30 10:53 - 000000000 ____D C:\Users\Ivo Brož\.rainlendar2
2019-01-21 15:15 - 2018-09-30 18:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Local\AVAST Software
2019-01-21 15:15 - 2015-12-09 15:43 - 000000000 ____D C:\Program Files\Dropbox
2019-01-21 15:11 - 2016-11-05 09:02 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-21 15:11 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Users\Ivo Brož\AppData\LocalLow\IObit
2019-01-21 15:10 - 2018-03-23 14:54 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-01-21 15:10 - 2018-03-23 14:52 - 000000000 ____D C:\ProgramData\IObit
2019-01-21 15:10 - 2015-12-03 15:08 - 000003204 _____ C:\Windows\bthservsdp.dat
2019-01-21 15:10 - 2006-11-02 14:01 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-01-21 15:09 - 2016-12-11 12:10 - 000000000 ____D C:\AdwCleaner
2019-01-20 20:39 - 2015-12-09 17:18 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\uTorrent
2019-01-20 19:51 - 2008-04-17 13:36 - 000644548 _____ C:\Windows\system32\perfh005.dat
2019-01-20 19:51 - 2008-04-17 13:36 - 000137186 _____ C:\Windows\system32\perfc005.dat
2019-01-20 19:51 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-01-20 19:51 - 2006-11-02 11:33 - 001530430 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-19 11:07 - 2017-11-21 07:16 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-16 18:19 - 2015-12-16 03:08 - 000000000 ____D C:\Program Files\Google
2019-01-14 13:37 - 2016-08-19 13:38 - 000000000 ____D C:\Users\Ivo Brož\AppData\Roaming\Acrylic Wi-Fi Professional
2019-01-14 13:33 - 2016-07-25 12:50 - 000000218 _____ C:\Users\Ivo Brož\advanced_ip_scanner_MAC.bin
2019-01-09 08:24 - 2015-12-07 20:47 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-09 08:24 - 2015-12-07 20:47 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-09 08:24 - 2015-12-07 20:47 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-29 09:44 - 2015-12-16 03:11 - 000000000 ___RD C:\Users\Ivo Brož\Disk Google
2018-12-28 15:59 - 2015-12-03 10:46 - 000000000 ____D C:\Users\Ivo Brož
2018-12-26 18:08 - 2017-12-07 23:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-26 18:08 - 2015-12-07 14:51 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-12-10 22:50 - 2018-04-07 20:41 - 000000132 _____ () C:\Users\Ivo Brož\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-12-10 19:20 - 2015-12-10 19:20 - 000023888 _____ () C:\Users\Ivo Brož\AppData\Roaming\UserTile.png
2017-08-30 15:17 - 2017-11-27 01:25 - 000001480 _____ () C:\Users\Ivo Brož\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2015-12-03 10:46 - 2016-12-11 16:08 - 000007916 _____ () C:\Users\Ivo Brož\AppData\Local\d3d9caps.dat

Some files in TEMP:
====================
2017-11-24 22:24 - 2018-04-05 19:47 - 000534528 _____ () C:\Users\Ivo Brož\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed





Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-01-2019
Ran by Ivo Brož (21-01-2019 17:21:08)
Running from C:\Users\Ivo Brož\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2015-12-03 17:38:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-698314851-3235763532-1396065412-500 - Administrator - Disabled)
Guest (S-1-5-21-698314851-3235763532-1396065412-501 - Limited - Enabled)
Ivo Brož (S-1-5-21-698314851-3235763532-1396065412-1000 - Administrator - Enabled) => C:\Users\Ivo Brož

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360安全云盘 (HKLM\...\360云盘（企业版）) (Version: 1.0.6.1115 - 360安全中心)
7-Zip 15.12 (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.0a (HKLM\...\AC3Filter_is1) (Version: 2.0a - Alexander Vigovsky)
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Acrylic Wi-Fi Professional v3.0 (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\{FBD2EDDA-2B1B-49A2-9147-99CBCC5F10E5}_is1) (Version: 3.0 - Tarlogic Security S.L.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM\...\{C3CF783A-5457-4989-966F-7BE08812FB71}) (Version: 2.4.2601 - Famatech)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1502, 20.09.2015 - AIMP DevTeam)
Aktualizace NVIDIA 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0050 - ASUS)
Atomic Alarm Clock 6.20 (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.14.160917 - )
Canon CanoScan Toolbox 5.0 (HKLM\...\CanoScan Toolbox 5.0) (Version: - )
CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Dropbox (HKLM\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
eCookBook 4.5.2 (HKLM\...\{AA09EB40-138D-4331-B39D-D79CBA6A994C}_is1) (Version: 4.5.2 - Eugen Lety)
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.230.0 - International GeoGebra Institute)
Google Drive (HKLM\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java DB 10.6.2.1 (HKLM\...\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}) (Version: 10.6.2.1 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
K-Lite Codec Pack 11.5.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LAV Filters 0.67 (HKLM\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
MediaInfo 0.7.89 (HKLM\...\MediaInfo) (Version: 0.7.89 - MediaArea.net)
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 9.9.0 (32bit) (HKLM\...\MKVToolNix) (Version: 9.9.0 - Moritz Bunkus)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.9.0 ESR (x86 cs) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x86 cs)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
Nexus 16.9 (HKLM\...\Winstep Xtreme_is1) (Version: - )
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 310.90 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
PowerISO (HKLM\...\PowerISO) (Version: 6.4 - Power Software Ltd)
Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5821 - Realtek Semiconductor Corp.)
Recepty doma (HKLM\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\SeznamInstall) (Version: - Seznam.cz)
Subtitle Edit 3.4.9 (HKLM\...\SubtitleEdit_is1) (Version: 3.4.9.0 - Nikse)
SugarSync Manager (HKLM\...\SugarSync) (Version: 1.9.80.99361 - SugarSync, Inc.)
USB Multi-Channel Audio Device (HKLM\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0005 - C-Media Electronics, Inc.)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XCell Compiler 2.3.6 (HKLM\...\XCell Compiler) (Version: 2.3.6 - DoneEx)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-30] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP3\System\aimp_menu32.dll [2016-01-22] (AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-23] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-12-12] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files\SugarSync\SugarSyncShellExt.dll [2012-09-21] (SugarSync, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006A8993-78AC-45C6-9CDB-8EEC94B7CAEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1A98C338-38C7-4C81-9BC8-74DD98BEC0C1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {292902AB-606E-46EE-98FF-F59D7A329613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3574DA2E-9638-42B0-B302-E0FC44BD852B} - System32\Tasks\AdobeAAMUpdater-1.0-broz-nb-Ivo Brož => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {415851D0-1958-40B9-B343-5BBF36E7E21C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {4BF4CD01-8E02-4F68-94FE-2F8CDF2C2D94} - System32\Tasks\WindosUpda2ta => C:\Users\IVOBRO~1\AppData\Local\Temp\dlll.vbs <==== ATTENTION
Task: {4C080FE2-4B8C-4A73-B327-F65FFC21AD39} - System32\Tasks\Uninstaller_SkipUac_Ivo_Brož => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} - \Update Service for Youtube AdBlock2 -> No File <==== ATTENTION
Task: {67C1C463-2F04-46C1-85E6-C7DC7E7EF286} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {6B201AE7-B933-44CB-AF72-8CDF165ED19A} - \Update Service for Youtube AdBlock -> No File <==== ATTENTION
Task: {709F5BE2-8B43-4614-BCF3-A4438986850B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {795D4BC5-7A8B-4934-98ED-B16F84024809} - System32\Tasks\{D7CCBCF0-1302-44F0-B603-F769D2211119} => C:\Windows\system32\pcalua.exe -a C:\Frd\frd.exe -d C:\Frd\
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {AC02B278-B04B-4103-A10F-E7101DF84781} - System32\Tasks\{AE6CA972-194E-4679-851A-1F860BB1B7C0} => C:\Windows\system32\pcalua.exe -a "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4\frd.exe" -d "C:\Users\Ivo Brož\Disk Mega\Media\FreeRapid-0.9u4"
Task: {AFE10FAC-B0EF-48BA-BE00-570D27EAED91} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {BAEE3681-C223-430E-9A77-F47F672D705F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {BE5A01FD-811C-4A69-8B94-406CF3E511C2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-12] (AVAST Software)
Task: {DBF56899-01E2-43F2-80C6-88C327E243AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {EA287CA0-8529-47E8-BF07-631D2DABF675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Ivo Brož\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Ivo Brož\AppData\Roaming\HPReyos\ReyosStarter3.exe (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-11-24 22:35 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\10771libfoxloader.dll
2016-03-22 13:33 - 2013-06-07 02:06 - 001147392 _____ () C:\Program Files\Atomic Alarm Clock\Clock.dll
2014-05-01 15:15 - 2016-11-30 06:05 - 000564736 _____ () C:\Users\Ivo Brož\AppData\Local\MEGAsync\ShellExtX32.dll
2008-08-13 20:59 - 2008-08-13 20:59 - 000100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2018-12-12 17:33 - 2018-12-12 17:33 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-21 14:02 - 2019-01-21 14:02 - 005760144 _____ () C:\Program Files\AVAST Software\Avast\defs\19012102\algo.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-12-12 17:33 - 2018-12-12 17:33 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2016-01-31 09:53 - 2012-09-18 15:26 - 000169472 _____ () C:\Windows\System32\zlhp1020.dll
2016-01-31 09:54 - 2012-09-18 15:26 - 000059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-03-22 13:33 - 2013-04-24 18:20 - 002007040 _____ () C:\Program Files\Atomic Alarm Clock\timeserv.exe
2015-12-28 12:06 - 2003-10-23 04:17 - 000069120 _____ () C:\Users\Ivo Brož\Disk Mega\Správce\Timery\AlphaClock\aclock.exe
2015-11-13 12:57 - 2015-11-13 12:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2015-08-14 07:31 - 2015-08-14 07:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll
2015-08-14 07:31 - 2015-08-14 07:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-05-04 11:48 - 2014-05-04 11:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll
2015-11-13 12:57 - 2015-11-13 12:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2015-11-13 12:58 - 2015-11-13 12:58 - 000235560 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2014-05-04 11:49 - 2014-05-04 11:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll
2017-11-12 16:23 - 2012-06-08 20:40 - 001086176 _____ () C:\Program Files\Winstep\wodTelnetDLX.dll
2016-02-20 07:59 - 2016-02-17 08:02 - 000020352 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2017-11-21 07:15 - 2017-11-21 07:15 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-24 22:35 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-11-24 22:35 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\Ivo Brož\AppData\Roaming\Seznam.cz\bin\lightspeed.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Rainlendar:com.dropbox.attributes [168]
AlternateDataStreams: C:\TESTSND.WAV:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2019-01-21 15:48 - 000000832 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Samsung\Samsung PC Studio 3\
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.150.237 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe (Microsoft Corporation)
FirewallRules: [{08DD6062-1E2E-451B-B20A-60F7C9FFDBA9}] => (Allow) LPort=80
FirewallRules: [{B273ED47-F80D-406A-8F16-347EC8EC5446}] => (Allow) LPort=80
FirewallRules: [{4FB3F07B-0DCA-4802-87AC-EDA5D601DFA3}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DD36DB1F-250E-41A5-A85B-EF47F7ACC859}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{DA72B481-3B69-48D1-9F28-0424C9153B59}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{583183BD-09D8-4E27-8881-A8EA81ACAF36}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{2B79F693-9213-46F9-AE06-9FFCDA0323BD}C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo brož\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{DE774DC2-BD32-4AC5-8DEA-92A29216FF8C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{CE2F8922-23C5-476B-B1CD-98AFB31BC2F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [{DEEC08F7-A0B9-43A2-BB48-092997BAD930}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{0E27ED6F-61DB-4900-9BAA-A27CCED0D5B9}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{62B1331D-7951-4A39-801E-53C7D203B7A8}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [{03CC05EC-281A-4BEB-88D0-B21E4B0754E6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1F1A5A56-AA1F-47B4-8733-3B57654860F6}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Security S.L.)
FirewallRules: [{1E0AA980-0B4B-46F1-BB8F-AE80D9CD5E40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{57622297-F076-4654-8D29-F77D549215D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{62F07C6D-43D9-4BB6-B3AE-3006F15FF0F0}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [UDP Query User{64C4E2B3-6157-4F8D-9490-71ABD433DB24}C:\program files\java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre6\launch4j-tmp\frd.exe (Sun Microsystems, Inc.)
FirewallRules: [TCP Query User{08E96C80-D5CC-4816-AB74-2F79918D1346}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{FD23FA26-F72A-44A4-8CDA-A29EE1F0CCA0}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [TCP Query User{AEEEBF1B-B63B-419F-82DC-82FA54D36845}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [UDP Query User{D7140E4C-C781-4BC7-B9E7-ED7D0F23DBDA}C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_111\launch4j-tmp\frd.exe (Oracle Corporation)
FirewallRules: [{02EFEA7A-004D-4AC5-A87B-428406B2271E}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{79CA22F6-0B16-44C3-8777-D41D83E9A2EF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{F6987523-D159-487E-801C-64C072D57CF4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{39789F12-1381-4CBC-8D61-FD0B6AEF7043}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

19-01-2019 11:47:05 Naplánovaný kontrolní bod
20-01-2019 02:14:11 Naplánovaný kontrolní bod
21-01-2019 16:41:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2019 03:14:32 PM) (Source: timeserv.exe) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/21/2019 03:13:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/21/2019 09:53:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {e1bc058f-2eb7-11e8-abcc-002243c6c20d} - D:\HiSuiteDownLoader.exe
ShortcutTarget: USB Multi-Channel Audio Device – zástupce.lnk -> (No File)
GroupPolicy: Restriction ? <==== ATTENTION
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [No File]
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File]
C:\Users\Ivo Brož\AppData\Local\Temp
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} - \Update Service for Youtube AdBlock2 -> No File <==== ATTENTION
Task: {6B201AE7-B933-44CB-AF72-8CDF165ED19A} - \Update Service for Youtube AdBlock -> No File <==== ATTENTION
Task: {A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {EA287CA0-8529-47E8-BF07-631D2DABF675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
AlternateDataStreams: C:\Rainlendar:com.dropbox.attributes [168]
AlternateDataStreams: C:\TESTSND.WAV:com.dropbox.attributes [168]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Běh programu FRST se dostal do fáze, kdy vyskočila hláška, že "Program neodpovídá", ale pak se rozhodl pokračovat a toto je výsledek:


Fix result of Farbar Recovery Scan Tool (x86) Version: 20-01-2019
Ran by Ivo Brož (21-01-2019 19:10:45) Run:2
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {e1bc058f-2eb7-11e8-abcc-002243c6c20d} - D:\HiSuiteDownLoader.exe
ShortcutTarget: USB Multi-Channel Audio Device � z�stupce.lnk -> (No File)
GroupPolicy: Restriction ? <==== ATTENTION
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [No File]
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File]
C:\Users\Ivo Bro�\AppData\Local\Temp
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} - \Update Service for Youtube AdBlock2 -> No File <==== ATTENTION
Task: {6B201AE7-B933-44CB-AF72-8CDF165ED19A} - \Update Service for Youtube AdBlock -> No File <==== ATTENTION
Task: {A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {EA287CA0-8529-47E8-BF07-631D2DABF675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
AlternateDataStreams: C:\Rainlendar:com.dropbox.attributes [168]
AlternateDataStreams: C:\TESTSND.WAV:com.dropbox.attributes [168]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => not found
"HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Nexus" => not found
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1bc058f-2eb7-11e8-abcc-002243c6c20d} => not found
HKLM\Software\Classes\CLSID\{e1bc058f-2eb7-11e8-abcc-002243c6c20d} => not found
"ShortcutTarget: USB Multi-Channel Audio Device � z�stupce.lnk -> (No File)" => not found
"C:\Windows\system32\GroupPolicy\Machine" => not found
HKLM\Software\MozillaPlugins\@qq.com/npchrome => not found
HKLM\Software\MozillaPlugins\@qq.com/npqscall => not found
HKLM\Software\MozillaPlugins\@qq.com/TXSSO => not found
"C:\Users\Ivo Bro�\AppData\Local\Temp" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => not found
HKLM\Software\Classes\CLSID\{55D63393-DB17-4A2B-9052-15D85B4B1344} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock2 => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B201AE7-B933-44CB-AF72-8CDF165ED19A} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA287CA0-8529-47E8-BF07-631D2DABF675} => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => not found
"C:\Rainlendar" => ":com.dropbox.attributes" ADS not found.
"C:\TESTSND.WAV" => ":com.dropbox.attributes" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1052736 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 246702735 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 0 B
NetworkService => 0 B
Ivo Brož => 695043803 B

RecycleBin => 0 B
EmptyTemp: => 907.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:24:50 ====

Program smazal jen dočasné soubory. Zkuste to ještě jednou, ale v nouz. režimu se stajným skriptem.

V nouzovém režimu:


Fix result of Farbar Recovery Scan Tool (x86) Version: 20-01-2019
Ran by Ivo Brož (21-01-2019 20:31:58) Run:3
Running from C:\Users\Ivo Brož\Desktop
Loaded Profiles: Ivo Brož (Available Profiles: Ivo Brož)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\...\MountPoints2: {e1bc058f-2eb7-11e8-abcc-002243c6c20d} - D:\HiSuiteDownLoader.exe
ShortcutTarget: USB Multi-Channel Audio Device � z�stupce.lnk -> (No File)
GroupPolicy: Restriction ? <==== ATTENTION
FF Plugin: @qq.com/npchrome -> C:\Program Files\Common Files\Tencent\Npchrome\npchrome.dll [No File]
FF Plugin: @qq.com/npqscall -> C:\Program Files\Common Files\Tencent\NPQSCALL\npqscall.dll [No File]
FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [No File]
C:\Users\Ivo Bro�\AppData\Local\Temp
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} - \Update Service for Youtube AdBlock2 -> No File <==== ATTENTION
Task: {6B201AE7-B933-44CB-AF72-8CDF165ED19A} - \Update Service for Youtube AdBlock -> No File <==== ATTENTION
Task: {A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
Task: {EA287CA0-8529-47E8-BF07-631D2DABF675} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16] (Google Inc.)
AlternateDataStreams: C:\Rainlendar:com.dropbox.attributes [168]
AlternateDataStreams: C:\TESTSND.WAV:com.dropbox.attributes [168]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"HKU\S-1-5-21-698314851-3235763532-1396065412-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Nexus" => not found
HKU\S-1-5-21-698314851-3235763532-1396065412-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1bc058f-2eb7-11e8-abcc-002243c6c20d} => not found
HKLM\Software\Classes\CLSID\{e1bc058f-2eb7-11e8-abcc-002243c6c20d} => not found
"ShortcutTarget: USB Multi-Channel Audio Device � z�stupce.lnk -> (No File)" => not found
"C:\Windows\system32\GroupPolicy\Machine" => not found
HKLM\Software\MozillaPlugins\@qq.com/npchrome => not found
HKLM\Software\MozillaPlugins\@qq.com/npqscall => not found
HKLM\Software\MozillaPlugins\@qq.com/TXSSO => not found
"C:\Users\Ivo Bro�\AppData\Local\Temp" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => not found
HKLM\Software\Classes\CLSID\{55D63393-DB17-4A2B-9052-15D85B4B1344} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => not found
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61B6D77B-8FB4-4E67-9AA4-BC18D6591EB9} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock2 => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B201AE7-B933-44CB-AF72-8CDF165ED19A} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service for Youtube AdBlock => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A07EEBF5-DEBD-4A73-94ED-535B9E16C6DD} => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA287CA0-8529-47E8-BF07-631D2DABF675} => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => not found
"C:\Rainlendar" => ":com.dropbox.attributes" ADS not found.
"C:\TESTSND.WAV" => ":com.dropbox.attributes" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13502509 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 61481 B
Edge => 0 B
Chrome => 0 B
Firefox => 8605999 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 0 B
NetworkService => 0 B
Ivo Brož => 266337 B

RecycleBin => 0 B
EmptyTemp: => 21.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:32:24 ====

Nastala nějaká změna?

Tak vypadá to, že léčba byla účinná - noťas přestal skotačit.

Chtěl bych ale naší komunikace využít a poprosit o pomoc s jednou starší věcí - při jakýmsi dřívějším šmejdění se mi do systému nasoukalo cosi, co jsem zdokumentoval obrázky a neumím se toho zbavit. Mohl bys mi pomoct?

Ještě jeden obrázek

Někde se ztratil

Zkoušel jste to smazat?

Zkoušel, ale nešlo to