VIRY.CZ

Dobrý den,prosím o kontrolu PC.Vyskakují okna a sám se spouští (někdy) prohlížeč.

log z Frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Tepan (administrator) on TEPAN-PC (08-01-2018 16:01:57)
Running from C:\Users\Tepan\Desktop
Loaded Profiles: Tepan (Available Profiles: Tepan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Huawei) C:\Program Files (x86)\HiSuite\HiSuite.exe
() C:\Users\Tepan\AppData\Local\Hisuite\userdata\hwtools\hdbtransport.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-14] (COMODO)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2017-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-10-18] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{224703BF-4E2B-4984-BECA-D22BB644A342}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{B7B4C87E-1BE6-4F4F-A6C5-702CD234D949}: [DhcpNameServer] 8.8.8.8 192.168.91.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: cj0rqt4a.default-1499283777627
FF ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627 [2018-01-03]
FF Homepage: Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627 -> hxxps://www.seznam.cz/
FF Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627\Extensions\uBlock0@raymondhill.net.xpi [2017-12-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-28] [Legacy] [not signed]
FF HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1029120089-3632672932-3177029402-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-06-22] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR dev: Chrome dev build detected! <==== ATTENTION
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://play.iprima.cz/sites/all/themes/prima/primaplay/favicon.ico
CHR Profile: C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default [2018-01-08]
CHR Extension: (Prezentace) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-28]
CHR Extension: (Dokumenty) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-28]
CHR Extension: (Disk Google) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-12-28]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-12-28]
CHR Extension: (YouTube) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Přístav (29) | Prima PLAY) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjmammaianfcnbbchgeeajdcifiihglj [2015-12-08]
CHR Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-19]
CHR Extension: (Tabulky) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-28]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-12-28]
CHR Extension: (Gmail) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-28]
CHR Profile: C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.XFTHEVSGWAYNGGKTIHVB3OUHNE - C:\Users\Tepan\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/"
OPR Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-10-20]
OPR Extension: (Fast search) - C:\Users\Tepan\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-07-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-14] (COMODO)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-11] (Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-12-15] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-06-16] (Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-07-08] (Razer Inc.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Tepan\AppData\Local\Temp\7zS3FA8\hpslpsvc64.dll [X] <==== ATTENTION
S2 wsaudio; %SystemRoot%\System32\wsaudio.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-14] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-11] (Disc Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-14] ()
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2017-04-13] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-06-11] (Duplex Secure Ltd.)
S1 cfidsk; system32\drivers\cfidsk.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 16:01 - 2018-01-08 16:02 - 000019097 _____ C:\Users\Tepan\Desktop\FRST.txt
2018-01-08 16:01 - 2018-01-08 16:01 - 002393088 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2018-01-08 12:39 - 2018-01-08 12:41 - 000000000 ____D C:\Telefonni seznam
2018-01-08 12:26 - 2018-01-08 12:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2018-01-08 12:26 - 2018-01-08 12:26 - 000000000 ____D C:\Users\Tepan\.android
2018-01-08 12:21 - 2018-01-08 12:38 - 000000000 ____D C:\Users\Tepan\Documents\HiSuite
2018-01-08 12:21 - 2018-01-08 12:21 - 000000955 _____ C:\Users\Public\Desktop\HiSuite.lnk
2018-01-08 12:21 - 2018-01-08 12:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2018-01-08 12:21 - 2017-07-26 08:58 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2018-01-08 12:20 - 2018-01-08 12:22 - 000000000 ____D C:\Users\Tepan\AppData\Local\Hisuite
2018-01-08 12:20 - 2018-01-08 12:21 - 000000000 ____D C:\Program Files (x86)\HiSuite
2018-01-08 07:12 - 2018-01-08 07:16 - 000116654 _____ C:\Windows\ntbtlog.txt
2018-01-01 19:25 - 2018-01-01 19:25 - 000001517 _____ C:\Users\Tepan\Desktop\trl – zástupce.lnk
2018-01-01 12:59 - 2018-01-01 13:00 - 000000000 ____D C:\Users\Tepan\Documents\Tomb Raider - Legend
2017-12-29 10:38 - 2017-12-29 10:39 - 008198432 _____ (Malwarebytes) C:\Users\Tepan\Desktop\adwcleaner_7.0.6.0.exe
2017-12-28 12:34 - 2017-12-28 12:34 - 000003484 _____ C:\Windows\System32\Tasks\Tepan
2017-12-28 11:33 - 2017-12-28 11:33 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Rise_Of_TB_Instaler
2017-12-28 11:30 - 2017-12-28 11:30 - 000001185 _____ C:\Users\Tepan\Desktop\ROTTR – zástupce.lnk
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\Documents\Rise of the Tomb Raider
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\Documents\CPY_SAVES
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Crystal Dynamics
2017-12-28 01:11 - 2017-12-28 01:11 - 000000000 ____D C:\Users\Tepan\AppData\Local\Geckofx
2017-12-28 01:10 - 2018-01-04 19:50 - 000000000 ____D C:\Program Files (x86)\Smart Application Controller
2017-12-28 01:10 - 2017-12-28 01:10 - 000003342 _____ C:\Windows\System32\Tasks\CheckControllerUpdatesUA
2017-12-28 01:10 - 2017-12-28 01:10 - 000001078 _____ C:\Users\Tepan\Desktop\Mp3tag.lnk
2017-12-28 01:10 - 2017-12-28 01:10 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Smart Application Controller
2017-12-28 01:10 - 2017-12-28 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Application Controller
2017-12-28 01:09 - 2017-12-28 01:10 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Mp3tagApp3
2017-12-27 20:04 - 2018-01-06 15:35 - 000001266 _____ C:\Users\Tepan\Desktop\DTLite – zástupce.lnk
2017-12-20 11:07 - 2017-12-20 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-20 11:06 - 2017-12-21 04:56 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-12-20 11:06 - 2017-12-20 18:02 - 000000000 ____D C:\Users\Tepan\Desktop\mbar
2017-12-20 10:38 - 2017-12-20 10:38 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Tepan\Desktop\mbar-1.09.3.1001.exe
2017-12-20 08:12 - 2018-01-04 21:27 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-20 08:12 - 2018-01-04 21:27 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-20 08:05 - 2017-12-20 08:05 - 052528232 _____ (Google Inc.) C:\Users\Tepan\Desktop\ChromeStandaloneSetup64.exe
2017-12-15 03:05 - 2017-12-15 03:05 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-12-15 03:05 - 2017-12-15 03:05 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-15 03:05 - 2017-12-15 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-15 03:04 - 2017-12-15 03:05 - 083316440 _____ (Malwarebytes ) C:\Users\Tepan\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-13 05:39 - 2017-12-13 05:39 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 05:39 - 2017-12-13 05:39 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-13 05:39 - 2017-12-13 05:39 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-13 05:39 - 2017-12-13 05:39 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 05:39 - 2017-12-13 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-13 05:39 - 2017-12-13 05:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 05:39 - 2017-11-14 04:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 05:39 - 2017-11-14 04:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 05:39 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-13 05:39 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 16:01 - 2015-06-23 15:50 - 000000000 ____D C:\FRST
2018-01-08 16:00 - 2016-11-13 00:02 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2018-01-08 15:47 - 2013-01-16 19:32 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\vlc
2018-01-08 12:26 - 2013-01-16 13:48 - 000000000 ____D C:\Users\Tepan
2018-01-08 12:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-08 12:21 - 2017-07-26 08:58 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2018-01-08 09:27 - 2016-10-29 02:09 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\uTorrent
2018-01-08 07:28 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-08 07:28 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-08 07:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-08 07:13 - 2015-01-28 07:31 - 000000000 ____D C:\AdwCleaner
2018-01-03 00:40 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Tepan\AppData\LocalLow\Mozilla
2018-01-01 13:52 - 2016-11-13 22:23 - 000726506 _____ C:\Windows\system32\Drivers\fvstore.dat
2018-01-01 10:36 - 2016-07-23 14:29 - 000000000 ____D C:\Users\Tepan\Desktop\g
2017-12-31 19:32 - 2014-08-15 10:46 - 000000000 ____D C:\Hry
2017-12-29 10:44 - 2016-11-12 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-29 03:31 - 2015-01-19 01:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-27 23:16 - 2014-06-22 10:59 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-27 20:59 - 2016-03-12 22:42 - 000000000 ___HD C:\VTRoot
2017-12-27 17:06 - 2014-07-29 00:17 - 000000000 ____D C:\Users\Tepan\Desktop\Hry
2017-12-27 16:24 - 2013-01-16 15:50 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2017-12-26 09:48 - 2014-08-16 02:34 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2017-12-26 09:19 - 2014-08-08 08:01 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-12-26 09:19 - 2014-07-29 00:20 - 000000000 ___RD C:\Users\Tepan\Desktop\Poker
2017-12-26 09:19 - 2014-07-29 00:18 - 000000000 ____D C:\Users\Tepan\Desktop\Ochrana pocitace
2017-12-24 06:57 - 2014-02-25 11:58 - 000000000 ____D C:\Users\Tepan\AppData\Local\CrashDumps
2017-12-20 18:03 - 2013-01-31 23:56 - 000000000 ____D C:\Users\Tepan\AppData\Local\Google
2017-12-20 08:18 - 2013-07-18 10:02 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-20 08:18 - 2013-07-18 10:02 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-20 08:11 - 2013-07-18 10:01 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-15 03:05 - 2013-05-27 17:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-13 12:37 - 2009-07-14 05:45 - 000661440 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-13 12:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-12-13 12:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 10:27 - 2013-08-16 02:00 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 10:21 - 2017-10-12 02:06 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 10:21 - 2013-01-16 15:32 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-04-20 22:40 - 2014-04-20 22:43 - 000003750 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-03-19 12:16 - 2015-07-06 18:48 - 000159200 ____T () C:\Users\Tepan\AppData\Roaming\CrashRpt1402.dll
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Tepan\AppData\Roaming\MafiaSetup.exe
2015-04-17 12:51 - 2015-04-17 12:51 - 000000407 _____ () C:\Users\Tepan\AppData\Roaming\wameu_state.xml
2015-04-16 05:31 - 2015-04-16 05:56 - 000001000 _____ () C:\Users\Tepan\AppData\Roaming\__AvidCloudManager.log
2014-01-01 06:22 - 2015-04-16 05:34 - 000004608 _____ () C:\Users\Tepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-10 21:00 - 2014-12-10 21:00 - 000000124 _____ () C:\Users\Tepan\AppData\Local\NetBetCoach_SettingsPath.txt
2014-12-26 00:52 - 2014-12-26 00:52 - 000007664 _____ () C:\Users\Tepan\AppData\Local\Resmon.ResmonCfg
2015-02-06 14:24 - 2015-02-06 14:28 - 053683536 _____ () C:\Users\Tepan\AppData\Local\TempFullTiltPokerEuSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-08 01:26

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.6.0 - Logfile created on Mon Jan 08 20:40:31 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C10].txt - [1801 B] - [2015/9/18 21:29:26]
C:/AdwCleaner/AdwCleaner[C11].txt - [5287 B] - [2015/11/1 20:42:30]
C:/AdwCleaner/AdwCleaner[C12].txt - [2786 B] - [2016/1/3 9:29:57]
C:/AdwCleaner/AdwCleaner[C13].txt - [929 B] - [2016/1/8 15:28:24]
C:/AdwCleaner/AdwCleaner[C14].txt - [3896 B] - [2016/8/13 21:14:3]
C:/AdwCleaner/AdwCleaner[C15].txt - [3920 B] - [2016/9/10 18:55:48]
C:/AdwCleaner/AdwCleaner[C16].txt - [3503 B] - [2016/10/23 18:42:45]
C:/AdwCleaner/AdwCleaner[C17].txt - [3773 B] - [2016/11/15 18:31:13]
C:/AdwCleaner/AdwCleaner[C18].txt - [4011 B] - [2017/2/21 12:42:0]
C:/AdwCleaner/AdwCleaner[C19].txt - [4073 B] - [2017/3/20 13:51:2]
C:/AdwCleaner/AdwCleaner[C1].txt - [5734 B] - [2016/2/6 1:13:47]
C:/AdwCleaner/AdwCleaner[C20].txt - [5462 B] - [2017/7/5 14:26:57]
C:/AdwCleaner/AdwCleaner[C5].txt - [1626 B] - [2015/8/23 7:38:31]
C:/AdwCleaner/AdwCleaner[C6].txt - [897 B] - [2015/8/31 3:38:30]
C:/AdwCleaner/AdwCleaner[C7].txt - [897 B] - [2015/9/5 13:41:34]
C:/AdwCleaner/AdwCleaner[C8].txt - [897 B] - [2015/9/15 2:55:13]
C:/AdwCleaner/AdwCleaner[C9].txt - [1348 B] - [2015/9/18 8:8:41]
C:/AdwCleaner/AdwCleaner[S0].txt - [1479 B] - [2015/7/20 10:38:36]
C:/AdwCleaner/AdwCleaner[S10].txt - [795 B] - [2015/9/15 2:45:18]
C:/AdwCleaner/AdwCleaner[S11].txt - [1200 B] - [2015/9/18 7:54:46]
C:/AdwCleaner/AdwCleaner[S12].txt - [1677 B] - [2015/9/18 21:21:11]
C:/AdwCleaner/AdwCleaner[S13].txt - [4914 B] - [2015/11/1 20:37:56]
C:/AdwCleaner/AdwCleaner[S14].txt - [2568 B] - [2016/1/3 9:0:5]
C:/AdwCleaner/AdwCleaner[S15].txt - [831 B] - [2016/1/8 15:22:36]
C:/AdwCleaner/AdwCleaner[S16].txt - [3958 B] - [2016/8/13 21:10:5]
C:/AdwCleaner/AdwCleaner[S17].txt - [3920 B] - [2016/9/10 18:54:37]
C:/AdwCleaner/AdwCleaner[S18].txt - [3626 B] - [2016/10/23 18:35:51]
C:/AdwCleaner/AdwCleaner[S19].txt - [3868 B] - [2016/11/15 6:58:2]
C:/AdwCleaner/AdwCleaner[S1].txt - [8949 B] - [2015/8/1 17:48:19]
C:/AdwCleaner/AdwCleaner[S20].txt - [3878 B] - [2016/12/31 19:27:18]
C:/AdwCleaner/AdwCleaner[S21].txt - [4104 B] - [2017/2/21 12:33:40]
C:/AdwCleaner/AdwCleaner[S22].txt - [3824 B] - [2017/3/20 13:47:56]
C:/AdwCleaner/AdwCleaner[S23].txt - [5418 B] - [2017/7/5 14:25:57]
C:/AdwCleaner/AdwCleaner[S24].txt - [4639 B] - [2017/7/5 22:36:21]
C:/AdwCleaner/AdwCleaner[S2].txt - [3834 B] - [2015/8/7 9:49:7]
C:/AdwCleaner/AdwCleaner[S3].txt - [11790 B] - [2015/8/9 21:53:6]
C:/AdwCleaner/AdwCleaner[S7].txt - [56020 B] - [2015/8/23 7:35:56]
C:/AdwCleaner/AdwCleaner[S8].txt - [794 B] - [2015/8/31 3:26:23]
C:/AdwCleaner/AdwCleaner[S9].txt - [794 B] - [2015/9/5 13:31:39]


########## EOF - C:\AdwCleaner\AdwCleaner[C17].txt ##########

Dejte nový log FRST.

než sem dám log,tak by mě jen zajímalo,kde se v compu vzal nějaký advanced system care...a zda byl adwcleanerem smazán úplně?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Tepan (administrator) on TEPAN-PC (08-01-2018 22:11:00)
Running from C:\Users\Tepan\Desktop
Loaded Profiles: Tepan (Available Profiles: Tepan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-14] (COMODO)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2017-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-10-18] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{224703BF-4E2B-4984-BECA-D22BB644A342}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{B7B4C87E-1BE6-4F4F-A6C5-702CD234D949}: [DhcpNameServer] 8.8.8.8 192.168.91.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1029120089-3632672932-3177029402-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: cj0rqt4a.default-1499283777627
FF ProfilePath: C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627 [2018-01-08]
FF Homepage: Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627 -> hxxps://www.seznam.cz/
FF Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Roaming\Mozilla\Firefox\Profiles\cj0rqt4a.default-1499283777627\Extensions\uBlock0@raymondhill.net.xpi [2017-12-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-28] [Legacy] [not signed]
FF HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1029120089-3632672932-3177029402-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-06-22] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR dev: Chrome dev build detected! <==== ATTENTION
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://play.iprima.cz/sites/all/themes/prima/primaplay/favicon.ico
CHR Profile: C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default [2018-01-08]
CHR Extension: (Prezentace) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-28]
CHR Extension: (Dokumenty) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-28]
CHR Extension: (Disk Google) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-12-28]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-12-28]
CHR Extension: (YouTube) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Přístav (29) | Prima PLAY) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjmammaianfcnbbchgeeajdcifiihglj [2015-12-08]
CHR Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-19]
CHR Extension: (Tabulky) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-28]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-12-28]
CHR Extension: (Gmail) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-28]
CHR Profile: C:\Users\Tepan\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.XFTHEVSGWAYNGGKTIHVB3OUHNE - C:\Users\Tepan\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxp://www.seznam.cz/"
OPR Extension: (uBlock Origin) - C:\Users\Tepan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-10-20]
OPR Extension: (Fast search) - C:\Users\Tepan\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-07-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-14] (COMODO)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-11] (Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-12-15] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-06-16] (Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [183680 2017-04-14] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [252176 2017-07-08] (Razer Inc.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Tepan\AppData\Local\Temp\7zS3FA8\hpslpsvc64.dll [X] <==== ATTENTION
S2 wsaudio; %SystemRoot%\System32\wsaudio.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-14] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-11] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-11] (Disc Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-14] ()
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7529v470\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2017-04-13] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-06-11] (Duplex Secure Ltd.)
S1 cfidsk; system32\drivers\cfidsk.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 21:40 - 2018-01-08 21:40 - 000003824 _____ C:\Users\Tepan\Desktop\AdwCleaner[S22].txt
2018-01-08 21:33 - 2018-01-08 21:34 - 008198432 _____ (Malwarebytes) C:\Users\Tepan\Desktop\adwcleaner_7.0.6.0.exe
2018-01-08 16:03 - 2018-01-08 16:07 - 000098123 _____ C:\Users\Tepan\Desktop\Addition.txt
2018-01-08 16:01 - 2018-01-08 22:12 - 000019025 _____ C:\Users\Tepan\Desktop\FRST.txt
2018-01-08 16:01 - 2018-01-08 16:01 - 002393088 _____ (Farbar) C:\Users\Tepan\Desktop\FRST64.exe
2018-01-08 12:39 - 2018-01-08 12:41 - 000000000 ____D C:\Telefonni seznam
2018-01-08 12:26 - 2018-01-08 12:26 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2018-01-08 12:26 - 2018-01-08 12:26 - 000000000 ____D C:\Users\Tepan\.android
2018-01-08 12:21 - 2018-01-08 12:38 - 000000000 ____D C:\Users\Tepan\Documents\HiSuite
2018-01-08 12:21 - 2018-01-08 12:21 - 000000955 _____ C:\Users\Public\Desktop\HiSuite.lnk
2018-01-08 12:21 - 2018-01-08 12:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2018-01-08 12:21 - 2017-07-26 08:58 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2018-01-08 12:21 - 2017-07-26 08:58 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-01-08 12:21 - 2017-07-26 08:58 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2018-01-08 12:20 - 2018-01-08 12:22 - 000000000 ____D C:\Users\Tepan\AppData\Local\Hisuite
2018-01-08 12:20 - 2018-01-08 12:21 - 000000000 ____D C:\Program Files (x86)\HiSuite
2018-01-08 07:12 - 2018-01-08 07:16 - 000116654 _____ C:\Windows\ntbtlog.txt
2018-01-01 19:25 - 2018-01-01 19:25 - 000001517 _____ C:\Users\Tepan\Desktop\trl – zástupce.lnk
2018-01-01 12:59 - 2018-01-01 13:00 - 000000000 ____D C:\Users\Tepan\Documents\Tomb Raider - Legend
2017-12-28 12:34 - 2017-12-28 12:34 - 000003484 _____ C:\Windows\System32\Tasks\Tepan
2017-12-28 11:33 - 2017-12-28 11:33 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Rise_Of_TB_Instaler
2017-12-28 11:30 - 2017-12-28 11:30 - 000001185 _____ C:\Users\Tepan\Desktop\ROTTR – zástupce.lnk
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\Documents\Rise of the Tomb Raider
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\Documents\CPY_SAVES
2017-12-28 11:30 - 2017-12-28 11:30 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Crystal Dynamics
2017-12-28 01:11 - 2017-12-28 01:11 - 000000000 ____D C:\Users\Tepan\AppData\Local\Geckofx
2017-12-28 01:10 - 2018-01-04 19:50 - 000000000 ____D C:\Program Files (x86)\Smart Application Controller
2017-12-28 01:10 - 2017-12-28 01:10 - 000003342 _____ C:\Windows\System32\Tasks\CheckControllerUpdatesUA
2017-12-28 01:10 - 2017-12-28 01:10 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Smart Application Controller
2017-12-28 01:10 - 2017-12-28 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Application Controller
2017-12-27 20:04 - 2018-01-06 15:35 - 000001266 _____ C:\Users\Tepan\Desktop\DTLite – zástupce.lnk
2017-12-20 11:07 - 2017-12-20 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-20 11:06 - 2017-12-21 04:56 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-12-20 11:06 - 2017-12-20 18:02 - 000000000 ____D C:\Users\Tepan\Desktop\mbar
2017-12-20 10:38 - 2017-12-20 10:38 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Tepan\Desktop\mbar-1.09.3.1001.exe
2017-12-20 08:12 - 2018-01-04 21:27 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-20 08:12 - 2018-01-04 21:27 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-20 08:05 - 2017-12-20 08:05 - 052528232 _____ (Google Inc.) C:\Users\Tepan\Desktop\ChromeStandaloneSetup64.exe
2017-12-15 03:05 - 2017-12-15 03:05 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-12-15 03:05 - 2017-12-15 03:05 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-15 03:05 - 2017-12-15 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-15 03:04 - 2017-12-15 03:05 - 083316440 _____ (Malwarebytes ) C:\Users\Tepan\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-13 05:39 - 2017-12-13 05:39 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 05:39 - 2017-12-13 05:39 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-13 05:39 - 2017-12-13 05:39 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-13 05:39 - 2017-12-13 05:39 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-13 05:39 - 2017-12-13 05:39 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 05:39 - 2017-12-13 05:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-13 05:39 - 2017-12-13 05:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-13 05:39 - 2017-12-13 05:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 05:39 - 2017-11-14 04:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 05:39 - 2017-11-14 04:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 05:39 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-13 05:39 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-08 22:11 - 2016-11-13 00:02 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2018-01-08 21:52 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Tepan\AppData\LocalLow\Mozilla
2018-01-08 21:50 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-08 21:50 - 2009-07-14 05:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-08 21:42 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-08 21:34 - 2015-01-28 07:31 - 000000000 ____D C:\AdwCleaner
2018-01-08 20:46 - 2014-02-12 06:06 - 000000000 ____D C:\$Downloads
2018-01-08 20:45 - 2013-01-16 19:32 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\vlc
2018-01-08 17:11 - 2016-10-29 02:09 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\uTorrent
2018-01-08 16:06 - 2015-06-23 15:50 - 000000000 ____D C:\FRST
2018-01-08 12:26 - 2013-01-16 13:48 - 000000000 ____D C:\Users\Tepan
2018-01-08 12:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-08 12:21 - 2017-07-26 08:58 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2018-01-01 13:52 - 2016-11-13 22:23 - 000726506 _____ C:\Windows\system32\Drivers\fvstore.dat
2018-01-01 10:36 - 2016-07-23 14:29 - 000000000 ____D C:\Users\Tepan\Desktop\g
2017-12-31 19:32 - 2014-08-15 10:46 - 000000000 ____D C:\Hry
2017-12-29 10:44 - 2016-11-12 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-29 03:31 - 2015-01-19 01:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-27 23:16 - 2014-06-22 10:59 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-27 20:59 - 2016-03-12 22:42 - 000000000 ___HD C:\VTRoot
2017-12-27 17:06 - 2014-07-29 00:17 - 000000000 ____D C:\Users\Tepan\Desktop\Hry
2017-12-27 16:24 - 2013-01-16 15:50 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\DAEMON Tools Lite
2017-12-26 09:48 - 2014-08-16 02:34 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2017-12-26 09:19 - 2014-08-08 08:01 - 000000000 ____D C:\Users\Tepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-12-26 09:19 - 2014-07-29 00:20 - 000000000 ___RD C:\Users\Tepan\Desktop\Poker
2017-12-26 09:19 - 2014-07-29 00:18 - 000000000 ____D C:\Users\Tepan\Desktop\Ochrana pocitace
2017-12-24 06:57 - 2014-02-25 11:58 - 000000000 ____D C:\Users\Tepan\AppData\Local\CrashDumps
2017-12-20 18:03 - 2013-01-31 23:56 - 000000000 ____D C:\Users\Tepan\AppData\Local\Google
2017-12-20 08:18 - 2013-07-18 10:02 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-20 08:18 - 2013-07-18 10:02 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-20 08:11 - 2013-07-18 10:01 - 000000000 ____D C:\Program Files (x86)\Google
2017-12-15 03:05 - 2013-05-27 17:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-13 12:37 - 2009-07-14 05:45 - 000661440 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-13 12:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-12-13 12:33 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 10:27 - 2013-08-16 02:00 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 10:21 - 2017-10-12 02:06 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 10:21 - 2013-01-16 15:32 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-04-20 22:40 - 2014-04-20 22:43 - 000003750 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-03-19 12:16 - 2015-07-06 18:48 - 000159200 ____T () C:\Users\Tepan\AppData\Roaming\CrashRpt1402.dll
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Tepan\AppData\Roaming\MafiaSetup.exe
2015-04-17 12:51 - 2015-04-17 12:51 - 000000407 _____ () C:\Users\Tepan\AppData\Roaming\wameu_state.xml
2015-04-16 05:31 - 2015-04-16 05:56 - 000001000 _____ () C:\Users\Tepan\AppData\Roaming\__AvidCloudManager.log
2014-01-01 06:22 - 2015-04-16 05:34 - 000004608 _____ () C:\Users\Tepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-10 21:00 - 2014-12-10 21:00 - 000000124 _____ () C:\Users\Tepan\AppData\Local\NetBetCoach_SettingsPath.txt
2014-12-26 00:52 - 2014-12-26 00:52 - 000007664 _____ () C:\Users\Tepan\AppData\Local\Resmon.ResmonCfg
2015-02-06 14:24 - 2015-02-06 14:28 - 053683536 _____ () C:\Users\Tepan\AppData\Local\TempFullTiltPokerEuSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-08 01:26

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-10-18] (Oracle Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
CHR dev: Chrome dev build detected! <==== ATTENTION
S2 HPSLPSVC; C:\Users\Tepan\AppData\Local\Temp\7zS3FA8\hpslpsvc64.dll [X] <==== ATTENTION
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Tepan (08-01-2018 22:25:56) Run:5
Running from C:\Users\Tepan\Desktop
Loaded Profiles: Tepan (Available Profiles: Tepan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-10-18] (Oracle Corporation)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
CHR dev: Chrome dev build detected! <==== ATTENTION
S2 HPSLPSVC; C:\Users\Tepan\AppData\Local\Temp\7zS3FA8\hpslpsvc64.dll [X] <==== ATTENTION
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-1029120089-3632672932-3177029402-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
CHR dev: Chrome dev build detected! <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\System\CurrentControlSet\Services\HPSLPSVC" => removed successfully
HPSLPSVC => service removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Tepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19021179 B
Java, Flash, Steam htmlcache => 6952790 B
Windows/system/drivers => 13626773 B
Edge => 0 B
Chrome => 506838978 B
Firefox => 267383257 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Tepan => 148721057 B

RecycleBin => 0 B
EmptyTemp: => 930 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:26:19 ====

Smazáno. Nastala nějaká změna?

Takže zatím mně nic nevyskakuje...Snad už bude vše O.K....díky za pomoc.

Také doufám. Nemáte zač!