RogueKiller V12.10.8.0 (x64) [May 8 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 64 bits version
Spuštěno : Normální režim
Uživatel : Asus [Práva správce]
Started from : C:\Users\Asus\Downloads\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 05/14/2017 09:22:35 (Duration : 00:38:23)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 3 ¤¤¤
[PUP.DownloadAssistant] (X86) HKEY_LOCAL_MACHINE\Software\DVDVideoSoft -> Smazáno
[PUP.DownloadAssistant] (X64) HKEY_USERS\S-1-5-21-3235370217-647853827-1993747720-1000\Software\DVDVideoSoft -> Smazáno
[PUP.DownloadAssistant] (X86) HKEY_USERS\S-1-5-21-3235370217-647853827-1993747720-1000\Software\DVDVideoSoft -> Smazáno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 3 ¤¤¤
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\chicon.bmp -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\FreeYouTubeToMP3ConverterProfile.xml -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Billboard Top Songs 2015(1).png -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Billboard Top Songs 2015(2).png -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Billboard Top Songs 2015(3).png -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Billboard Top Songs 2015(4).png -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\Billboard Top Songs 2015.png -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History\History.xml -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\History -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter\Themes -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\ieicon.bmp -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\ff_output.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\FreeYouTubeToMP3Converter.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\FreeYouTubeToMP3Converter_extra_debug.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\FreeYouTubeToMP3Converter_install.txt -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\netlogger.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\updhelper.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra1.log -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra4.log -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\logs -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\psvince.dll -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\cfg\cfg.xml -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\cfg\cfg.xml.lck -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\cfg\cfg_tmp.xml.lck -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\cfg -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\logstorage -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat\storage -> Smazáno
[PUP.DownloadAssistant][Složka] C:\Users\Asus\AppData\Roaming\DVDVideoSoft\Stat -> Smazáno
[PUP.DownloadAssistant][Složka] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube to MP3 Converter.lnk -> Smazáno
[PUP.DownloadAssistant][Soubor] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\chimes.wav -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\icudt52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\icuin52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\icuuc52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avcodec-56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avdevice-56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avfilter-5.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avformat-56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\avutil-54.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\base_xml_pars.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_chrono-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_locale-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc120-mt-1_56.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlhpr.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\DVSiTunes.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\DVSResources.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dvssyshelper.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\icudt52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\icuin52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\icuuc52.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libeay32.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libEGL.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libfftw3f-3.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libGLESv2.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libmp3lame.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\MediaTagsEditor.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mfc120u.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mfcm120u.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Microsoft.WindowsAPICodePack.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Microsoft.WindowsAPICodePack.Shell.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mmconv-pinv.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mmconv.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mminfo-pinv.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mminfo.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcp120.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcr120.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Newtonsoft.Json.Net20.Merged.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\platforms\qwindows.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\platforms -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\postproc-53.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\preset_mgr.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Qt5Core.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Qt5Gui.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Qt5Widgets.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\rockid-pinv.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\rockid.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SDL.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ssleay32.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\swresample-1.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\swscale-3.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0-pinv.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelper.exe -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\wbrhelper.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\libcurl.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\libeay32.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\libEGL.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\libGLESv2.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\msvcp120.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\msvcr120.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\platforms\qwindows.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft\platforms -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\imageformats\qico.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\imageformats -> Smazáno
[PUP.FusionCore|PUP.Gen0][Složka] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\Qt5Core.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\Qt5Gui.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\Qt5Widgets.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\sscrmgr.dll -> Smazáno
[PUP.FusionCore|PUP.Gen0][Soubor] C:\Program Files (x86)\Common Files\DVDVideoSoft\ssleay32.dll -> Smazáno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] f5eff1a5f4c5026b9a10dde1085ef95c
[BSP] 29a799fc94d35b387843b0931702a2c4 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953317 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Asus on ne 14.05.2017 at 13:37:09,21.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Asus\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-11-20-140652.log 12070 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Asus\AppData\Local\ActiveSync deleted successfully
C:\Users\Asus\AppData\Local\FluxSoftware deleted successfully
C:\Users\mamka\AppData\Local\VirtualStore deleted successfully
C:\Users\tonda\AppData\Local\ActiveSync deleted successfully
C:\Users\tonda\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\8rym56gh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\8rym56gh.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\tonda\AppData\Roaming\Mozilla\Firefox\Profiles\evaqvb8i.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\tonda\AppData\Roaming\Mozilla\Firefox\Profiles\evaqvb8i.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\8rym56gh.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\tonda\AppData\Roaming\Mozilla\Firefox\Profiles\evaqvb8i.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\tonda\AppData\Roaming\Mozilla\Firefox\Profiles\evaqvb8i.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

==== Firefox Plugins ======================

Profilepath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default
7FB1DC8C464CAFC230E7AD6392AE859B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll - Shockwave Flash
9CD7CD8FD07718851DD8081CDF8CA3E7 - C:\programy\Adobe Photoshop cs6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll - AdobeExManDetect
08C3C6B144EB5EBDE93263237C53DB14 - C:\programy\VideoLAN\VLC\npvlc.dll - VLC Web Plugin


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


Chrome Media Router - Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - tonda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_text-lyrics.ru_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyricstranslate.com_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyricstranslate.com_0.localstorage-journal deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-hw.brazzerscontent.com_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-hw.brazzerscontent.com_0.localstorage-journal deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ad.libimseti.cz_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ad.libimseti.cz_0.localstorage-journal deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.brazzers.com_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.brazzers.com_0.localstorage-journal deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.user-red.com_0.localstorage deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Asus\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Asus\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\mamka\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\tonda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Asus\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\mamka\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\tonda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\tonda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=111 folders=21 20428371 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Asus\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on ne 14.05.2017 at 14:01:45,37 ======================

Zemana AntiMalware 2.72.2.388 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.5.14
Operating System : Windows 10 64-bit
Processor : 6X AMD Phenom(tm) II X6 1065T Processor
BIOS Mode : Legacy
CUID : 12D5227455D62BB0BE62CF
Scan Type : Skenování systému
Duration : 39m 57s
Scanned Objects : 272990
Detected Objects : 17
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

zoek.scr
Status : Skenováno
Object : %userprofile%\desktop\zoek\zoek.scr
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\zoek\zoek.scr

zoek.pif
Status : Skenováno
Object : %userprofile%\desktop\zoek\zoek.pif
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\zoek\zoek.pif

zoek.com
Status : Skenováno
Object : %userprofile%\desktop\zoek\zoek.com
MD5 : 36D327EB4A26B4E9242E511913E91084
Publisher : -
Size : 1448141
Version : -
Detection : Malware:Win32/Tamaca!Keee
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\zoek\zoek.com

unlockInstance.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\unlockinstance.dll
MD5 : 3134BC47ABC493650D59972545D00F80
Publisher : Seznam.cz, a.s.
Size : 247352
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\unlockinstance.dll

szninstall.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\szninstall.exe
MD5 : 919F88F5158350947FB255358CEA4907
Publisher : Seznam.cz, a.s.
Size : 1062472
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\szninstall.exe

szndesktop.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\szndesktop.exe
MD5 : 0A54B0BCD8BC203684C803FC3FB5C5A2
Publisher : Seznam.cz, a.s.
Size : 457384
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\szndesktop.exe

lightspeed.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\lightspeed.dll
MD5 : 7B12697B8A8D362F5694774A9D3055F8
Publisher : Seznam.cz, a.s.
Size : 862888
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\tonda\appdata\roaming\seznam.cz\bin\lightspeed.dll

szninstall.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\szninstall.exe
MD5 : 919F88F5158350947FB255358CEA4907
Publisher : Seznam.cz, a.s.
Size : 1062472
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\szninstall.exe

wszndesktop.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\wszndesktop.exe
MD5 : 14688019EF3FC29D5845A7099F70C3AB
Publisher : Seznam.cz, a.s.
Size : 92664
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\wszndesktop.exe

unlockInstance.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\unlockinstance.dll
MD5 : 3134BC47ABC493650D59972545D00F80
Publisher : Seznam.cz, a.s.
Size : 247352
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\unlockinstance.dll

szndesktop.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\szndesktop.exe
MD5 : 84A05863BF629C33C1FFC3801225E165
Publisher : Seznam.cz, a.s.
Size : 457208
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\szndesktop.exe

listicka-x64.exe
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\listicka-x64.exe
MD5 : 7F577D5BF5F7C16BB58F01F5F079D9FD
Publisher : Seznam.cz, a.s.
Size : 45560
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\listicka-x64.exe

lightspeed.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\lightspeed.dll
MD5 : 28775D4C45B4B040FE4624EDC309B2D8
Publisher : Seznam.cz, a.s.
Size : 894968
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\lightspeed.dll

libfoxcub.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\libfoxcub.dll
MD5 : D1BC3FC3688956F9C20FAAE6689A29A7
Publisher : Seznam.cz, a.s.
Size : 1663000
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\libfoxcub.dll

libfoxcub-x64.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\libfoxcub-x64.dll
MD5 : 0210802008F642408069B26A1ECCDBF3
Publisher : Seznam.cz, a.s.
Size : 2438168
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\libfoxcub-x64.dll

21091libfoxloader.dll
Status : Skenováno
Object : %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\21091libfoxloader.dll
MD5 : 9E3C14CC79A2408CBE4A1F9E16319B2A
Publisher : Seznam.cz, a.s.
Size : 59384
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\ucty\mamka\appdata\roaming\seznam.cz\bin\21091libfoxloader.dll

InjectionLibrary.dll
Status : Skenováno
Object : %userprofile%\desktop\bin\injectionlibrary.dll
MD5 : 1AF1C85E1B22C54C5AC5DA6D0B7A73BD
Publisher : -
Size : 41984
Version : 1.0.0.0
Detection : Adware:Win32/Sarajia.A!Eeee
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\desktop\bin\injectionlibrary.dll


Cleaning Result
-------------------------------------------------------
Cleaned : 17
Reported as safe : 0
Failed : 0

Vlož nový log z HJT + informuj o problémech.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:42, on 15.5.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0589)

FIREFOX: 44.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\programy\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\Asus\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [XPE] "C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe" -hide:100|100
O4 - HKLM\..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\programy\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\programy\Zemana AntiMalware\ZAM.exe

--
End of file - 8177 bytes


To načítání mi příjde pořád stejné ..

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Asus (administrator) on ASUS-PC (15-05-2017 20:48:27)
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus & mamka (Available Profiles: Asus & mamka & tonda & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Copyright 2017.) C:\programy\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
(Bluestack System Inc. ) C:\Program Files (x86)\Bluestacks\BstkSVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Copyright 2017.) C:\programy\Zemana AntiMalware\ZAM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Copyright 2017.) C:\programy\Zemana AntiMalware\ZAM.exe
(Spotify Ltd) C:\Users\Asus\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\programy\CCleaner\CCleaner64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ZAM] => C:\programy\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKLM-x32\...\Run: [XPE] => C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [28672 2016-03-14] (XPExplorer.com - 2016)
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (iSkySoft)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-02-01] (Raptr, Inc)
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Run: [CCleaner Monitoring] => C:\programy\CCleaner\CCleaner64.exe [8551848 2015-11-19] (Piriform Ltd)
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [986648 2016-10-21] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Run: [Octoshape Streaming Services] => "C:\Users\Asus\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Run: [Spotify Web Helper] => C:\Users\Asus\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-02-03] (Spotify Ltd)
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Run: [CCleaner Monitoring] => C:\programy\CCleaner\CCleaner64.exe [8551848 2015-11-19] (Piriform Ltd)
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Run: [Spotify] => C:\Users\Asus\AppData\Roaming\Spotify\Spotify.exe [8449136 2016-02-03] (Spotify Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-01-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ab658422-083b-4799-8f6d-44ca0c7b0831}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {0EC733F4-2E32-485D-8D83-DF92E4075A70} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {29F24384-2DE2-4B62-8CB6-395C31A593FA} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {51CBB84D-6CE7-4D52-8757-84EDE020B080} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {6820DAC3-E77C-48F7-8D6A-0C425B8A3ABD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {8D41ED59-C51D-4A3A-BE1A-3E9EED74A826} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {93423A7C-BD38-4CEE-9F3E-9AD17641E270} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {9803BE6E-922F-4714-8CEA-3CC9D7F15132} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {B730EAE3-CB62-4E41-BF74-B474716F1913} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {BC8C6ABC-6E8F-4884-A0B5-78B4825B9467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-06] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-06] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)

FireFox:
========
FF DefaultProfile: zwheh4dl.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default [2017-05-14]
FF NewTab: Mozilla\Firefox\Profiles\zwheh4dl.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\zwheh4dl.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-02] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\programy\Adobe Photoshop cs6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-02] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\programy\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\programy\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\programy\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\programy\Adobe Photoshop cs6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3235370217-647853827-1993747720-1004: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Asus\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [No File]
StartMenuInternet: FIREFOX.EXE - C:\programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2017-05-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2016-11-25] ()
S4 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-10-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-10-21] (BlueStack Systems, Inc.)
R3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-10-21] (BlueStack Systems, Inc.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-02-17] (Freemake) [File not signed]
S4 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S4 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-16] (Copyright (c) 2016 Plays.tv, LLC)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-10-27] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1844736 2016-09-07] (Microsoft Corporation)
R2 ZAMSvc; C:\programy\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 95B456C8; C:\WINDOWS\System32\drivers\95B456C8.sys [478392 2015-11-20] (Kaspersky Lab ZAO)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2016-03-02] (The OpenVPN Project)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-12-25] (Advanced Micro Devices)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-10-21] (BlueStack Systems)
R3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-10-07] (Bluestack System Inc. )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S1 epp; C:\EEK\bin64\epp.sys [116944 2016-09-28] (Emsisoft Ltd)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-08-26] (Emsisoft GmbH)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2017-02-23] (REALiX(tm))
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-13] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-12-01] (Secunia)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-12-17] (Realtek )
R2 RtNdPt630; C:\WINDOWS\system32\DRIVERS\RtNdPt630.sys [37632 2015-12-17] (Realtek Semiconductor Corp.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
S3 RTTEAMPT; C:\WINDOWS\system32\DRIVERS\RtTeam620.sys [59608 2015-12-17] (Realtek Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-05-14] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-14] (Zemana Ltd.)
U0 aswVmm; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-15 20:48 - 2017-05-15 20:50 - 00018873 _____ C:\Users\Asus\Desktop\FRST.txt
2017-05-15 20:48 - 2017-05-15 20:48 - 00000000 ____D C:\FRST
2017-05-15 20:47 - 2017-05-15 20:47 - 02429952 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2017-05-15 17:16 - 2017-05-15 17:22 - 00000000 ____D C:\Users\mamka\Desktop\Víta
2017-05-14 20:55 - 2017-05-14 21:03 - 00000000 ____D C:\Users\mamka\Desktop\Sipan
2017-05-14 19:20 - 2017-05-14 19:20 - 00000000 ____D C:\Users\mamka\AppData\Local\VirtualStore
2017-05-14 19:19 - 2017-05-14 19:19 - 00000000 ____D C:\Users\mamka\AppData\Local\Zemana
2017-05-14 18:32 - 2017-05-14 18:32 - 00000000 ____D C:\Users\tonda\AppData\Local\Zemana
2017-05-14 18:32 - 2017-05-14 18:32 - 00000000 ____D C:\Users\tonda\AppData\Local\VirtualStore
2017-05-14 14:11 - 2017-05-15 20:50 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-05-14 13:59 - 2017-05-14 13:37 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-05-14 13:38 - 2017-05-15 20:49 - 00666382 _____ C:\WINDOWS\ZAM.krnl.trace
2017-05-14 13:38 - 2017-05-15 20:49 - 00650579 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-05-14 13:38 - 2017-05-14 13:38 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-05-14 13:38 - 2017-05-14 13:38 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-05-14 13:38 - 2017-05-14 13:38 - 00001691 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-05-14 13:38 - 2017-05-14 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-05-14 13:37 - 2017-05-14 13:37 - 05774688 _____ (Zemana Ltd. ) C:\Users\Asus\Downloads\Zemana.AntiMalware.Setup.exe
2017-05-14 13:37 - 2017-05-14 13:37 - 00000000 ____D C:\Users\Asus\AppData\Local\Zemana
2017-05-14 13:36 - 2017-05-14 13:36 - 01309184 _____ C:\Users\Asus\Desktop\zoek.exe
2017-05-14 10:08 - 2017-05-14 10:08 - 00315624 _____ (Microsoft Corporation) C:\Users\Asus\Downloads\dxwebsetup.exe
2017-05-14 09:21 - 2017-05-14 09:22 - 26307144 _____ C:\Users\Asus\Downloads\RogueKiller_portable64.exe
2017-05-13 19:03 - 2017-05-13 19:03 - 00000000 ____D C:\Users\mamka\AppData\Local\ATI
2017-05-13 19:03 - 2017-05-13 19:03 - 00000000 ____D C:\Users\mamka\AppData\Local\AMD
2017-05-13 19:02 - 2017-05-13 19:02 - 00000000 ____D C:\Users\mamka\AppData\Local\CEF
2017-05-13 15:55 - 2017-05-13 15:55 - 04970688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-13 14:45 - 2017-05-13 14:45 - 00000890 _____ C:\Users\Asus\Desktop\Windows 10 Manager.lnk
2017-05-13 14:45 - 2017-05-13 14:45 - 00000880 _____ C:\Users\Asus\Desktop\1-Click Cleaner.lnk
2017-05-13 14:45 - 2017-05-13 14:45 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2017-05-13 14:44 - 2017-05-13 14:44 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Yamicsoft
2017-05-13 14:43 - 2017-05-13 14:44 - 21975968 _____ (Yamicsoft) C:\Users\Asus\Downloads\windows10manager.exe
2017-05-13 14:42 - 2017-05-13 14:42 - 00003442 _____ C:\WINDOWS\System32\Tasks\CrystalDiskInfo
2017-05-13 14:42 - 2017-05-13 14:42 - 00001743 _____ C:\Users\Asus\Desktop\CrystalDiskInfo.lnk
2017-05-13 14:41 - 2017-05-13 14:41 - 03961080 _____ (Crystal Dew World ) C:\Users\Asus\Downloads\CrystalDiskInfo7_0_5.exe
2017-05-13 14:32 - 2017-05-13 14:34 - 00204496 _____ (Malwarebytes) C:\Users\Asus\Downloads\startuplite-setup-1.07.exe
2017-05-13 14:29 - 2017-05-13 14:31 - 02001544 _____ C:\Users\Asus\Downloads\pc-decrapifier-3.0.1.exe
2017-05-13 14:19 - 2017-05-13 14:19 - 00001131 _____ C:\Users\Asus\Desktop\1.txt
2017-05-13 13:37 - 2017-05-13 13:37 - 00000000 ____D C:\Users\tonda\AppData\Local\CEF
2017-05-13 13:37 - 2017-05-13 13:37 - 00000000 ____D C:\Users\tonda\AppData\Local\ATI
2017-05-13 13:37 - 2017-05-13 13:37 - 00000000 ____D C:\Users\tonda\AppData\Local\AMD
2017-05-13 13:18 - 2017-05-13 13:25 - 04102600 _____ C:\Users\Asus\Downloads\adwcleaner_6.046.exe
2017-05-13 10:00 - 2017-05-13 10:01 - 01225864 _____ (Ruiware) C:\Users\Asus\Downloads\wpsetup.exe
2017-05-13 09:42 - 2017-05-13 09:44 - 00388608 _____ (Trend Micro Inc.) C:\Users\Asus\Desktop\HijackThis.exe
2017-05-06 21:00 - 2017-05-06 21:49 - 731111424 ____R C:\Users\Asus\Desktop\SIROTINEC-CZ-DABING-ddadoo.avi
2017-05-06 21:00 - 2017-05-06 21:00 - 00014542 _____ C:\Users\Asus\Downloads\[CzT]Sirotcinec_El_orfanato_2007_CZ_.torrent
2017-05-06 20:58 - 2017-05-06 21:39 - 1549141506 ____R C:\Users\Asus\Desktop\Prityazhenie.2017.CZ titulky.WEB-DLRip.avi
2017-05-06 20:58 - 2017-05-06 20:58 - 00015265 _____ C:\Users\Asus\Downloads\[CzT]Pritazenije_2017_WebRip_.torrent
2017-05-05 08:03 - 2017-05-05 08:04 - 00000000 ____D C:\Users\tonda\Desktop\A+Anička+Ríša
2017-05-05 08:00 - 2017-05-05 08:02 - 00000000 ____D C:\Users\tonda\Desktop\Montáž na veletrhu v Brně
2017-05-05 07:59 - 2017-05-05 08:00 - 00000000 ____D C:\Users\tonda\Desktop\Panty v Hannoveru
2017-05-05 07:57 - 2017-05-05 07:58 - 00000000 ____D C:\Users\tonda\Desktop\S.Loza divočáci
2017-05-05 07:55 - 2017-05-05 07:55 - 00000000 ____D C:\Users\tonda\Desktop\Angl.kocour v parku
2017-05-05 07:40 - 2017-05-05 07:58 - 00000000 ____D C:\Users\tonda\Desktop\R+Ž+Š+T Vyškovec, Mireček
2017-05-04 15:22 - 2017-05-04 15:22 - 00006292 _____ C:\Users\mamka\Downloads\smime (3).p7s
2017-05-04 06:47 - 2017-05-04 06:47 - 00097627 _____ C:\Users\tonda\Downloads\DOPIS DUCHODCU.pdf
2017-04-30 18:27 - 2017-04-30 18:56 - 00000000 ____D C:\Users\Asus\Desktop\Contratiempo
2017-04-30 18:26 - 2017-04-30 18:26 - 00013689 _____ C:\Users\Asus\Downloads\[CzT]Contratiempo_2016_SPA_720pLQ_.torrent
2017-04-30 13:53 - 2017-04-30 13:53 - 00546199 _____ C:\Users\Asus\Downloads\Unpark-CPU-App.zip
2017-04-30 07:41 - 2017-04-30 07:41 - 00000000 ____D C:\Users\Asus\AppData\Local\AMD
2017-04-29 19:26 - 2017-04-29 19:33 - 342028984 _____ C:\Users\tonda\Downloads\AIO_CDB_NonNet_Full_Win_WW_140_408-4.exe
2017-04-29 17:05 - 2017-04-29 17:05 - 00000000 ____D C:\ProgramData\ATI
2017-04-29 16:56 - 2017-04-29 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-04-29 16:56 - 2017-04-29 16:56 - 00000000 ____D C:\Program Files\ATI Technologies
2017-04-29 16:53 - 2017-04-29 19:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-29 15:55 - 2017-04-29 15:57 - 70362104 _____ (AMD Inc.) C:\Users\Asus\Downloads\radeon-crimson-relive-17.4.4-minimalsetup-170428_web.exe
2017-04-28 15:28 - 2017-04-28 15:28 - 00001561 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
2017-04-28 15:28 - 2017-04-28 15:28 - 00001561 _____ C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
2017-04-28 15:28 - 2017-04-28 15:28 - 00000000 __SHD C:\WINDOWS\ftpcache
2017-04-28 15:27 - 2017-04-28 15:27 - 00000282 _____ C:\WINDOWS\game.ini
2017-04-28 15:27 - 2017-04-28 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-04-28 15:24 - 2017-04-28 15:24 - 00000139 _____ C:\Users\Asus\Downloads\Call-of-Duty-2-cd-key.txt
2017-04-28 11:08 - 2017-05-13 15:35 - 00000000 ____D C:\Users\Asus\Desktop\call of duty 2 cz
2017-04-28 11:08 - 2017-04-28 11:08 - 00029154 _____ C:\Users\Asus\Downloads\[CzT]call_of_duty_2_cz.torrent
2017-04-23 18:59 - 2017-05-13 14:48 - 00000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2017-04-23 18:59 - 2017-04-23 18:59 - 00000000 ____D C:\Users\Asus\AppData\Local\ATI
2017-04-23 18:16 - 2017-04-23 18:16 - 00000000 ____D C:\Users\Asus\AppData\Local\CEF
2017-04-15 20:39 - 2017-04-15 20:39 - 00000000 ____D C:\Users\Asus\Desktop\Text Color Mod 3.0 - BananaGaming

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-15 19:49 - 2016-07-31 17:39 - 00000000 ____D C:\Users\tonda\AppData\Local\Spotify
2017-05-15 16:18 - 2016-01-20 14:18 - 00000000 ____D C:\Users\mamka\AppData\Local\Spotify
2017-05-14 21:07 - 2014-11-13 18:53 - 00000000 ____D C:\Users\mamka\Desktop\Maminka
2017-05-14 21:05 - 2014-11-13 20:54 - 00000000 ____D C:\Users\mamka\Desktop\Ladík
2017-05-14 21:05 - 2014-11-13 20:50 - 00000000 ____D C:\Users\mamka\Desktop\Markétka
2017-05-14 21:04 - 2016-10-01 09:57 - 00000000 ____D C:\Users\mamka\Desktop\fotografie Janička
2017-05-14 21:01 - 2016-04-03 11:50 - 00000000 ____D C:\Users\mamka\Desktop\Maruška narozená1.4.2016
2017-05-14 17:28 - 2015-12-16 21:26 - 02036902 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-14 17:28 - 2015-10-30 20:31 - 00842644 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-14 17:28 - 2015-10-30 20:31 - 00192218 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-14 17:28 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-05-14 17:25 - 2015-07-12 23:19 - 00000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2017-05-14 14:46 - 2016-12-30 19:37 - 00000000 ____D C:\Users\Asus\Desktop\bin
2017-05-14 14:46 - 2016-06-08 20:32 - 00000000 ____D C:\Users\Asus\Desktop\zoek
2017-05-14 14:05 - 2015-12-16 21:27 - 00000000 ____D C:\Users\Asus
2017-05-14 14:00 - 2015-12-16 21:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-14 13:59 - 2015-10-30 08:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2017-05-14 13:56 - 2016-11-20 15:32 - 00000000 ____D C:\zoek_backup
2017-05-14 13:55 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-14 13:38 - 2014-10-08 15:45 - 00000000 ____D C:\programy
2017-05-14 09:22 - 2016-06-08 20:28 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-05-14 07:36 - 2015-02-14 08:27 - 00000000 ____D C:\Users\tonda\AppData\Roaming\Seznam.cz
2017-05-13 16:33 - 2017-01-03 14:37 - 00000000 ____D C:\AdwCleaner
2017-05-13 16:32 - 2017-04-02 15:35 - 00000552 _____ C:\Users\Asus\Desktop\JRT.txt
2017-05-13 15:54 - 2015-10-30 08:28 - 20447232 _____ C:\WINDOWS\system32\config\system.rcbak
2017-05-13 15:54 - 2015-10-30 08:28 - 106692608 _____ C:\WINDOWS\system32\config\software.rcbak
2017-05-13 15:54 - 2015-10-30 08:28 - 01048576 _____ C:\WINDOWS\system32\config\default.rcbak
2017-05-13 15:54 - 2015-10-30 08:28 - 00040960 _____ C:\WINDOWS\system32\config\security.rcbak
2017-05-13 15:36 - 2014-10-26 10:09 - 00000000 ____D C:\Users\tonda\AppData\Roaming\Skype
2017-05-13 15:35 - 2017-03-05 18:12 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Anvsoft
2017-05-13 15:35 - 2014-10-26 10:09 - 00000000 ____D C:\ProgramData\Skype
2017-05-13 15:24 - 2017-02-19 20:09 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-13 15:23 - 2014-12-16 15:43 - 00000000 ____D C:\Users\Asus\AppData\Roaming\TeamViewer
2017-05-13 14:42 - 2015-08-23 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-13 14:38 - 2016-09-21 17:49 - 00000000 ____D C:\Users\Asus\Desktop\atube
2017-05-13 13:31 - 2016-01-13 20:49 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-11 22:01 - 2017-04-04 15:56 - 00000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2017-05-10 21:21 - 2015-12-16 21:27 - 00000000 ____D C:\Users\tonda
2017-05-10 06:59 - 2016-05-10 22:30 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-10 06:59 - 2016-05-10 22:30 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-06 20:48 - 2016-11-16 00:51 - 00000000 ____D C:\Users\Asus\AppData\Roaming\MPC-HC
2017-05-06 16:01 - 2015-12-16 21:27 - 00000000 ____D C:\Users\mamka
2017-05-06 12:21 - 2016-11-26 12:45 - 00000000 ____D C:\Users\mamka\AppData\LocalLow\Mozilla
2017-05-05 07:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-30 21:07 - 2017-01-29 12:32 - 00016220 _____ C:\Users\mamka\Desktop\Hučíková.xlsx
2017-04-29 16:56 - 2016-07-10 20:19 - 00000000 ____D C:\ProgramData\AMD
2017-04-29 16:56 - 2015-12-16 21:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-04-29 16:54 - 2014-10-09 20:40 - 00000000 ____D C:\AMD
2017-04-29 16:41 - 2015-08-09 15:20 - 00000000 ____D C:\Users\Asus\AppData\Roaming\Raptr
2017-04-28 16:17 - 2017-04-04 12:02 - 00000000 ____D C:\Users\tonda\Desktop\Čornyj voron
2017-04-28 15:28 - 2014-11-21 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-28 15:23 - 2014-10-08 15:45 - 00000000 ____D C:\hry
2017-04-23 19:15 - 2014-12-29 17:49 - 00000000 ____D C:\Users\Asus\Desktop\programy
2017-04-23 18:45 - 2015-05-22 16:45 - 00000000 ____D C:\Users\Asus\AppData\Roaming\TS3Client
2017-04-23 15:57 - 2016-10-02 11:16 - 00001016 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-04-23 15:57 - 2016-10-02 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-04-16 00:11 - 2015-07-18 14:14 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-16 00:11 - 2015-07-18 14:14 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-03-27 12:01 - 2016-03-27 12:01 - 0000036 _____ () C:\Users\Asus\AppData\Local\housecall.guid.cache
2015-04-25 22:50 - 2016-01-17 16:44 - 0007597 _____ () C:\Users\Asus\AppData\Local\resmon.resmoncfg
2015-07-05 00:07 - 2015-07-05 00:07 - 0000424 _____ () C:\Users\Asus\AppData\Local\UserProducts.xml
2015-01-14 17:18 - 2015-01-14 17:25 - 0000822 _____ () C:\ProgramData\hpzinstall.log
2016-11-25 13:07 - 2016-11-25 13:07 - 0005085 _____ () C:\ProgramData\oqztiqep.adk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-07 10:56

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Asus (15-05-2017 20:51:14)
Running from C:\Users\Asus\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-16 20:07:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3235370217-647853827-1993747720-500 - Administrator - Disabled)
Asus (S-1-5-21-3235370217-647853827-1993747720-1000 - Administrator - Enabled) => C:\Users\Asus
DefaultAccount (S-1-5-21-3235370217-647853827-1993747720-503 - Limited - Disabled)
Guest (S-1-5-21-3235370217-647853827-1993747720-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3235370217-647853827-1993747720-1003 - Limited - Enabled)
mamka (S-1-5-21-3235370217-647853827-1993747720-1004 - Limited - Enabled) => C:\Users\mamka
tonda (S-1-5-21-3235370217-647853827-1993747720-1005 - Limited - Enabled) => C:\Users\tonda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.08.10 - ASUSTeK)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Any Video Converter Ultimate 5.8.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.08 - ASUSTeK Computer Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avidemux 2.6 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.6 - 32 bits) (Version: 2.6.16.161230 - )
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.70.6309 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.2 - Illustrate)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Eldevin (HKLM-x32\...\Steam App 298160) (Version: - Hunted Cow Studios)
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Free Webcam Recorder (HKLM-x32\...\{EDA2F047-79B6-46E2-8323-28086E1BA51D}) (Version: 1.0.0 - freepicturesolutions)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Freemake Video Converter verze 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 5.44 (HKLM\...\HWiNFO64_is1) (Version: 5.44 - Martin Malík - REALiX)
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Infinite HD™ App (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
K-Lite Codec Pack 12.5.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.5.5 - KLCP)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 cs)) (Version: 44.0.2 - Mozilla)
Mozilla Firefox 53.0.2 (x86 cs) (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Mozilla Firefox 53.0.2 (x86 cs)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.17.5-r119091-release - Plays.tv, LLC)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17362 - Microsoft Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.8-r120085-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.125 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.11 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.11003) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
Seznam Software (HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\SeznamInstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\SeznamInstall) (Version: - Seznam.cz)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Web Plugin (HKLM-x32\...\{F6C18D35-D3EB-4AEA-B266-C2F11B6DB723}) (Version: 7.12.0.55 - Skype Technologies S.A.)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Spotify (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
StartIsBack++ (HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartIsBack) (Version: 1.3.4 - startisback.com)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Kinzu Optical Mouse (HKLM-x32\...\{A03E4302-F387-47F3-8136-6D9D9286CD3B}) (Version: 1.0.10 - Steelseries)
TeamSpeak 3 Client (HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3235370217-647853827-1993747720-1004\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Teoma Shopping App (HKLM-x32\...\{41545533-2D54-5347-00A7-A758B70C2D02}) (Version: 12.45.2.1366 - APN, LLC)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BD422D00-5232-11E3-A6F3-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows 10 Manager (HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\Windows 10 Manager 2.0.0) (Version: 2.0.0 - Yamicsoft)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3235370217-647853827-1993747720-1000_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\Asus\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3235370217-647853827-1993747720-1000_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\Asus\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3235370217-647853827-1993747720-1000_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\Asus\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3235370217-647853827-1993747720-1000_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\Asus\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-3235370217-647853827-1993747720-1000_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\Asus\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04AE4BFC-03F3-4ADA-83C9-1322AB697E98} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0E36ECB6-9A73-4D2E-ACFB-A71DCD8956C0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {11AFA930-31FB-438F-9A04-81759F7D5C76} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {14A38BD7-11F5-4B85-9398-8994F9AE805B} - System32\Tasks\CrystalDiskInfo => C:\programy\CrystalDiskInfo\DiskInfo32.exe [2017-01-01] (Crystal Dew World)
Task: {1576780F-95AA-45CB-9C98-F760DB780894} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {20A08AA5-4F38-4168-8BF8-B4C86E9B7319} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {23B97768-B4C9-4A65-81BB-27B376087B81} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {320B45AF-F90F-4795-B6F1-65D4F5EEA569} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {39B511B2-386D-4751-9D3F-F844FA0BE2FF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3DE20CB4-6B52-4BA0-91B7-13D89D731D54} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-10-02] (Adobe Systems Incorporated)
Task: {3FDEAD94-22A6-42D9-8F6F-57DCB3E0BAE7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {432284CF-A06A-41A3-8844-AAD273FC48E7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {4538F0CF-0548-4A4F-9E1F-5EEA5DAF79DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {5AF71672-7781-4700-B788-B0FB384DE03C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-23] (Advanced Micro Devices, Inc.)
Task: {5CF60F2B-BFA0-4F74-BDF6-915808B14FC4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6AFED47F-9DDF-4D4C-B87B-FC998B8EBF50} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-11-10] ()
Task: {6B3AA419-893A-4726-B8BF-2AF04AF051A3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {725B42DC-5B43-436E-9F2D-54D3C30EF474} - System32\Tasks\ASC Task (One-Time) => C:\programy\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe
Task: {7F970B36-F281-468C-B326-F24FFAFCC25F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-09-09] (Apple Inc.)
Task: {8A12FB0A-B26C-46F2-972E-33F2034F6CDB} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {8CA3F4E5-437A-421D-B783-3F317B4C12FC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {92FBC9AA-985B-4917-AA35-AED93204C109} - System32\Tasks\CCleanerSkipUAC => C:\programy\CCleaner\CCleaner.exe [2015-11-19] (Piriform Ltd)
Task: {94F81392-753B-4C45-9C70-DC9D854CA6CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {999C0CB7-1BFF-4EAD-A752-2379CF420C19} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {9A747908-F027-412F-B4DD-16804A4F1395} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {A2DA39E8-96C6-44A3-A770-D907870577F5} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\programy\ASUS\ASUS Easy Update\ALU.exe [2013-07-04] (ASUSTeK Computer Inc.)
Task: {A4E5DBEE-FB35-49EC-996F-2DB8595B6A52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {A6803C80-8B46-480B-8CE5-2156673528A0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AA021EAA-F285-4CB8-AC42-795172D3CA65} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AAD44C2B-5084-4B73-AE34-1FEC3A0D2F92} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {AED096A1-D500-4742-B38B-C87CD1BCA606} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {B05CE977-074A-43C1-8BAB-A00B0B5402C3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {B3FA1A2D-C1D1-4D1C-9BCA-19AB43A2E6AA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B7EF7EE2-11FC-4893-9429-D7F1EFD6B814} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C2378E98-A733-4138-B031-908EFB8A817F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C25DB559-F440-4383-8BF8-DA7DA9209568} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C8EAE2D5-0FD4-4D1B-BDF0-7D86A0A29557} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {CFFA85F3-7538-4378-BA94-007FB5D7CDD0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DC914CAC-3488-4454-9995-4611B58781FD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E2C539D7-D94F-497D-AC7A-00053AFA8355} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {E7BEF2C4-7BE2-49DC-AC07-CA27C7292667} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-09-18] (Microsoft Corporation)
Task: {ECDCC515-486D-412B-9838-44AA309E2642} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {FE3F9FAA-9492-49BA-A6A9-13314F26692E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-02] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-18 21:00 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-18 21:00 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-07 10:18 - 2016-10-07 10:18 - 00959168 _____ () C:\Users\Asus\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2017-05-14 13:38 - 2017-05-14 13:38 - 00154480 _____ () C:\programy\Zemana AntiMalware\ZAMShellExt64.dll
2015-12-18 16:41 - 2015-12-18 16:41 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-31 17:03 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-09-18 20:59 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-18 20:59 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-18 20:59 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-18 20:59 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-17 14:59 - 2015-12-17 14:59 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-17 14:59 - 2015-12-17 14:59 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-12-17 14:59 - 2015-12-17 15:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-17 12:36 - 2017-03-10 02:13 - 00674592 _____ () C:\hry\Steam\SDL2.dll
2016-08-17 12:36 - 2016-09-01 03:02 - 04969248 _____ () C:\hry\Steam\v8.dll
2016-08-24 19:14 - 2017-04-26 01:55 - 02465056 _____ () C:\hry\Steam\video.dll
2016-08-17 12:36 - 2016-01-27 09:49 - 02549760 _____ () C:\hry\Steam\libavcodec-56.dll
2016-08-17 12:36 - 2016-01-27 09:49 - 00491008 _____ () C:\hry\Steam\libavformat-56.dll
2016-08-17 12:36 - 2016-01-27 09:49 - 00332800 _____ () C:\hry\Steam\libavresample-2.dll
2016-08-17 12:36 - 2016-01-27 09:49 - 00442880 _____ () C:\hry\Steam\libavutil-54.dll
2016-08-17 12:36 - 2016-01-27 09:49 - 00485888 _____ () C:\hry\Steam\libswscale-3.dll
2016-08-17 12:36 - 2016-09-01 03:02 - 01563936 _____ () C:\hry\Steam\icui18n.dll
2016-08-17 12:36 - 2016-09-01 03:02 - 01195296 _____ () C:\hry\Steam\icuuc.dll
2016-08-24 19:14 - 2017-04-26 01:55 - 00848672 _____ () C:\hry\Steam\bin\chromehtml.DLL
2016-08-17 12:36 - 2016-07-05 00:17 - 00266560 _____ () C:\hry\Steam\openvr_api.dll
2016-12-13 08:55 - 2017-01-30 23:41 - 68875552 _____ () C:\hry\Steam\bin\cef\cef.win7\libcef.dll
2016-11-14 16:42 - 2016-03-09 08:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll
2016-11-14 16:42 - 2016-03-09 08:28 - 00133120 _____ () C:\Program Files (x86)\Bluestacks\libEGL.dll
2016-11-14 16:42 - 2016-02-11 15:20 - 03378688 _____ () C:\ProgramData\Bluestacks\BluestacksGameManager\xulrunner-sdk\mozjs.dll
2016-08-17 12:36 - 2015-09-25 01:52 - 00119208 _____ () C:\hry\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdgfxinfo64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdhdl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdlvr64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmiracast.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdmmcl6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl12cl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_as64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdocl_ld64.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdxc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aticfx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidemgy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atidxx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieah64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atieclxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiesrxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimuixx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiuxp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BackgroundTransferHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clinfo.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\coinst_15.20.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DelayAPO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hsa-thunk64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantle64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mantleaxl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MsSpellCheckingFacility.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NlsData0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NlsLexicons0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\prm0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provdatastore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provtool.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StorageUsage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wdfcoinstaller01009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdgfxinfo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdhdl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdlvr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdmmcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl12cl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_as32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdocl_ld32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\amdxc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxx.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiadlxy.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atieah32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\detoured.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dns-sd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hsa-thunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantle32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mantleaxl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsData0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NlsLexicons0009.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\AtihdWT6.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\netaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rt640x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtNdPt630.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtTeam620.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RtVlan620.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SETF880.tmp:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Asus\Downloads\018.-Armin-van-Buuren-feat.-Mr.-Probz---Another-You.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\087.-Milky-Chance---Stolen-Dance.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\118---Joan-Osborne---One-Of-Us.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\12.-(13)-Walk-The-Moon---Shut-Up-And-Dance.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\161.-Anna-Naklab-Feat.-Alle-Farben-&-Younotus---Supergirl.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\23-Marlon-Roudette---When-The-Beat-Drops-Out.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\23-sigala_-_easy_love.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\36-George-Ezra---Budapest.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Adele---Set-fire-to-the-rain.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Axwell-&-Ingrosso---Sun-Is-Shining.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Bruno-Mars---Grenade.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Calvin-Harris---Blame-ft-John-Newman (1).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Charlie-Puth---Marvin-Gaye-ft.-Meghan-Trainor.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Duke-Dumont---Ocean-Drive.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Ed sheren.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Imagine Dragons Monster high pitch mode.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Imagine-Dragons-Night-Visions-Full-Album.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Kryštof---Ty-a-já.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Kygo---Stole-The-Show-feat.-Parson-James.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Martin-Solveig-&-Dragonette----Hello.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Sam Stmith.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Sebastien-feat.-Hagedorn---High-On-You.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Thom-Artway-&-Martin-Harich---i-have-no-inspiration.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\Vance-Joy---Riptide.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\Asus\Downloads\X_Ambassadors_-_Renegades.mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\12516972_10205340214452387_33597296_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\amd-catalyst-15.11beta-64bit-win10-win8.1-win7-nov3.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\mamka\Downloads\amd-catalyst-15.11beta-64bit-win10-win8.1-win7-nov3.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\Kaspersky_T1083629708337251T_ (1).exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\mamka\Downloads\Kaspersky_T1083629708337251T_ (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\Kaspersky_T1083629708337251T_.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\mamka\Downloads\Kaspersky_T1083629708337251T_.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\kss15.0.0.737en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_7694.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\mamka\Downloads\kss15.0.0.737en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_7694.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\mamka\Downloads\vareni_peceni_grilovani_v_parni_troube.pdf:$CmdZnID [26]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\2004search.cc -> 2004search.cc

There are 4768 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-06-09 14:18 - 2017-05-14 13:39 - 00000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\Desktop\4kBTSUxLhUU.jpg
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGSService => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: BstHdUpdaterSvc => 3
MSCONFIG\Services: Device Handle Service => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PlaysService => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: VIAKaraokeService => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "HDAudDeck"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "RunAIShell"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe"
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\StartupApproved\Run: => "Xvid"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A8AD8497-0471-46E4-9028-6C233A1F38A0}] => (Allow) C:\hry\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A7DFBED0-9432-4142-AAC7-4443E7F97AF3}] => (Allow) C:\hry\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113
FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113
FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900
FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869
FirewallRules: [{37E3F20F-DE20-4516-B208-CC46191BDD72}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{891F0BE2-3CF9-4272-A070-3027565FE02A}] => (Allow) C:\programy\Utorrent\utorrent.exe
FirewallRules: [{644D40F9-0480-40F5-9B6A-9D87BF24EFF8}] => (Allow) C:\programy\Utorrent\utorrent.exe
FirewallRules: [{66913AD7-C4F4-4CF7-9A19-393C59FB4AAC}] => (Allow) C:\hry\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{C29006DA-CDE5-4FC1-A2FF-73BC998F8F03}] => (Allow) C:\hry\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [UDP Query User{0BCD50DC-ECA0-49EF-A7E3-6C008DA300F2}C:\programy\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\programy\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{67A8C7DA-236B-4DEF-82CC-25D3920C6372}C:\programy\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\programy\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [{DEC25191-1903-4D39-AC50-57A3569E5E52}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{206A240B-88E1-4D72-94D2-E19A596FDF72}C:\programy\utorrent\utorrent.exe] => (Block) C:\programy\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3F6AF134-ADE0-4456-9F9F-4B2A64E9AB49}C:\programy\utorrent\utorrent.exe] => (Block) C:\programy\utorrent\utorrent.exe
FirewallRules: [{A7511A3B-37FE-4D3D-A160-9FD6779BE933}] => (Allow) C:\hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B4088A31-D0BC-4697-9F68-C2CBC4FFEC48}] => (Allow) C:\hry\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{148C6FE3-5B2C-428B-9DE0-C0110B015AF6}] => (Allow) C:\hry\Steam\Steam.exe
FirewallRules: [{52D95BC9-3D59-44E6-B9BA-848153C4237C}] => (Allow) C:\hry\Steam\Steam.exe
FirewallRules: [{CCF07555-3527-451F-8824-CA84921C15EF}] => (Allow) C:\programy\Mozilla Firefox\firefox.exe
FirewallRules: [{F4F6C57E-8B4D-403E-8E3D-7961E68FB11B}] => (Allow) C:\programy\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{C8EC5E25-843E-4015-8E03-CFD8F179E58B}C:\hry\steam\steam.exe] => (Allow) C:\hry\steam\steam.exe
FirewallRules: [TCP Query User{70438B31-1DDB-40CB-B867-5FC965B0377F}C:\hry\steam\steam.exe] => (Allow) C:\hry\steam\steam.exe
FirewallRules: [TCP Query User{70519BCB-4C30-4C0D-BE03-96A3297A463C}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D72F5E6D-1887-4CFB-BEDE-785FD7757CC3}C:\users\asus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\asus\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DE4DD9DA-627E-4A9D-BE98-CE1717D339D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8535F402-CBB3-4A6D-B6ED-9322DCEA0B9C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6B29C5E-B0A6-47F0-B831-48326B89F38E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6FC497B-385F-48B8-95B8-03D9F82F0A14}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1DBF5497-7A59-4D13-8352-84231ADE6660}] => (Allow) C:\hry\Steam\SteamApps\common\Eldevin\Eldevin.exe
FirewallRules: [{88FE5AD0-4842-45E9-AE12-32654C27360C}] => (Allow) C:\hry\Steam\SteamApps\common\Eldevin\Eldevin.exe
FirewallRules: [{02AE4DE3-55E1-4828-83C8-C6F09DD1C636}] => (Allow) C:\programy\iTunes\iTunes.exe
FirewallRules: [TCP Query User{67C86162-38EC-4253-88D4-E17072409405}C:\programy\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\programy\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{B87BD4F1-D7F9-4FFB-8CFE-B18A2C2585C0}C:\programy\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\programy\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [{71250B65-8C91-4240-B78C-F4E1D807BD0F}] => (Allow) C:\hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{70CCEE0C-B27D-48AB-B467-F4039B2417E1}] => (Allow) C:\hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1DE5D060-2040-4665-A2AE-4F2BE4306351}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C958B8DD-0A3A-45C6-916F-0C0963FA896D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EEC25BFB-C9F0-4412-BF8F-0B69E5CBB270}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C9E854EF-B911-4BD5-A39C-A0455458D36D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{7831351D-13BE-454D-9F35-B5EAA492AB4B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4CD4C766-D41E-4370-8891-D53E84D4946B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{853997E4-47D2-4EB6-9A27-3EF14A7122E3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

==================== Restore Points =========================

28-04-2017 15:21:10 Installed Call of Duty(R) 2
29-04-2017 16:55:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
29-04-2017 16:55:55 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
13-05-2017 10:03:35 Revo Uninstaller's restore point - WinPatrol
13-05-2017 14:45:00 Installed Windows 10 Manager
13-05-2017 14:46:14 Windows 10 Manager v2.0.0 Bod obnovení systému
13-05-2017 16:28:17 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2017 08:50:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:32 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (05/15/2017 08:50:31 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\WINDOWS\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2017 08:50:28 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: Sběr dat čítače výkonu od služby ASP.NET_64_2.0.50727 byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, která vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace.

Error: (05/15/2017 08:50:28 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: Systém Windows nemůže otevřít 64bitovou knihovnu DLL rozšiřitelných čítačů ASP.NET_64_2.0.50727 ve 32bitovém prostředí. Vyžádejte si od prodejce souboru 32bitovou verzi. Popřípadě, používáte-li 64bitové nativní prostředí, můžete 64bitovou knihovnu DLL rozšiřujících čítačů otevřít pomocí 64bitové verze nástroje Sledování výkonu. Jestliže chcete použít tento nástroj, otevřete složku systému Windows, otevřete složku System32 a spusťte program Perfmon.exe.

Error: (05/15/2017 08:45:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-PC)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (05/15/2017 08:46:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_fc8bd8b byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/15/2017 08:45:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\Asus (SID: S-1-5-21-3235370217-647853827-1993747720-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:45:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\Asus (SID: S-1-5-21-3235370217-647853827-1993747720-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:45:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\mamka (SID: S-1-5-21-3235370217-647853827-1993747720-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:45:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\mamka (SID: S-1-5-21-3235370217-647853827-1993747720-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:45:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\Asus (SID: S-1-5-21-3235370217-647853827-1993747720-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:30:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\Asus (SID: S-1-5-21-3235370217-647853827-1993747720-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:30:14 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\mamka (SID: S-1-5-21-3235370217-647853827-1993747720-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:30:13 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\mamka (SID: S-1-5-21-3235370217-647853827-1993747720-1004) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/15/2017 08:30:13 PM) (Source: DCOM) (EventID: 10016) (User: Asus-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Asus-PC\Asus (SID: S-1-5-21-3235370217-647853827-1993747720-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-02-23 18:50:39.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Asus\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-23 18:50:38.832
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\programy\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-02-23 08:12:14.654
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-05 14:45:57.753
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-12-05 14:45:57.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-12-05 14:45:57.724
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-11-27 12:30:15.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-11-27 12:30:15.613
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-11-26 16:36:06.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-11-26 16:36:06.700
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1065T Processor
Percentage of memory in use: 65%
Total physical RAM: 6143.17 MB
Available physical RAM: 2102.77 MB
Total Virtual: 9669.17 MB
Available Virtual: 4997.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:664.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: 809D765E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Odinstaluj zbytky COMODO Internet Security tímto:
http://forums.comodo.com/install-setup- ... #msg511531

Kaspersky :
https://support.kaspersky.com/viruses/kvrt2015

nebo možná lépe pomocí:
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.






odinstaluj:
Java 8 Update 71

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

NEVÍM ALE to Comodo nemuzu vubec najít

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by Asus (16-05-2017 09:25:31) Run:1
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus & mamka (Available Profiles: Asus & mamka & tonda & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {0EC733F4-2E32-485D-8D83-DF92E4075A70} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {29F24384-2DE2-4B62-8CB6-395C31A593FA} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {51CBB84D-6CE7-4D52-8757-84EDE020B080} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {6820DAC3-E77C-48F7-8D6A-0C425B8A3ABD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {8D41ED59-C51D-4A3A-BE1A-3E9EED74A826} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {93423A7C-BD38-4CEE-9F3E-9AD17641E270} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {9803BE6E-922F-4714-8CEA-3CC9D7F15132} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {B730EAE3-CB62-4E41-BF74-B474716F1913} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3235370217-647853827-1993747720-1004 -> {BC8C6ABC-6E8F-4884-A0B5-78B4825B9467} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
FF Plugin HKU\S-1-5-21-3235370217-647853827-1993747720-1004: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Asus\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [No File]
R0 95B456C8; C:\WINDOWS\System32\drivers\95B456C8.sys [478392 2015-11-20] (Kaspersky Lab ZAO)
U0 aswVmm; no ImagePath
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Asus\AppData\Local\housecall.guid.cache
C:\Users\Asus\AppData\Local\resmon.resmoncfg
C:\ProgramData\hpzinstall.log
C:\ProgramData\oqztiqep.adk
Task: {8A12FB0A-B26C-46F2-972E-33F2034F6CDB} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {725B42DC-5B43-436E-9F2D-54D3C30EF474} - System32\Tasks\ASC Task (One-Time) => C:\programy\IObit\Advanced SystemCare\PromoteASCAfterInstall.exe
Task: {3FDEAD94-22A6-42D9-8F6F-57DCB3E0BAE7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {1576780F-95AA-45CB-9C98-F760DB780894} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A4E5DBEE-FB35-49EC-996F-2DB8595B6A52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {AAD44C2B-5084-4B73-AE34-1FEC3A0D2F92} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {ECDCC515-486D-412B-9838-44AA309E2642} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\12don.info -> 12don.info
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\17gamo.com -> 17gamo.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\17webplace.com -> 17webplace.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1autocity.com -> 1autocity.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1ive.net -> 1ive.net
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1traff.us -> 1traff.us
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\1ze.net -> 1ze.net
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\2-antispyware.com -> 2-antispyware.com
IE restricted site: HKU\S-1-5-21-3235370217-647853827-1993747720-1000\...\2004search.cc -> 2004search.cc

There are 4768 more sites.

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0EC733F4-2E32-485D-8D83-DF92E4075A70} => key removed successfully
HKCR\CLSID\{0EC733F4-2E32-485D-8D83-DF92E4075A70} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{29F24384-2DE2-4B62-8CB6-395C31A593FA} => key removed successfully
HKCR\CLSID\{29F24384-2DE2-4B62-8CB6-395C31A593FA} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{51CBB84D-6CE7-4D52-8757-84EDE020B080} => key removed successfully
HKCR\CLSID\{51CBB84D-6CE7-4D52-8757-84EDE020B080} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6820DAC3-E77C-48F7-8D6A-0C425B8A3ABD} => key removed successfully
HKCR\CLSID\{6820DAC3-E77C-48F7-8D6A-0C425B8A3ABD} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D41ED59-C51D-4A3A-BE1A-3E9EED74A826} => key removed successfully
HKCR\CLSID\{8D41ED59-C51D-4A3A-BE1A-3E9EED74A826} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93423A7C-BD38-4CEE-9F3E-9AD17641E270} => key removed successfully
HKCR\CLSID\{93423A7C-BD38-4CEE-9F3E-9AD17641E270} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9803BE6E-922F-4714-8CEA-3CC9D7F15132} => key removed successfully
HKCR\CLSID\{9803BE6E-922F-4714-8CEA-3CC9D7F15132} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B730EAE3-CB62-4E41-BF74-B474716F1913} => key removed successfully
HKCR\CLSID\{B730EAE3-CB62-4E41-BF74-B474716F1913} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC8C6ABC-6E8F-4884-A0B5-78B4825B9467} => key removed successfully
HKCR\CLSID\{BC8C6ABC-6E8F-4884-A0B5-78B4825B9467} => key not found.
HKU\S-1-5-21-3235370217-647853827-1993747720-1004\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0 => key removed successfully
C:\Users\Asus\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll => not found.
95B456C8 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\95B456C8 => key removed successfully
95B456C8 => service removed successfully
HKLM\System\CurrentControlSet\Services\aswVmm => key removed successfully
aswVmm => service removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Asus\AppData\Local\housecall.guid.cache => moved successfully
C:\Users\Asus\AppData\Local\resmon.resmoncfg => moved successfully
C:\ProgramData\hpzinstall.log => moved successfully
C:\ProgramData\oqztiqep.adk => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A12FB0A-B26C-46F2-972E-33F2034F6CDB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A12FB0A-B26C-46F2-972E-33F2034F6CDB} => key removed successfully
C:\WINDOWS\System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{725B42DC-5B43-436E-9F2D-54D3C30EF474} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{725B42DC-5B43-436E-9F2D-54D3C30EF474} => key removed successfully
C:\WINDOWS\System32\Tasks\ASC Task (One-Time) => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC Task (One-Time) => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FDEAD94-22A6-42D9-8F6F-57DCB3E0BAE7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FDEAD94-22A6-42D9-8F6F-57DCB3E0BAE7} => key removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1576780F-95AA-45CB-9C98-F760DB780894} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1576780F-95AA-45CB-9C98-F760DB780894} => key removed successfully
C:\WINDOWS\System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4E5DBEE-FB35-49EC-996F-2DB8595B6A52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4E5DBEE-FB35-49EC-996F-2DB8595B6A52} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAD44C2B-5084-4B73-AE34-1FEC3A0D2F92} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAD44C2B-5084-4B73-AE34-1FEC3A0D2F92} => key removed successfully
C:\WINDOWS\System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ECDCC515-486D-412B-9838-44AA309E2642} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECDCC515-486D-412B-9838-44AA309E2642} => key removed successfully
C:\WINDOWS\System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101hotteens.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123expressview.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12don.info => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17gamo.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17webplace.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1autocity.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ive.net => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1traff.us => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ze.net => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2-antispyware.com => key removed successfully
HKU\S-1-5-21-3235370217-647853827-1993747720-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2004search.cc => key removed successfully
There are 4768 more sites. => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24841843 B
Java, Flash, Steam htmlcache => 401444013 B
Windows/system/drivers => 0 B
Edge => 9728 B
Chrome => 708237016 B
Firefox => 904772 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 13696 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 10558 B
NetworkService => 0 B
Asus => 5470175 B
mamka => 3781151 B
tonda => 570796 B
DefaultAppPool => 0 B

RecycleBin => 1585616763 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:26:03 ====