PC-HELP.CZ

Zoek z nějakého důvodu neproběhl. Zkusil jsem dbakrát a vždycky se na stejném místě "Firefox extensions" zastavil. Jeho okno nešlo zavřít, pořád hlási, že program běží. Spustil jsem tedy Zemana Antimalw.

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.9.17
Operating System : Windows 7 64-bit
Processor : 4X Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
BIOS Mode : Legacy
CUID : 123FE5B4746A413167C667
Scan Type : Skenování systému
Duration : 1m 2s
Scanned Objects : 166579
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

wrc@avast.com
Status : Skenováno
Object : %appdata%\mozilla\firefox\profiles\0ypjyitu.default-1505462904125\extensions\wrc@avast.com.xpi
MD5 : B783F45D3E264115E541989FE1BECDE4
Publisher : -
Size : 706895
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Opravit
Related Objects :
Rozšíření prohlížeče - wrc@avast.com
Soubor - %appdata%\mozilla\firefox\profiles\0ypjyitu.default-1505462904125\extensions\wrc@avast.com.xpi


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:50:10, on 17.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

FIREFOX: 55.0.3 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AIMP3\AIMP3.exe
C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\TREZOR Bridge\trezord.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Users\Tomas\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\mshta.exe
C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
C:\Users\Tomas\AppData\Local\Temp\PEVZ.EXE
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\Tomas\Desktop\pc-help-malw-problem\0_log_HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJBE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-700 Series"
O4 - HKCU\..\Run: [AIMP3] C:\Program Files (x86)\AIMP3\AIMP3.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: TREZOR Bridge.lnk = C:\Program Files (x86)\TREZOR Bridge\trezord.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 13129 bytes

zoek spustit v nouz. režimu.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Jsou nějaké problémy?

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Tomas on ne 17.09.2017 at 21:28:28,96.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Tomas\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2017-09-17-082518.log 3556 bytes
C:\zoek-results2017-09-17-102603.log 2441 bytes
C:\zoek-results2017-09-17-185901.log 2664 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\jetpack deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2017-09-17 16:38:22 8563D6EAB71FB6DDE6EF6A21D325EDF8 17106 ----a-w- C:\Windows\ZAM_Guard.krnl.trace
2017-09-17 16:38:22 05CD0E75FCA0D1D3DE211BB4D21D7942 44487 ----a-w- C:\Windows\ZAM.krnl.trace
2017-09-16 18:57:34 3821A599E06206ADF869FE3962238E7E 684987749 ----a-w- C:\Windows\MEMORY.DMP
====== C:\Users\Tomas\AppData\Local\Temp ====
2017-09-16 20:07:17 E476C3567D767A1D62B2A91F1CED8697 1732864 ----a-w- C:\Users\Tomas\AppData\Local\Temp\dllnt_dump.dll
2017-09-16 19:07:28 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Tomas\AppData\Local\Temp\jrt\nfo\nircmdc.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2017-09-08 20:04:29 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\last.dump
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2017-09-17 16:38:17 21E13F2CB269DEFEAE5E1D09887D47BB 203680 ----a-w- C:\Windows\Sysnative\drivers\zamguard64.sys
2017-09-17 16:38:17 21E13F2CB269DEFEAE5E1D09887D47BB 203680 ----a-w- C:\Windows\Sysnative\drivers\zam64.sys
2017-09-16 20:07:55 0D5A09B08568760AE85A801FCBC0F83D 28272 ----a-w- C:\Windows\Sysnative\drivers\TrueSight.sys
====== C:\Windows\Tasks ======
2017-09-17 16:49:58 6BA9EEA9AAE9D72ED1C54FCDADA8905B 3216 ----a-w- C:\Windows\Sysnative\Tasks\{CBC42554-8394-4B0D-9872-57784349DD85}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2017-09-17 16:38:16 -------- d-----w- C:\PROGRA~2\Zemana AntiMalware
2017-09-16 19:19:51 -------- d-----w- C:\PROGRA~2\Sophos
2017-09-01 14:30:23 -------- d-----w- C:\PROGRA~2\TREZOR Bridge
======= C: =====
2017-09-15 07:16:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
====== C:\Users\Tomas\AppData\Roaming ======
2017-09-17 16:38:17 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Zemana
2017-09-17 16:37:47 -------- d-----w- C:\Users\Tomas\AppData\Local\Zemana
2017-09-16 19:00:00 -------- d-----w- C:\Users\Tomas\AppData\Local\Apple
2017-09-16 18:53:55 -------- d-----w- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-15 19:17:59 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps
2017-09-10 14:16:13 -------- d-----w- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2017-09-01 14:30:29 -------- d-----w- C:\Users\Tomas\AppData\Roaming\TREZOR Bridge
2017-09-01 14:30:24 -------- d-----w- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TREZOR Bridge
====== C:\Users\Tomas ======
2017-09-17 16:38:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-09-17 16:37:25 819104D9E5C269038EC23A7408D47AF4 6625600 ----a-w- C:\Users\Tomas\Desktop\Zemana.AntiMalware.Setup.exe
2017-09-17 16:37:02 819104D9E5C269038EC23A7408D47AF4 6625600 ----a-w- C:\Users\Tomas\Downloads\Zemana.AntiMalware.Setup.exe
2017-09-16 20:07:12 -------- d-----w- C:\ProgramData\RogueKiller
2017-09-16 19:25:15 63D563551761A98B034DBDB305AE9BC4 26685000 ----a-w- C:\Users\Tomas\Downloads\RogueKiller_portable64.exe
2017-09-16 19:24:15 AA1F6EE0F9111DB7038D78F7348BFD73 22313544 ----a-w- C:\Users\Tomas\Downloads\RogueKiller_portable32.exe
2017-09-16 19:20:12 -------- d-----w- C:\ProgramData\Sophos
2017-09-16 19:19:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-09-16 19:18:38 B33A5D3351386D4C13CE5306FC4D06A0 176602304 ----a-w- C:\Users\Tomas\Downloads\Sophos Virus Removal Tool.exe
2017-09-16 19:07:18 E40542C4CC75E658A4615BFEFB308570 1790024 ----a-w- C:\Users\Tomas\Downloads\JRT(1).exe
2017-09-16 19:06:32 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Tomas\Downloads\JRT.exe
2017-09-15 07:16:30 -------- d-----w- C:\Users\Tomas\Start Menu

====== C: exe-files ==
2017-09-17 16:38:16 8888AC05C53B020C0C00F73B0C40C874 1201505 ----a-w- C:\Program Files (x86)\Zemana AntiMalware\unins000.exe
2017-09-17 16:38:16 864FA7B8856FE853D381045771DB30E9 15775888 ----a-w- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
2017-09-17 16:37:25 819104D9E5C269038EC23A7408D47AF4 6625600 ----a-w- C:\Users\Tomas\Desktop\Zemana.AntiMalware.Setup.exe
2017-09-17 16:37:02 819104D9E5C269038EC23A7408D47AF4 6625600 ----a-w- C:\Users\Tomas\Downloads\Zemana.AntiMalware.Setup.exe
2017-09-16 19:25:15 63D563551761A98B034DBDB305AE9BC4 26685000 ----a-w- C:\Users\Tomas\Downloads\RogueKiller_portable64.exe
2017-09-16 19:24:15 AA1F6EE0F9111DB7038D78F7348BFD73 22313544 ----a-w- C:\Users\Tomas\Downloads\RogueKiller_portable32.exe
2017-09-16 19:18:38 B33A5D3351386D4C13CE5306FC4D06A0 176602304 ----a-w- C:\Users\Tomas\Downloads\Sophos Virus Removal Tool.exe
2017-09-16 19:07:28 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Tomas\AppData\Local\Temp\jrt\nfo\nircmdc.exe
2017-09-16 19:07:18 E40542C4CC75E658A4615BFEFB308570 1790024 ----a-w- C:\Users\Tomas\Downloads\JRT(1).exe
2017-09-16 19:06:32 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Tomas\Downloads\JRT.exe
2017-09-16 18:53:53 CA8AF51C4B1822D6C4BFA0F513DC9ECF 49992 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe
2017-09-16 18:53:53 89AC63DE4CD67447983698388C71B7E4 43336 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe
2017-09-16 18:53:53 735629337BA6373C290155227126AF55 3487032 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
2017-09-16 18:53:53 3DD7019611BD5FE8DFAE1E012D6CC4BE 174144 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2017-09-16 18:53:34 C7616F01770FADBB1528D418A71149CB 79015472 ----a-w- C:\Users\Tomas\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\34.4.22\DropboxClient_34.4.22.exe
2017-09-15 19:39:14 821743970DD4E4982418509068816151 7528488 ----a-w- C:\Users\Tomas\Desktop\pc-help-malw-problem\1_ATF-Cleaner.exe
2017-09-15 19:39:14 788FCDDD88240A85039F7F561093B118 448512 ----a-w- C:\Users\Tomas\Desktop\pc-help-malw-problem\2_TFC.exe
2017-09-15 19:39:14 71D88D9664A12A2A08D0AB71F9CBEC19 8182736 ----a-w- C:\Users\Tomas\Desktop\pc-help-malw-problem\3_adwcleaner_7.0.2.1.exe
=== C: other files ==
2017-09-17 18:59:09 906D7ABAB69D081E03EA6BD612B442E0 7811 ----a-w- C:\Users\Tomas\AppData\Local\Temp\xpi\tmp.zip
2017-09-17 17:42:41 6BF9C80582FBB50173B771EF0E77EA5C 14814 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\extensions\setpoint-lt@addon-id.com.xpi
2017-09-17 17:42:40 6BF9C80582FBB50173B771EF0E77EA5C 14814 ----a-w- C:\Users\Tomas\AppData\Local\Temp\tmp-sma.xpi
2017-09-17 16:38:17 21E13F2CB269DEFEAE5E1D09887D47BB 203680 ----a-w- C:\Windows\System32\drivers\zamguard64.sys
2017-09-17 16:38:17 21E13F2CB269DEFEAE5E1D09887D47BB 203680 ----a-w- C:\Windows\System32\drivers\zam64.sys
2017-09-16 20:07:55 0D5A09B08568760AE85A801FCBC0F83D 28272 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2017-09-16 19:04:56 B783F45D3E264115E541989FE1BECDE4 706895 ----a-w- C:\Users\Tomas\AppData\Local\Temp\tmp-d3g.xpi
2017-09-16 18:53:53 FCC89FED34A5FD03B27A2B577A40ACF8 45640 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-stable.sys
2017-09-16 18:53:53 FCC89FED34A5FD03B27A2B577A40ACF8 45640 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-canary.sys
2017-09-16 18:53:53 8ABCBCBD5B649C2D4DC4342B014B2639 35432 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_x86\dbx-dev.sys
2017-09-16 18:53:53 728BE4B36BA453779AEC6459DDDB320B 45672 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-dev.sys
2017-09-16 18:53:53 1E11067A9BC57054D49934496154C751 25476129 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\python-packages.zip
2017-09-16 18:53:53 0A9383A95D3FE631650567C9DFC17E03 35408 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_x86\dbx-stable.sys
2017-09-16 18:53:53 0A9383A95D3FE631650567C9DFC17E03 35408 ----a-w- C:\Users\Tomas\AppData\Roaming\Dropbox\bin\driver_x86\dbx-canary.sys
2017-09-15 21:41:02 CD90D55FC8A2C98B740AB0AB70F656F0 273335 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\extensions\YoutubeDownloader@PeterOlayev.com.xpi
2017-09-15 21:41:00 FF383306727371AA61E6B335526D8D48 2617076 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\extensions\firebug@software.joehewitt.com.xpi
2017-09-15 21:40:57 703B042EB9B53C02D4A0DE9B617DA254 75274 ----a-w- C:\Users\Tomas\AppData\Local\Temp\tmp-67l.xpi
2017-09-15 20:35:19 F4D84EDE07FC20A22993292E221B9B55 692271 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\x8tkh18q.Nepojmenovaný\extensions\wrc@avast.com.xpi
2017-09-15 20:35:19 F4D84EDE07FC20A22993292E221B9B55 692271 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\74nycene.Nepojmenovaný2\extensions\wrc@avast.com.xpi
2017-09-15 20:35:19 C2FD4EA3146542CB721EDC0E63B01CE3 352829 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\x8tkh18q.Nepojmenovaný\extensions\sp@avast.com.xpi
2017-09-15 09:03:16 C9973123FB52567CD5927CFF1122E4C0 395892 ----a-w- C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\extensions\s3google@translator.xpi
2017-09-15 08:08:30 FF383306727371AA61E6B335526D8D48 2617076 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\firebug@software.joehewitt.com.xpi
2017-09-15 08:08:30 C9973123FB52567CD5927CFF1122E4C0 395892 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\s3google@translator.xpi
2017-09-15 08:08:30 6E2421D2C518142057A16C6266FA352A 7713 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi
2017-09-15 08:08:30 1EEB04D1622E318B899C7C1BDBE22965 55943 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\splitpannel@max.max.xpi
2017-09-15 08:08:30 08C40F8C10B90A735C8B5C810E937343 50432 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\cccc5f0d-b9d0-4314-88b5-7e27551f9e84@jetpack.xpi
2017-09-15 08:08:30 02C87DE080936CEFE9E1FFFE7749D59C 272265 ----a-w- C:\Users\Tomas\Desktop\Původní data aplikace Firefox\uvjcwe74.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi
2017-09-15 07:16:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat
2017-09-12 11:31:23 2CC56ADFF9DE12D433792ADC5164AF9E 1733 ----a-w- C:\Users\Tomas\Desktop\kryptoměny\csvfiles\kraken\ledgers.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-495995928-1072377721-2328159315-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJBE.EXE /EPT EPLTarget\P0000000000000001 /M XP-700 Series"
"AIMP3"="C:\Program Files (x86)\AIMP3\AIMP3.exe"
"RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe"
"Spotify Web Helper"="C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
"iCloud"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
"iCloud"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"00PCTFW"="C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe -s"
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJBE.EXE /EPT EPLTarget\P0000000000000001 /M XP-700 Series"
"AIMP3"="C:\Program Files (x86)\AIMP3\AIMP3.exe"
"RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe"
"Spotify Web Helper"="C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"ZAM"="C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ashampoo HDD-Control 2 Guard]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ashampoo HDD-Control 2 Guard"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Ashampoo\\Ashampoo HDD Control 2\\AHDDC2_Guard.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dropbox Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Tomas\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAStorIcon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IAStorIcon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIconLaunch.exe\" \"C:\\Program Files\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe\" 60"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="\"C:\\Windows\\system32\\igfxtray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SDTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Tomas\\AppData\\Roaming\\Spotify\\Spotify.exe\" -autostart -minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Tomas\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotPostWindows10UpgradeReInstall]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpybotPostWindows10UpgradeReInstall"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\AV\\Spybot - Search and Destroy\\Test.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpywareTerminatorShield]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpywareTerminatorShield"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Spyware Terminator\\SpywareTerminatorShield.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDScannerService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDUpdateService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SDWSCService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc]


==== Startup Folders ======================

2017-09-01 14:30:24 1957 ----a-w- C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk
2014-09-19 21:39:06 1361 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-495995928-1072377721-2328159315-1000Core.job --a------ C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21.03.2016 13:48]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-495995928-1072377721-2328159315-1000UA.job --a------ C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21.03.2016 13:48]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Avast Emergency Update" [C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-495995928-1072377721-2328159315-1000Core" [C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-495995928-1072377721-2328159315-1000UA" [C:\Users\Tomas\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe]
"C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1458733796" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
"C:\Windows\SysNative\tasks\SmartShare" [C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe]
"C:\Windows\SysNative\tasks\2BrightSparks\SyncBackFree\Tomas-PC-Tomas\SyncBackFree Tomas-PC_diskG na diskD" [C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [20.09.2014 09:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125
- Super Start - %ProfilePath%\extensions\superstart@enjoyfreeware.org
- FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi
- Logitech SetPoint - %ProfilePath%\extensions\setpoint-lt@addon-id.com.xpi
- 1-Click YouTube Video Downloader - %ProfilePath%\extensions\YoutubeDownloader@PeterOlayev.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125
D6A9BDBDE6AF1238DCC619EFA2FB0844 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]

Google Drive - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast SafePrice - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Google Sheets - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Web Store Payments - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Google Slides - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Avast SafePrice - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Google Sheets - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
TREZOR Password Manager - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imloifkgjagghnncjkhggdhalmcnfklk
TREZOR Extension - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj
Chrome Web Store Payments - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage deleted successfully
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage-journal deleted successfully
C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\gomekmidlodglbbmalcneegieacbdmki deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/?gws_rd=ssl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.cz/?gws_rd=ssl"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{9D2329E5-5709-49A3-9B03-45BAF43F2588} Google Url="https://www.google.com/search?q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo HDD-Control 2 Guard deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Tomas\AppData\Local\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\cache2 emptied successfully
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\storage\default\https+++twitter.com\cache emptied successfully
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\storage\default\https+++www.gdax.com\cache emptied successfully
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\storage\default\https+++www.washingtonpost.com\cache emptied successfully
C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\0ypjyitu.default-1505462904125\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=338 folders=168 54580705 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tomas\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Tomas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 17.09.2017 at 21:38:20,30 ======================

# DelFix v1.013 - Logfile created 17/09/2017 at 21:41:03
# Updated 17/04/2016 by Xplode
# Username : Tomas - TOMAS-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTM
Deleted : C:\RSIT
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2017-09-17-082518.log
Deleted : C:\zoek-results2017-09-17-102603.log
Deleted : C:\zoek-results2017-09-17-185901.log
Deleted : C:\Users\Tomas\Desktop\AdwCleaner[S2].txt
Deleted : C:\Users\Tomas\Desktop\JRT.txt
Deleted : C:\Users\Tomas\Desktop\log1.txt
Deleted : C:\Users\Tomas\Desktop\zoek.exe
Deleted : C:\Users\Tomas\Downloads\JRT(1).exe
Deleted : C:\Users\Tomas\Downloads\JRT.exe
Deleted : C:\Users\Tomas\Downloads\HijackThis.exe
Deleted : C:\Users\Tomas\Downloads\RogueKiller_portable32.exe
Deleted : C:\Users\Tomas\Downloads\RogueKiller_portable64.exe
Deleted : C:\Users\Tomas\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #189 [JRT Pre-Junkware Removal | 09/16/2017 19:14:29]
Deleted : RP #190 [Installed Sophos Virus Removal Tool. | 09/16/2017 19:19:43]
Deleted : RP #191 [zoek.exe restore point | 09/17/2017 08:16:59]
Deleted : RP #192 [Zemana AntiMalware 17.9.2017 18:41:09 | 09/17/2017 16:41:10]

New restore point created !

########## - EOF - ##########

Žádné problémy neregistruju.

Jestli bude podle vás vše v pořádku, rád bych se zeptal na dvě věci. 1) můžete doporučit v současnosti ideální antimalware na ochranu v real. čase? 2) velmi rád bych vám kromě poděkování za pomoc také finančně přispěl...můžete poslat č.ú. kde můžu poslat menší obnos? T.S.

Ideální antimalware a antivir neexistují. Pořadí "nejlepších antivirů" se stále mění , není možno říci , který je nejlepší.
Stačí i nějaký free antivir+ antispyware ( dnes je to v jednoum balíčku) + firewall (pokud není v jednou balíčku.
Občas si může provést kontrolu pomocí Malwarebytes' Anti-Malware.
Můžeš si prohlédnout témata na tento problém v sekci "Viry , antiviry , firewally" , ale určitě bych se tím moc neřídil.
Nejlepší je vyzkoušet sám.

možnost příspěvku --- v podpise mám uvedeno "podpora fóra" , stačí na to kliknout.
Rádci zde radí zdarma.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.