Prosím o kontrolu Logu Vyřešeno

[Dusty123]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:33, on 21.6.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Pavlík\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyWow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pavlík\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Unified Remote V3] "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem23.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12302 bytes

[Reklama]

[Orcus]

Problémy?

Odinstaluj Spy Emergency.

===================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na tlačítko "Logfile" načež se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
- Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:

Aktualizace Malwarebytes' Anti-Malware
Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec

- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[Dusty123]

Omlouvám se za nenapsání problému. Můj problém je, někdy se mi stává, že když zapnu PC, tak se rozjedou jen větráky a musím čekat než PC naběhne(někdy i nenaběhne) nebo musím vyndat baterii z desky, abych restartoval BIOS, a tím se mi PC spustí. Když se mi podaří PC zapnout, tak hned po zapnutí mi ve správce úloh píše, že je disk využit na 100%, takhle to je cca 5 minut někdy i více, a pak už jede normál, tak jak by měl. A nebo se mi taky stane, že když si pustím video na youtube, nebo nějakou hru, tak mi procesor ve sledování výkonu vyletí na 80% což není normální ale jsou také dny, kdy to je i pod 10%. A někdy se taky stane, že při spouštění systému Windows se PC sekne a musím provést restart.
AdwCleaner:

# AdwCleaner v5.200 - Log vytvořen 22/06/2016 v 14:54:01
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-21.2 [Server]
# Operační system : Windows 10 Pro (X64)
# Uživatelské jméno : Pavlík - PÁJA
# Spuštěno z : C:\Users\Pavlík\Desktop\AdwCleaner.exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

Složka Nalezeno : C:\ProgramData\simplitec
Složka Nalezeno : C:\Users\Pavlík\AppData\Local\eSupport.com

***** [ Soubory ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TotalPlusHD-3.1V04.01-bg.exe]
Klíč Nalezeno : HKLM\SOFTWARE\4fb6c3cc-1e17-4097-8a37-c2de151fc160
Klíč Nalezeno : HKLM\SOFTWARE\787e4c24-1c6e-4b26-91c8-9be50d8688c3
Klíč Nalezeno : HKLM\SOFTWARE\e804bd77-e8ff-425f-8dc3-2bc084883208
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Klíč Nalezeno : HKCU\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Nalezeno : HKCU\Software\eSupport.com
Klíč Nalezeno : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Klíč Nalezeno : HKLM\SOFTWARE\simplitec
Klíč Nalezeno : HKU\S-1-5-21-973669212-4249063547-1757659764-1000\Software\eSupport.com

***** [ Prohlížeče ] *****

[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : delta-search.com
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : isearch.omiga-plus.com
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : omiga-plus
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : fxguru-movie-fx-director.en.softonic.com
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : jcdgjdiieiljkfkdcloehkohchhpekkn
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : ogccgbmabaphcakpiclgcnmcnimhokcj
[C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : ppdjnkblmcjfnlogjjhpigpdgpcgdpll

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [5008 bytů] - [22/06/2016 14:54:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5081 bytů] ##########



Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 22.6.2016
Čas skenování: 15:01
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.22.03
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Pavlík

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 376613
Uplynulý čas: 11 min, 57 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 7
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [f20948b71287a492e94799d3808201ff],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [f20948b71287a492e94799d3808201ff],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249B696F-E6EB-47E4-9916-6CF54189D8A9}, , [24d71de24356c57103fcbddce320b947],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574F3-9EE5-4E29-9169-0E17610F3C66}, , [38c39f60d0c9a6902dd0f0a94db6758b],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [6497bb4471282610a6540f8af1128878],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249B696F-E6EB-47E4-9916-6CF54189D8A9}, , [62991be43960b4824eb19affcd36da26],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574F3-9EE5-4E29-9169-0E17610F3C66}, , [966547b8475250e6a954f2a7679cc63a],

Hodnoty registru: 6
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249b696f-e6eb-47e4-9916-6cf54189d8a9}|AppName, TotalPlusHD-3.1V04.01-codedownloader.exe, , [24d71de24356c57103fcbddce320b947]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574f3-9ee5-4e29-9169-0e17610f3c66}|AppName, TotalPlusHD-3.1V04.01-bg.exe, , [38c39f60d0c9a6902dd0f0a94db6758b]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249b696f-e6eb-47e4-9916-6cf54189d8a9}|AppName, TotalPlusHD-3.1V04.01-codedownloader.exe, , [62991be43960b4824eb19affcd36da26]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574f3-9ee5-4e29-9169-0e17610f3c66}|AppName, TotalPlusHD-3.1V04.01-bg.exe, , [966547b8475250e6a954f2a7679cc63a]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|FTdownloader V4.0-bg.exe, 8000, , [51aa738cd3c672c4ef51a0528e75ab55]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|TotalPlusHD-3.1V04.01-bg.exe, 8000, , [3dbedc23257490a6b78936bc56ad6b95]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango, , [92694bb41f7ad561df72ddf7e61cb749],

Soubory: 3
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\cctoolbar.cfg, , [92694bb41f7ad561df72ddf7e61cb749],
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\ldrtbIQma.dll, , [92694bb41f7ad561df72ddf7e61cb749],
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\tbIQma.dll, , [92694bb41f7ad561df72ddf7e61cb749],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Cleaning (Vymazat)“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Dusty123]

# AdwCleaner v5.200 - Log vytvořen 22/06/2016 v 19:46:42
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-22.1 [Server]
# Operační system : Windows 10 Pro (X64)
# Uživatelské jméno : Pavlík - PÁJA
# Spuštěno z : C:\Users\Pavlík\Desktop\AdwCleaner.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\simplitec
[-] Složka Smazáno : C:\Users\Pavlík\AppData\Local\eSupport.com

***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TotalPlusHD-3.1V04.01-bg.exe]
[-] Klíč Smazáno : HKLM\SOFTWARE\4fb6c3cc-1e17-4097-8a37-c2de151fc160
[-] Klíč Smazáno : HKLM\SOFTWARE\787e4c24-1c6e-4b26-91c8-9be50d8688c3
[-] Klíč Smazáno : HKLM\SOFTWARE\e804bd77-e8ff-425f-8dc3-2bc084883208
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
[-] Klíč Smazáno : HKCU\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč Smazáno : HKCU\Software\eSupport.com
[-] Klíč Smazáno : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\simplitec

***** [ Prohlížeče ] *****

[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : delta-search.com
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : isearch.omiga-plus.com
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : omiga-plus
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : fxguru-movie-fx-director.en.softonic.com
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : ogccgbmabaphcakpiclgcnmcnimhokcj
[-] [C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : ppdjnkblmcjfnlogjjhpigpdgpcgdpll

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5207 bytů] - [22/06/2016 19:46:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [5160 bytů] - [22/06/2016 14:54:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [5233 bytů] - [22/06/2016 19:44:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5426 bytů] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Pro x64
Ran by Pavlˇk (Administrator) on st 22.06.2016 at 19:54:49,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Failed to delete: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Pavlˇk\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Pavlˇk\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Pavlˇk) (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\SmartDefrag_Startup (Task)
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-6E168E7E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 22.06.2016 at 19:57:44,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.6.2016
Čas skenování: 20:00
Protokol: malwarebytes.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.22.04
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Pavlík

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 376936
Uplynulý čas: 12 min, 37 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 4
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249B696F-E6EB-47E4-9916-6CF54189D8A9}, Do karantény, [23d9a35cc3d648ee09307e1c62a1748c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574F3-9EE5-4E29-9169-0E17610F3C66}, Do karantény, [807cce310297c571d95ea9f140c3728e],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249B696F-E6EB-47E4-9916-6CF54189D8A9}, Do karantény, [86765ba4a3f6b3831c1ddcbeb251da26],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574F3-9EE5-4E29-9169-0E17610F3C66}, Do karantény, [20dcc33c9405cd696ec93d5db05305fb],

Hodnoty registru: 5
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249b696f-e6eb-47e4-9916-6cf54189d8a9}|AppName, TotalPlusHD-3.1V04.01-codedownloader.exe, Do karantény, [23d9a35cc3d648ee09307e1c62a1748c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574f3-9ee5-4e29-9169-0e17610f3c66}|AppName, TotalPlusHD-3.1V04.01-bg.exe, Do karantény, [807cce310297c571d95ea9f140c3728e]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{249b696f-e6eb-47e4-9916-6cf54189d8a9}|AppName, TotalPlusHD-3.1V04.01-codedownloader.exe, Do karantény, [86765ba4a3f6b3831c1ddcbeb251da26]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{772574f3-9ee5-4e29-9169-0e17610f3c66}|AppName, TotalPlusHD-3.1V04.01-bg.exe, Do karantény, [20dcc33c9405cd696ec93d5db05305fb]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|FTdownloader V4.0-bg.exe, 8000, Do karantény, [b6463dc282171224daa020d28281817f]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango, Do karantény, [a85442bd4653fa3c602b666e8f739d63],

Soubory: 3
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\cctoolbar.cfg, Do karantény, [a85442bd4653fa3c602b666e8f739d63],
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\ldrtbIQma.dll, Do karantény, [a85442bd4653fa3c602b666e8f739d63],
PUP.Optional.ConduitTB.Gen, C:\Users\Pavlík\AppData\LocalLow\IQmango\tbIQma.dll, Do karantény, [a85442bd4653fa3c602b666e8f739d63],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Dusty123]

RogueKiller V12.3.5.0 (x64) [Jun 22 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 64 bits version
Spuštěno : Normální režim
Uživatel : Pavlík [Práva správce]
Started from : C:\Users\Pavlík\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 06/22/2016 20:36:01

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\fjtlaj (System32\drivers\feekptv.sys) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : web/?type=dspp&q={searchTerms} -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : web/?type=dspp&q={searchTerms} -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AADS-00S9B0 ATA Device +++++
--- User ---
[MBR] c69ceb7181c9f1a3ca9963db8a45b278
[BSP] e58659fc15829d2d8df6835c64c84e44 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 101949 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 209000448 | Size: 449 MB
3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 209921355 | Size: 374436 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

[Dusty123]

RogueKiller V12.3.5.0 (x64) [Jun 22 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 64 bits version
Spuštěno : Normální režim
Uživatel : Pavlík [Práva správce]
Started from : C:\Users\Pavlík\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 06/26/2016 18:59:53

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : web/?type=dspp&q={searchTerms} -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... r=iesearch)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : web/?type=dspp&q={searchTerms} -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... r=iesearch)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AADS-00S9B0 ATA Device +++++
--- User ---
[MBR] c69ceb7181c9f1a3ca9963db8a45b278
[BSP] e58659fc15829d2d8df6835c64c84e44 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 101949 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 209000448 | Size: 449 MB
3 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 209921355 | Size: 374436 MB
User = LL1 ... OK
User = LL2 ... OK



Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Pavlˇk on ne 26.06.2016 at 19:03:11,10.
Microsoft Windows 10 Pro 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavlík\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

26.6.2016 19:03:54 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\PAVLK~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Prime95 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} deleted successfully
HKEY_USERS\S-1-5-21-973669212-4249063547-1757659764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\Users\Pavlík\Desktop\4K Video Downloader.lnk not found
"C:\Users\Pavlík\AppData\Local" not found
"C:\Users\Pavlík\AppData\Roaming" not found
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\found.000 deleted
C:\PROGRA~3\Splashtop deleted
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [22.06.2016 16:49]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [22.06.2016 16:49]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Soluto deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=72 folders=66 142900757 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PAVLK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 26.06.2016 at 19:24:05,36 ======================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:09, on 26.6.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Pavlík\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Pavlík\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Unified Remote V3] "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem23.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11302 bytes

Po zapnutí PC mi disk ukazuje 100% tak 2 minuty, a pak je to v pořádku, a pořád mi nejde zapínat PC. Při vypínání PC se provádí aktualizace a při zapnutí PC mi to napíše aktualizace se nepodařilo dokončit.

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Dusty123]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Pavlík (administrator) on PÁJA (29-06-2016 20:00:03)
Running from C:\Users\Pavlík\Desktop
Loaded Profiles: Pavlík & DefaultAppPool (Available Profiles: Pavlík & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.424_none_767fbf7a263fc7d3\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8897712 2016-06-22] (AVAST Software)
HKLM-x32\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4310224 2015-07-25] (Unified Intents AB)
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\RunOnce: [Uninstall C:\Users\Pavl�k\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-22] (AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6a5ff8ae-b395-4f9b-bbb4-49c4626a91cd}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {bf5e07d7-3adb-41d8-a379-be976a83fe60} - No File
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-973669212-4249063547-1757659764-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-973669212-4249063547-1757659764-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-973669212-4249063547-1757659764-1000 -> hxxp://www.seznam.cz/

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-10-30] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @spoon.net/Spoon Plugin 3.33 -> C:\Program Files (x86)\Spoon\3.33.8.488\npMozillaSpoonPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-973669212-4249063547-1757659764-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pavlík\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-973669212-4249063547-1757659764-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-22]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-22]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\gcswf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll => No File
CHR Plugin: (Unity Player) - C:\Users\Pavlík\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Profile: C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AC/DC) - C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdhieelnnodbhbfhgdjcjfjipgknbpbc [2016-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavlík\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-22] (AVAST Software)
S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-08] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [33240 2016-03-07] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [13848 2016-02-08] (Advanced Micro Devices Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-22] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-22] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-28] ()
R3 CamSuiteVAC; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [56320 2008-09-18] ()
S3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2016-04-18] (GenesysLogic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-13] (REALiX(tm))
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-22] (ASUSTeK Computer Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-28] ()
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-02 19:25 - 2016-08-02 19:25 - 00000000 ____D C:\Users\Pavlík\AppData\Local\PeerDistRepub
2016-06-29 20:00 - 2016-06-29 20:01 - 00020945 _____ C:\Users\Pavlík\Desktop\FRST.txt
2016-06-29 19:59 - 2016-06-29 20:00 - 00000000 ____D C:\FRST
2016-06-29 19:58 - 2016-06-29 19:59 - 02390016 _____ (Farbar) C:\Users\Pavlík\Desktop\FRST64.exe
2016-06-26 20:19 - 2016-06-26 20:19 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11
2016-06-26 20:18 - 2016-06-26 20:18 - 19713536 _____ (Luis Cobian, CobianSoft) C:\Users\Pavlík\Desktop\cbSetup.exe
2016-06-26 19:18 - 2016-06-26 19:03 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-06-26 19:01 - 2016-06-26 19:16 - 00000000 ____D C:\zoek_backup
2016-06-26 19:01 - 2016-06-26 19:01 - 01309184 _____ C:\Users\Pavlík\Desktop\zoek.exe
2016-06-26 18:28 - 2016-06-26 18:28 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\ProductData
2016-06-22 20:15 - 2016-06-22 20:15 - 00003442 _____ C:\Users\Pavlík\Desktop\malwarebytes.txt
2016-06-22 19:57 - 2016-06-22 19:57 - 00001338 _____ C:\Users\Pavlík\Desktop\JRT.txt
2016-06-22 19:42 - 2016-06-22 20:17 - 24205896 _____ C:\Users\Pavlík\Desktop\RogueKillerX64.exe
2016-06-22 19:42 - 2016-06-22 19:54 - 01610816 _____ (Malwarebytes) C:\Users\Pavlík\Desktop\JRT.exe
2016-06-22 16:49 - 2016-06-22 16:49 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-06-22 16:49 - 2016-06-22 16:49 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-06-22 14:59 - 2016-06-22 20:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-22 14:58 - 2016-06-22 14:58 - 00001171 _____ C:\Users\Pavlík\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-22 14:58 - 2016-06-22 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-22 14:58 - 2016-06-22 14:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-22 14:58 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-22 14:58 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-22 14:58 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-22 14:53 - 2016-06-22 19:46 - 00000000 ____D C:\AdwCleaner
2016-06-22 14:31 - 2016-06-22 14:53 - 03703360 _____ C:\Users\Pavlík\Desktop\AdwCleaner.exe
2016-06-22 14:29 - 2016-06-26 19:27 - 00000000 ____D C:\Users\Pavlík\Desktop\Řešení PC
2016-06-21 20:46 - 2016-06-21 20:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pavlík\Desktop\HijackThis.exe
2016-06-20 17:34 - 2016-06-20 17:43 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-06-20 17:34 - 2016-06-20 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-06-20 03:00 - 2015-03-09 11:26 - 00019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2016-06-20 03:00 - 2011-04-21 10:31 - 00017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
2016-06-19 19:32 - 2016-06-22 17:13 - 00003998 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1466361148
2016-06-19 19:32 - 2016-06-22 17:13 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-19 19:32 - 2016-06-22 16:49 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-06-19 19:30 - 2016-06-19 19:30 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-06-19 19:30 - 2016-06-19 19:30 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\AVAST Software
2016-06-19 19:29 - 2016-06-22 16:50 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-06-19 19:29 - 2016-06-22 16:49 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-06-19 19:29 - 2016-06-22 16:49 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-06-19 19:28 - 2016-06-19 19:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-19 19:03 - 2016-06-19 19:05 - 00000000 ____D C:\Users\Pavlík\Documents\KB
2016-06-16 19:22 - 2016-06-16 19:37 - 28645816 _____ (Rockstar Games.) C:\Users\Pavlík\Desktop\GTA_V_Launcher_Upgrade_1_0_757_4.exe
2016-06-16 17:06 - 2016-06-16 17:08 - 00000038 _____ C:\Users\Pavlík\Desktop\GTA login.txt
2016-06-15 18:35 - 2016-06-16 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dishonored
2016-06-12 19:56 - 2015-10-30 08:17 - 00001168 _____ C:\Users\Pavlík\Desktop\Event Viewer.lnk
2016-06-11 15:38 - 2015-10-30 08:17 - 00001104 _____ C:\Users\Pavlík\Desktop\Performance Monitor.lnk
2016-06-11 12:07 - 2016-06-11 12:07 - 00000000 ____D C:\Users\Pavlík\Desktop\gta
2016-06-11 11:31 - 2016-06-03 04:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-11 11:31 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-11 11:31 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-11 11:31 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-11 11:31 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-11 11:26 - 2016-06-03 08:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 01581624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-06-11 11:26 - 2016-06-03 08:22 - 00000594 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-06-11 11:26 - 2016-06-03 08:22 - 00000594 _____ C:\WINDOWS\system32\nv-vk64.json
2016-06-11 11:04 - 2016-04-14 06:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-06-11 11:04 - 2016-04-14 06:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-06-11 10:25 - 2016-06-20 17:37 - 00000000 ____D C:\Users\Pavlík\Desktop\Ccleaner zaloha registru
2016-06-11 10:22 - 2016-06-11 10:22 - 00002850 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-06-11 10:22 - 2016-06-11 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-11 10:22 - 2016-06-11 10:22 - 00000000 ____D C:\Program Files\CCleaner
2016-06-09 16:13 - 2016-06-09 16:13 - 00000110 ____H C:\Users\Pavlík\Desktop\20160603_182440.jpg.uid-zps
2016-06-09 16:06 - 2016-06-11 18:12 - 00000000 ____D C:\Users\Pavlík\Desktop\Metalfest 2016
2016-05-30 18:05 - 2016-05-30 18:05 - 00000000 ____D C:\Users\Pavlík\AppData\LocalLow\SKS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-02 19:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-06-29 19:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-29 19:56 - 2015-12-04 19:39 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12ec313e81ef3.job
2016-06-29 19:54 - 2015-12-04 19:39 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12ec313522842.job
2016-06-26 21:48 - 2016-02-07 18:39 - 00000000 ____D C:\Users\Pavlík
2016-06-26 21:48 - 2011-03-19 15:50 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\uTorrent
2016-06-26 21:40 - 2011-03-19 20:27 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\Skype
2016-06-26 21:30 - 2016-03-29 10:01 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-26 21:21 - 2015-12-29 21:13 - 00000000 ___RD C:\Users\Pavlík\Desktop\Ikony
2016-06-26 21:19 - 2016-02-23 20:43 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-26 21:03 - 2016-02-07 18:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-26 21:03 - 2016-02-07 18:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-26 21:03 - 2015-01-06 17:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-26 21:03 - 2015-01-06 17:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-26 20:50 - 2016-03-11 16:08 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\foobar2000
2016-06-26 19:48 - 2015-01-06 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-26 19:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-26 19:20 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-06-26 19:04 - 2015-03-01 19:12 - 00000000 ____D C:\Users\Pavlík\AppData\Local\CrashDumps
2016-06-26 18:59 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-26 18:35 - 2015-02-08 14:23 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-06-26 18:32 - 2016-02-07 18:38 - 02074416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-26 18:32 - 2015-10-30 19:31 - 00855370 _____ C:\WINDOWS\system32\perfh005.dat
2016-06-26 18:32 - 2015-10-30 19:31 - 00198598 _____ C:\WINDOWS\system32\perfc005.dat
2016-06-26 18:32 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-26 18:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\registration
2016-06-22 20:41 - 2015-02-08 14:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-22 19:56 - 2011-12-31 10:12 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\IObit
2016-06-22 19:56 - 2011-12-31 10:06 - 00000000 ____D C:\ProgramData\IObit
2016-06-19 21:18 - 2011-03-07 20:38 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\Adobe
2016-06-19 19:32 - 2013-12-14 15:23 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-19 19:00 - 2015-12-19 11:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-19 19:00 - 2011-03-19 20:27 - 00000000 ____D C:\ProgramData\Skype
2016-06-19 18:56 - 2015-07-31 09:24 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 19:23 - 2015-04-18 19:23 - 00000000 ____D C:\Program Files\Rockstar Games
2016-06-16 19:23 - 2014-05-25 12:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-16 17:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-16 17:34 - 2016-03-03 16:24 - 00000000 ___RD C:\Users\Pavlík\Virtual Machines
2016-06-16 17:34 - 2016-02-07 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 17:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SystemResources
2016-06-16 17:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Globalization
2016-06-16 17:34 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-16 17:34 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2016-06-16 17:34 - 2013-08-14 19:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-16 17:25 - 2015-06-02 18:14 - 00000000 ____D C:\ProgramData\Socialclub
2016-06-16 17:25 - 2011-03-07 20:46 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-16 17:23 - 2015-05-19 16:32 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-16 16:56 - 2016-03-12 12:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 19:56 - 2014-11-09 17:12 - 00007601 _____ C:\Users\Pavlík\AppData\Local\Resmon.ResmonCfg
2016-06-12 18:51 - 2011-03-18 16:44 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\vlc
2016-06-12 16:02 - 2015-09-13 14:06 - 00000000 ____D C:\Users\Pavlík\Documents\Počítač
2016-06-11 21:33 - 2011-11-27 19:35 - 00000000 ____D C:\Users\Pavlík\Documents\My Games
2016-06-11 17:03 - 2016-02-10 17:43 - 00000000 ____D C:\Users\Pavlík\Desktop\PC
2016-06-11 12:10 - 2016-02-07 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-06-11 11:32 - 2016-02-07 18:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-11 11:32 - 2015-08-27 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-11 11:31 - 2016-03-12 12:35 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-11 11:20 - 2016-02-07 18:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-11 11:20 - 2015-08-27 09:28 - 00000000 ____D C:\Users\Pavlík\AppData\Local\NVIDIA
2016-06-11 11:06 - 2015-12-08 16:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-11 11:00 - 2016-04-15 14:12 - 00000000 ____D C:\ProgramData\VSO
2016-06-11 10:47 - 2015-11-22 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-10 18:09 - 2016-03-06 21:05 - 00000000 ____D C:\Users\Pavlík\AppData\Roaming\AIMP
2016-06-10 18:09 - 2016-03-06 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2016-06-10 18:09 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\ShellNew
2016-06-10 18:09 - 2015-10-30 19:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\security
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-10 18:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-06-10 18:09 - 2015-01-13 17:09 - 00000000 ____D C:\Users\Pavlík\AppData\LocalLow\IObit
2016-06-10 18:08 - 2016-02-07 18:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-10 18:08 - 2014-08-16 10:01 - 00000000 ____D C:\Program Files (x86)\AIMP3
2016-06-04 01:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 08:22 - 2016-03-12 12:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 08:22 - 2016-02-07 15:16 - 00141256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-06-03 08:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 08:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 04:59 - 2016-02-07 18:35 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 04:59 - 2016-02-07 18:35 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 04:59 - 2016-02-07 18:35 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 04:59 - 2016-02-07 18:35 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 04:59 - 2016-02-07 18:35 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 04:59 - 2016-02-07 18:35 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 04:59 - 2016-02-07 18:35 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 04:59 - 2015-12-30 14:11 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 04:59 - 2015-12-30 14:11 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories =======

2012-07-01 14:44 - 2008-10-27 11:51 - 1146394 _____ () C:\Program Files (x86)\faudio.viv
2012-07-01 14:44 - 2008-10-27 11:52 - 3852367 _____ () C:\Program Files (x86)\gaudio.viv
2011-05-07 18:27 - 2011-11-16 16:29 - 0000069 _____ () C:\Users\Pavlík\AppData\Roaming\default.pls
2016-04-15 14:12 - 2016-04-15 14:12 - 0099384 _____ () C:\Users\Pavlík\AppData\Roaming\inst.exe
2014-09-01 09:18 - 2016-02-06 18:42 - 0000365 _____ () C:\Users\Pavlík\AppData\Roaming\MZGLBOK
2016-04-15 14:12 - 2016-04-15 14:12 - 0007859 _____ () C:\Users\Pavlík\AppData\Roaming\pcouffin.cat
2016-04-15 14:12 - 2016-04-15 14:12 - 0001167 _____ () C:\Users\Pavlík\AppData\Roaming\pcouffin.inf
2016-04-15 14:12 - 2016-04-15 14:12 - 0000055 _____ () C:\Users\Pavlík\AppData\Roaming\pcouffin.log
2016-04-15 14:12 - 2016-04-15 14:12 - 0082816 _____ (VSO Software) C:\Users\Pavlík\AppData\Roaming\pcouffin.sys
2014-08-16 12:02 - 2014-08-16 12:05 - 0004608 _____ () C:\Users\Pavlík\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-05 16:57 - 2014-07-05 16:57 - 0000094 _____ () C:\Users\Pavlík\AppData\Local\fusioncache.dat
2016-01-20 20:41 - 2016-01-20 20:41 - 0000410 _____ () C:\Users\Pavlík\AppData\Local\LMIR0001.tmp.bat
2016-01-20 20:41 - 2016-01-20 20:41 - 0000335 _____ () C:\Users\Pavlík\AppData\Local\LMIR0001.tmp_r.bat
2014-11-09 17:12 - 2016-06-12 19:56 - 0007601 _____ () C:\Users\Pavlík\AppData\Local\Resmon.ResmonCfg
2011-03-10 19:56 - 2011-03-11 21:09 - 0035402 _____ () C:\Users\Pavlík\AppData\Local\SRDownloader.err
2011-03-10 19:56 - 2011-03-11 21:09 - 0000896 _____ () C:\Users\Pavlík\AppData\Local\SRDownloader.nast
2015-02-07 11:31 - 2015-02-20 21:30 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-06 19:59

==================== End of FRST.txt ============================

[Dusty123]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Pavlík (2016-06-29 20:01:29)
Running from C:\Users\Pavlík\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-07 18:30:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-973669212-4249063547-1757659764-500 - Administrator - Disabled)
ASPNET (S-1-5-21-973669212-4249063547-1757659764-1050 - Limited - Enabled)
DefaultAccount (S-1-5-21-973669212-4249063547-1757659764-503 - Limited - Disabled)
Guest (S-1-5-21-973669212-4249063547-1757659764-501 - Limited - Disabled)
Pavlík (S-1-5-21-973669212-4249063547-1757659764-1000 - Administrator - Enabled) => C:\Users\Pavlík

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.0.2050 - Open Media LLC)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.00.1697, 22.02.2016 - AIMP DevTeam)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ashampoo Burning Studio 16 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.6 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.01 - Ubisoft)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Atf Profi (HKLM-x32\...\Atf) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Atheros Communications Inc.)
Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.7 - Atheros Communications Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.02.0005 - Bloody)
Box Sync (x32 Version: 4.0.6073.0 - Box Inc.) Hidden
Brothers In Arms (HKLM-x32\...\BrothersInArms) (Version: - Ubisoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrazyTalk Cam Suite PRO (HKLM-x32\...\{D1504C77-1B19-4AF0-8DEC-946666123B55}) (Version: 3.0 - Reallusion)
CrystalDiskInfo 6.8.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.0 - Crystal Dew World)
Český jazyk - Přijímací zkoušky na střední školy (HKLM-x32\...\Český jazyk - Přijímací zkoušky na střední školy) (Version: - )
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.3 - Illustrate)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Eines de correcció del Microsoft Office 2016: català (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Far Cry 4 Complete Edition version 1.0.0 (HKLM-x32\...\Far Cry 4 Complete Edition_is1) (Version: 1.0.0 - Ubisoft)
Ferramentas de Verificação do Microsoft Office 2016 - Português (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
GK-862 Driver (HKLM-x32\...\{68F65E0D-F894-4F5A-B9E9-F3CAB29FB59A}) (Version: 1.0 - EVOLVEO)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Korrekturredskaber til Microsoft Office 2016 - Dansk (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Matik 6-9 (HKLM-x32\...\{2DF8D09C-7D3C-4164-96DF-08EBF6E881C2}) (Version: 1.00.0000 - Matik Liberec)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1. (Version: - )
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5915 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenIV (HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\OpenIV) (Version: 2.6.4.642 - .black/OpenIV Team)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.86 - ASUSTeK Computer Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RadioSure (HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\RadioSure) (Version: - )
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.5 - Rockstar Games)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
The Walking Dead Michonne Episode 1 (HKLM-x32\...\The Walking Dead Michonne Episode 1_is1) (Version: - )
Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version: - )
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Uirlisí Profála Microsoft Office 2016 - Gaeilge (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.8 - Unified Intents AB)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PRJPRO_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Utility (x32 Version: 2.00.000 - ASUSTek) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.29 - VSO Software)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - XviD Development Team)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.9 - ZONER software)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-973669212-4249063547-1757659764-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Pavlík\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023C31C8-39AE-41C8-8B89-1A455E7F66E6} - System32\Tasks\{C2135729-3814-4618-805F-EBB231F1BB8B} => D:\hry\ruzne\SHADE.EXE
Task: {05CA1E25-8844-4E44-B789-66FC31D0FB19} - System32\Tasks\{9F1847FB-4073-4C72-B2E8-83299C978DC1} => D:\hry\Mafia\Game.exe
Task: {073A23F5-C97B-48E5-84F7-2C05C26F6193} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e0ff96df857c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {0F5F97A5-CAED-49CD-93AF-54D8D29C8543} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {1238A049-7DDA-4601-9B5C-D5450213F3C4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {129FC28A-067F-4D43-BDB7-2973F4867E9F} - System32\Tasks\{28477946-E7A4-4DDF-860D-37C498CCD421} => pcalua.exe -a "D:\hry\Half-Life 2 Episode One\uninstall.exe"
Task: {1384BE16-6DE6-440B-A9AB-1FC6E7A92794} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {13BE9BCD-E4D5-47FC-98AB-FBFB1A1FBCDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {18690D0D-9DAE-431F-9554-4D1DBAC7093B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {18CE25D0-46CF-40B2-A2F0-7089B910605A} - System32\Tasks\{7B9A1206-B76C-4BB3-9DAD-C87CCAC2D074} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {19920438-178B-4355-9D99-34AC58292DB9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1D54D08E-8FEC-4307-9BEE-C612424C9611} - System32\Tasks\{ECD3AE43-1C1C-4E72-9A4E-E7D1F976848D} => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
Task: {1E7F4C09-A35B-4CB3-9A33-62F58CA31052} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {1FEA3613-6DDE-4037-AEA7-353CD142B440} - \avastBCLRestartS-1-5-21-973669212-4249063547-1757659764-1000 -> No File <==== ATTENTION
Task: {24653294-CFB5-44FC-A035-1C244F3CFF43} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2AA6BFD6-494C-4233-AC6F-9D3BE4090BA6} - System32\Tasks\{59A6A966-6C7F-4071-87D2-92D5A3E491CE} => pcalua.exe -a C:\Users\Pavlík\Desktop\PrinceOfPersiaSetup\PrinceOfPersiaSetup.exe -d C:\Users\Pavlík\Desktop\PrinceOfPersiaSetup
Task: {2D9DB2C9-2995-42DE-9B61-12BF46D5DC80} - System32\Tasks\{83F7A76A-2D66-4166-B20F-FF6576EC52CE} => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
Task: {30510933-AD18-41ED-988E-5EF5494539EC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {33297E6C-6576-4C80-8F65-B75036396D21} - System32\Tasks\{A3BB4246-BC5C-4C7D-AC92-DBF0307CADE6} => C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
Task: {34475617-5AFF-437F-BA06-99B5407538D0} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {34481CCE-C27C-4C96-810B-86036440F28D} - System32\Tasks\GoogleUpdateTaskMachineCore1d12ec313522842 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {34BFF6B2-D45F-44E4-850F-3D8578C8054B} - System32\Tasks\{9E286EFE-2820-4D8A-B6B9-8ECBB11A4EC8} => pcalua.exe -a "C:\Program Files (x86)\Half Life 2\uninstall.exe"
Task: {3651F9D3-6029-4A39-A0E8-C7076A1152A8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3C4E6D7E-C706-4F47-8830-D7D96AA5C774} - System32\Tasks\{959366FE-CC32-4878-9EFD-1B9907AFAB2E} => pcalua.exe -a D:\install.exe -d D:\
Task: {3E97C528-4BF0-4EFF-A62E-54FD838AFAF1} - System32\Tasks\{C319F818-625B-4A3F-AE93-662CDF8610BB} => pcalua.exe -a D:\torent\FIFA.13.INTERNAL-RELOADED\rld-fifa13\Installer.exe -d D:\torent\FIFA.13.INTERNAL-RELOADED\rld-fifa13
Task: {3F36FCFA-F6B4-4D50-8D18-EC9303DCDCCC} - System32\Tasks\GoogleUpdateTaskMachineUA1cf984be7721265 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {3F3FD998-35B7-4E6C-A1DE-5677F9574B96} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {44C986CF-2E8F-4A61-8410-81201143367B} - System32\Tasks\{2BD8E989-77ED-4C33-9733-8913145754E8} => C:\Program Files (x86)\2K Games\Mafia II\pc\mafia2.exe
Task: {4A92F00C-6D68-4415-BA98-B9E3ADCAAC8B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4B32930B-7F22-4B93-BA41-BC5E0CB5507D} - System32\Tasks\{7CF3C536-1FF4-4584-9F6D-84DA57325A23} => pcalua.exe -a C:\Windows\ATInstall.exe
Task: {528423C5-9C21-4EE7-98DE-C3701BB131F8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {55B3289B-2A39-4CAF-9248-B081ACA16AFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {58AE97D4-7C83-4ADF-BD7B-AE4505504729} - System32\Tasks\Opera scheduled Autoupdate 1441453180 => C:\Program Files (x86)\Opera\launcher.exe
Task: {5992B912-F919-47A6-87DC-B0716E857A8E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {61CBC2AD-4758-4965-B2BE-ED8AE1106927} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6A9417DA-D460-427E-971B-94A5B3DBD807} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e0ff96253372 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {7073B184-184E-427A-AAD0-7E5BD753B4CF} - System32\Tasks\{648F9452-FE61-421D-BFAF-132E73484264} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Task: {7088B9BB-E703-45C5-99B7-627C31281CC4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {73754CE9-D730-422E-91BD-983B2092F5D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {7A699DBC-E4A5-429A-ADE6-5275BB5241ED} - System32\Tasks\{1F59C3C6-34F2-4E60-9AE4-AE8FC8D62B88} => pcalua.exe -a E:\FUEL.part01.exe -d E:\
Task: {7DCE50EF-5EA2-40E5-9A96-D1C2C4011CC0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {86484E9A-D40B-48FB-AC3C-50A1F5A02A1B} - System32\Tasks\{CD31CCD7-E788-4BD4-B5EC-7FE31DC24829} => pcalua.exe -a E:\setup\rsrc\Autorun.exe -d E:\
Task: {8AA860DE-2067-4204-8438-6624436C6397} - System32\Tasks\AdobeAAMUpdater-1.0-PÁJA-Pavlík => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-01-21] (Adobe Systems Incorporated)
Task: {90F19474-813B-4A86-A39B-067127EB643D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {90FAA3C6-4F24-4B6B-9E9A-FE5B28FE9841} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-29] (Adobe Systems Incorporated)
Task: {92402F5C-AD83-4E56-BD55-EA8EDE05D3F5} - System32\Tasks\SafeZone scheduled Autoupdate 1466361148 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {9E2FFB78-3646-4137-A128-8523F90689A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {A0A438E1-333A-4CD6-ABD1-881CD1C65178} - System32\Tasks\{66BADD94-D3FF-41F3-BEC2-A72B54917B5F} => pcalua.exe -a C:\Users\Pavlík\Downloads\openal32.dll-instalace-!\oalinst.exe -d C:\Users\Pavlík\Downloads\openal32.dll-instalace-!
Task: {A56765B9-45D2-47FC-A7FE-BDC99D463F18} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A8779A15-23D6-406A-94F5-C73B6B9C2B34} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A889351A-8FED-49A1-9F90-F8809D3E9C34} - System32\Tasks\{708CE6BF-AE67-40D1-BD1C-D384343F1665} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} /l2057
Task: {AD4E63B5-6C08-4D71-9F7B-9D83795F6AB1} - System32\Tasks\{0BFE5746-A591-482C-8DCB-743EA862D5ED} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-06-15] (Skype Technologies S.A.)
Task: {B274DE50-0FF3-468B-8824-8EE9B308EF02} - System32\Tasks\{0BFCB074-18A7-497A-8543-D12A1176EA19} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {B833E21D-AE57-4286-A6E8-86F4AF702B96} - System32\Tasks\{F55225DC-8A05-4B39-ABE5-7C4191E280C2} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {BA3437C7-4094-4073-AAFB-C08DE8660981} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C2E3DC1A-4C49-4756-A942-63C9528CA950} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C750991E-1876-44DB-A7A6-83D432263B19} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {C947877A-37D8-433E-91B5-2563ED025E76} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CAB2D2FD-8231-4A10-B66E-86A3C2E3F22F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {CE043D28-D2C6-4DED-8840-533FC889E71C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CF49B77E-269B-416B-B5DC-5C96F84C2501} - System32\Tasks\GoogleUpdateTaskMachineUA1d12ec313e81ef3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {D0208135-0243-4B4D-B57D-B1968575D487} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {D128E0AF-B18C-4B4D-B57E-8D034579778B} - System32\Tasks\{71556068-A023-4644-BB20-6B5907CB3F42} => pcalua.exe -a "F:\PC-GAME-Spiderman-2-cz\PC GAME Spiderman 2 cz\setup.exe" -d "F:\PC-GAME-Spiderman-2-cz\PC GAME Spiderman 2 cz"
Task: {D8EB7904-A8BA-4C95-8AC2-0412DF8732A3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DD0549B7-9B0A-4CD7-A4EB-742FA6602B4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {DF03452A-C81C-4500-9E2F-03BE3D864675} - System32\Tasks\{85C8E5E7-006B-4E2A-929F-00C0F5253C67} => pcalua.exe -a E:\install.exe -d E:\
Task: {DF7127C2-4490-4621-B544-5381A5F614A9} - System32\Tasks\{39827059-DFB1-4AED-8EBB-1B17170D6489} => pcalua.exe -a "D:\hry\hry\Half Life\Half life 2-epizoda two\HL2ET_CZ\HL2ET_CZ.exe" -d "D:\hry\hry\Half Life\Half life 2-epizoda two\HL2ET_CZ"
Task: {E3A5E1E4-5801-424A-B0C4-924CE6DCE841} - System32\Tasks\{1C16FF81-5EDD-4647-84BC-C52D4D4E9C2B} => C:\Program Files (x86)\2K Games\Mafia II\pc\mafia2.exe
Task: {E716259B-EE6A-4204-B5AA-E456051BC070} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E788AAAA-955B-41BF-835B-B21CA85FC28B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {E9B1D365-AB0F-4868-A117-C55301780C46} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: {ED81D026-C358-4FA7-A4A1-551940D88EE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {EE5479FD-7C57-485E-85D1-BC51BF0210F1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {EF52C7FD-A293-4279-BA6C-9F46AD260C9B} - System32\Tasks\{C0EC3FD4-7932-4383-B76E-0F124A9602F3} => pcalua.exe -a D:\hry\FUEL\GameSetup.exe -d D:\hry\FUEL
Task: {EF554A80-8D8C-4737-BEA2-34614CF965CA} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {F148702B-9B7D-443F-AF70-C73ED0B4C89D} - System32\Tasks\{B4868283-74C2-4533-B382-63D96E1E98F7} => pcalua.exe -a D:\hry\King\uninst.exe -d D:\hry\King
Task: {F43B787E-DFDD-412D-8628-82CE39CA1CC9} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {FE16A6AB-1E43-48C4-BB9F-94E334A0D28F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-22] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e0ff96253372.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12ec313522842.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf984be7721265.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e0ff96df857c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12ec313e81ef3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[Dusty123]

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{C2F951D5-C5CF-4763-A3AB-5930C287CEC1}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.hitmanbloodmoney.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{C13B77FD-3A7F-4286-89CC-F9D162D89391}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.stubbsthezombie.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{B45670A4-D2C5-4FA3-9075-C75EDD916624}\SupportTasks\1\Podpora.lnk -> hxxp://support.vugames.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{B45670A4-D2C5-4FA3-9075-C75EDD916624}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.hitandrungame.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{A23F4A6B-29B4-4E2D-8347-B24497D7603A}\SupportTasks\1\Podpora.lnk -> hxxp://support.microsoft.com/games/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{A23F4A6B-29B4-4E2D-8347-B24497D7603A}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.zootycoon.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{994D26A9-EFF4-477D-B372-6C72702945FE}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.rockstargames.com/sanandreas/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{7EE66779-7629-47BF-BCE2-C5A3BD5E244E}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.rockstargames.com/sanandreas/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{6B68FA3B-76D5-4F79-A873-0A401991E501}\SupportTasks\1\Podpora.lnk -> hxxp://support.ubi.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{6B68FA3B-76D5-4F79-A873-0A401991E501}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.brothersinarmsgame.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{4B28841B-4BF9-4421-8234-10E2E2F5AFDA}\SupportTasks\0\Support.lnk -> hxxp:\support.ubi.com\( (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{3449BE80-BD59-479C-9C48-CF5B15B09544}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.hitmanbloodmoney.com/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{121E86AA-4207-4E5D-B05C-38F4CAFA616C}\SupportTasks\0\Homepage.lnk -> hxxp:\( (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{10CD5BAB-A2DA-4124-A38C-0FAECA3C1C30}\SupportTasks\1\Podpora.lnk -> hxxp://www.activision.com/support/ (No File)
Shortcut: C:\Users\Pavlík\AppData\Local\Microsoft\Windows\GameExplorer\{10CD5BAB-A2DA-4124-A38C-0FAECA3C1C30}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.callofduty.com/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2011-03-11 20:58 - 2015-03-08 19:11 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-03-03 20:53 - 2016-05-02 06:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-30 11:30 - 2016-05-02 06:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-15 13:32 - 2016-05-02 06:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-03 20:53 - 2016-05-02 06:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-15 13:32 - 2016-05-02 06:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-15 13:32 - 2016-05-02 06:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-15 13:32 - 2016-05-02 06:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-16 15:44 - 2016-05-02 06:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-07 18:35 - 2016-06-03 04:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 18:47 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 18:47 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-07 18:24 - 2016-02-07 18:24 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 18:39 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 18:39 - 2016-04-23 05:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 18:39 - 2016-04-23 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 18:39 - 2016-04-23 04:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 18:39 - 2016-04-23 05:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-15 13:32 - 2016-05-02 06:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-15 13:32 - 2016-05-02 06:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-06-22 16:49 - 2016-06-22 16:49 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-22 16:49 - 2016-06-22 16:49 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-29 19:54 - 2016-06-29 19:54 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16062901\algo.dll
2016-03-07 19:24 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-06-11 11:20 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-22 16:49 - 2016-06-22 16:49 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-19 18:56 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-19 18:56 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-03-18 17:44 - 2016-06-26 19:04 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-973669212-4249063547-1757659764-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavlík\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-973669212-4249063547-1757659764-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{67F131FB-5176-4446-A41E-0DEBCB0BDB74}D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Block) D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe
FirewallRules: [TCP Query User{57B9494A-A28C-4095-AE45-017C0F0D7076}D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Block) D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe
FirewallRules: [UDP Query User{C79B5729-A2B7-4649-A80F-5EF18F077393}C:\users\pavlík\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\pavlík\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{9AA862B0-47B0-43C6-A4FE-E2CA2D4101B7}C:\users\pavlík\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\pavlík\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{DCA1CA80-B4C2-45B8-A68C-E4FA75982A7A}] => (Allow) LPort=8090
FirewallRules: [{08803C96-E729-430C-9F8B-E77BE38BF8B1}] => (Allow) LPort=20443
FirewallRules: [{1723A633-0E69-4BA9-B726-85DA84CF13CF}] => (Allow) LPort=33333
FirewallRules: [{4A9CBE3E-C45D-489D-BE7B-9087E1D801A7}] => (Allow) LPort=6881
FirewallRules: [{77CD8DBC-F5A8-48CD-9C85-F2CEB14E3EF6}] => (Allow) LPort=27022
FirewallRules: [{D20E1B65-13D7-4D7D-9F2F-061BCDE76090}] => (Allow) LPort=7853
FirewallRules: [{2F6C7A65-1D4F-460A-B354-4C1658EBEE9E}] => (Allow) LPort=7852
FirewallRules: [{7468ADEA-CB08-4150-A96D-074652DA5A9F}] => (Allow) LPort=7850
FirewallRules: [{E5ECDE42-0A28-4EC1-AEE7-70BF42C61AE8}] => (Allow) LPort=3478
FirewallRules: [{B171C352-4AF5-4D26-8C3B-16BDB2559514}] => (Allow) LPort=20010
FirewallRules: [{5F59CA64-EE9F-4791-82E9-C6526854D58E}] => (Allow) LPort=443
FirewallRules: [{2535AD37-EDDD-4D62-BF0A-914C0B5156C7}] => (Allow) LPort=80
FirewallRules: [UDP Query User{960257B0-C9B0-4F71-BAD5-4C6A54C5C113}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{0D81C330-CEBD-4788-A7BF-5ADDEFB6EDBD}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [{BA3650CB-5094-40A0-9B24-6335B6E7A41C}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{509F2468-A09A-4494-8839-666412F5A2A6}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{465B2704-4B73-4723-9F13-A40479141FAE}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{39BC5856-0F94-4860-8440-18D7C2C5AC17}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{9FA35870-25FA-460B-89AA-2EAC087A853F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1D09418D-B162-481C-B392-C7771A9241F0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{3E69B190-5708-45BF-8BF0-289E388BAE45}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{AE000A80-8142-4E66-8533-AB7E381ECC23}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{3540948F-E8FB-414D-B6ED-28315AAD66B6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{671F2754-40D9-4EA5-8943-7198217587AB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{16A71B6F-0245-4302-B7A1-3F1D5AE31877}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [UDP Query User{478BB726-2E62-4F15-94E2-561DFE7B23D8}D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Block) D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe
FirewallRules: [TCP Query User{E4CFACBB-8C19-4EF1-B2ED-96FEE0AFC910}D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe] => (Block) D:\hry\ubisoft\far cry 4 complete edition\bin\farcry4.exe
FirewallRules: [UDP Query User{A6909758-BF64-4AF5-8692-31151B3C086E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{CF096CAC-6980-4208-9DDA-6B1E01DB4AF0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{2683FF2B-6EF0-4DC0-9104-3946DCBFE6A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{80BBB144-E2C1-43EE-8622-25E0DD663256}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{485BD6D5-CEFD-4BC5-AAAD-57B6B8718274}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{44603A2C-9CBC-4045-AED5-8C5B10C7DA21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9E577F55-CCD2-406C-8530-F37404130ACC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{28F91430-3078-46E9-B4F2-81A1BEDB02D1}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{5DEFCBFA-C814-4D4A-9899-D058774130A3}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{2F10D578-41F9-4DC8-BED7-211F5DB63158}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{CE8A2442-1FB4-4E64-95F1-257160B1DCA2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{EF88B0E4-7891-4615-8E09-A8BD35D877D1}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{5E19886F-00CC-42E8-A754-0089C71FD768}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{1331E598-9F70-4A3A-9F21-E5FB6FC065C6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BF909464-B74E-4607-83C3-B0C32E2E1FE2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CD5BF733-90A0-4EFC-9277-0CFB7D4C1175}] => (Allow) C:\Users\Pavlík\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{D060916D-003F-49B0-BF55-275417BDD43F}] => (Allow) C:\Users\Pavlík\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{573A3778-40A7-4028-B13A-AFEB6F90D57C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{25374906-1AD6-4289-82B7-257CC94E09E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F75CE44B-62CE-4897-99DB-C5F67990A3CF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{96FE2F64-522D-46C1-82CA-EB07DFB3EE2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{94225155-2D98-4B2D-8757-3D212B900541}] => (Allow) C:\Users\Pavlík\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{76BEB293-EEB2-4CC4-9A7B-59F876752E8D}] => (Allow) C:\Users\Pavlík\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9E9302B0-1DD4-4300-8E3F-22CE8FD7C164}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{B6BDC31F-9444-4076-8A44-42E065B88015}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [UDP Query User{10A8D576-0221-4738-9938-A40AEB6771E6}C:\program files (x86)\ubisoft\gearbox software\brothersinarms\system\bia.exe] => (Block) C:\program files (x86)\ubisoft\gearbox software\brothersinarms\system\bia.exe
FirewallRules: [TCP Query User{EE264A37-4233-44F9-96A5-46C774571FA8}C:\program files (x86)\ubisoft\gearbox software\brothersinarms\system\bia.exe] => (Block) C:\program files (x86)\ubisoft\gearbox software\brothersinarms\system\bia.exe
FirewallRules: [UDP Query User{832CB619-3F0A-4204-A41B-815AEA084675}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{5986F521-B264-4A62-B645-037E129F6F98}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{24A41184-F907-4F57-B81D-C612306EBCF7}H:\tmnationsforever\tmforever.exe] => (Allow) H:\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{4EF15F8F-B0ED-498A-BA10-A4786E373AEB}H:\tmnationsforever\tmforever.exe] => (Allow) H:\tmnationsforever\tmforever.exe
FirewallRules: [{484E1034-B90E-4D42-B777-1455EEF36B00}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{274F786A-C4CB-4BFF-842D-5DB069E4EF16}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1940F0CE-EE8B-4148-9EAF-321BBBCCDD88}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34F007BA-6C0B-40E3-BBF0-25B02DBF8917}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [TCP Query User{80026378-B184-4339-9EC5-2CB1F2AA9086}C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [UDP Query User{7ABD9943-ED2E-4EF1-8A72-B2F708D392C7}C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_74\bin\javaw.exe
FirewallRules: [{FF814D7D-1C2E-4716-BD5C-21BD433DD0F0}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{EF0D25F8-DA36-4FE3-A225-B7331B78B34F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6C2EA5F8-6F85-4AD0-B810-2E0C77827EBB}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe
FirewallRules: [TCP Query User{E66D51B5-72B4-4D72-8D18-BAEC233624B2}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{29B80108-6347-4F93-96C8-03DFC05E9E5A}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{0BFCFE98-F1B0-4C9A-B61F-723D8FAB108C}D:\hry\attomey\metin2client.bin] => (Block) D:\hry\attomey\metin2client.bin
FirewallRules: [UDP Query User{CCDCBAD8-390B-4D5C-A6D6-D514247B0B94}D:\hry\attomey\metin2client.bin] => (Block) D:\hry\attomey\metin2client.bin
FirewallRules: [TCP Query User{88A85E14-014D-4390-A845-AF7653B52CC6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{724FEB17-91AC-4B38-A33B-C016E51898DA}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe
FirewallRules: [{70A9B694-E97B-4B83-B7CB-5568D5FA31AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{BFDD3635-481B-423C-8AD5-557E0C906B83}D:\hry\dishonored\binaries\win32\dishonored.exe] => (Block) D:\hry\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{F153AE17-A296-49EE-B5C3-37E14FD44BD9}D:\hry\dishonored\binaries\win32\dishonored.exe] => (Block) D:\hry\dishonored\binaries\win32\dishonored.exe

==================== Restore Points =========================

22-06-2016 14:27:33 Revo Uninstaller Pro's restore point - Spy Emergency
22-06-2016 19:54:51 JRT Pre-Junkware Removal
26-06-2016 18:44:56 Windows Update
26-06-2016 19:03:39 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2016 07:59:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.

Error: (06/29/2016 07:59:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.

Error: (06/26/2016 08:20:26 PM) (Source: cbService.exe) (EventID: 0) (User: )
Description: Proces služby se nemohl připojit k síťovému řadiči

Error: (06/26/2016 08:12:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/26/2016 07:04:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.10586.306, časové razítko: 0x571af331
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000071f28
ID chybujícího procesu: 0x2888
Čas spuštění chybující aplikace: 0xDaS_21.exe0
Cesta k chybující aplikaci: DaS_21.exe1
Cesta k chybujícímu modulu: DaS_21.exe2
ID zprávy: DaS_21.exe3
Úplný název chybujícího balíčku: DaS_21.exe4
ID aplikace související s chybujícím balíčkem: DaS_21.exe5

Error: (06/26/2016 07:03:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentOutOfRangeException
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (06/26/2016 07:03:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/26/2016 06:45:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/22/2016 07:55:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/22/2016 07:09:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.10586.0, časové razítko: 0x5632d8f0
Název chybujícího modulu: Cortana.Core.dll, verze: 0.0.0.0, časové razítko: 0x571af2d0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001325d
ID chybujícího procesu: 0x1670
Čas spuštění chybující aplikace: 0xbackgroundTaskHost.exe0
Cesta k chybující aplikaci: backgroundTaskHost.exe1
Cesta k chybujícímu modulu: backgroundTaskHost.exe2
ID zprávy: backgroundTaskHost.exe3
Úplný název chybujícího balíčku: backgroundTaskHost.exe4
ID aplikace související s chybujícím balíčkem: backgroundTaskHost.exe5


System errors:
=============
Error: (06/26/2016 09:48:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_1118ff byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/26/2016 09:48:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_1118ff byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/26/2016 09:48:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_1118ff byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/26/2016 09:48:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_1118ff byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/26/2016 09:10:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073712): Kumulativní aktualizace pro Windows 10 Version 1511 pro systémy x64 (KB3163018).

Error: (06/26/2016 09:04:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba cbVSCService11 neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Error: (06/26/2016 09:04:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby cbVSCService11 bylo dosaženo časového limitu (30000 ms).

Error: (06/26/2016 09:04:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


Error: (06/26/2016 09:03:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:02:11, ‎26.‎06.‎2016) bylo neočekávané.

Error: (06/26/2016 07:26:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073712): Kumulativní aktualizace pro Windows 10 Version 1511 pro systémy x64 (KB3163018).


CodeIntegrity:
===================================
Date: 2016-06-20 02:21:56.049
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 20:49:20.082
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-15 16:43:29.305
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-15 15:47:23.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-06 20:08:54.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-06 20:08:54.146
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-06 20:08:54.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-06 20:08:53.837
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-06 20:08:53.726
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-06 20:08:53.516
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 49%
Total physical RAM: 4094.18 MB
Available physical RAM: 2072.16 MB
Total Virtual: 4294.18 MB
Available Virtual: 2166.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.56 GB) (Free:4 GB) NTFS
Drive d: (Data) (Fixed) (Total:365.66 GB) (Free:50.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: E74AAEC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=365.7 GB) - (Type=05)

==================== End of Addition.txt ============================

Addition posílám na 2 části, celé najednou nešlo odeslat.