Sekání počítače, prosím o kontrolu logu

Příspěvekod **jaro3** » 20 bře 2016 14:00

Vlož nový log z HJT

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Reklama

sisik · Příspěvekod **sisik** » 20 bře 2016 15:15

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Ondra (administrator) on LAPTOP-AMJ5VS8M (20-03-2016 15:10:00)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 10 Home (X64) Language: Slovenština (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files\update\UpdateAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(Lenovo) C:\Program Files\Lenovo\QuickOptimizer\QuickOptimizerIcon.exe
(Lenovo) C:\Program Files\Lenovo\BatteryGauge\BatteryGaugeIcon.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\architect.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\ws.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-09-12] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp.)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-19] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74969-a1e1-11e5-9bd2-b46d83c4d302} - "I:\Setup.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74d64-a1e1-11e5-9bd2-b46d83c4d302} - "J:\setup.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74dfb-a1e1-11e5-9bd2-b46d83c4d302} - "L:\Launcher.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {7c87569c-cc20-11e5-9bd6-b46d83c4d302} - "G:\AUTORUN.EXE"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {8881baeb-d19d-11e5-9bdc-b46d83c4d302} - "F:\iStudio.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a5f4-cc23-11e5-9bd7-b46d83c4d302} - "H:\AUTORUN.EXE"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a9a0-cc23-11e5-9bd7-b46d83c4d302} - "I:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-21] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c735d268-a72e-468e-891a-f65f9035dc56}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {162063B4-C7FD-4462-9AA8-72054663D1BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {1D5A5802-E8A0-4BEC-817A-E0D329C3EBEE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {44A99802-18BE-4A52-9E2E-63FF7F44E655} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {5EB91A2F-393F-467D-865C-DF6E82A07631} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {6ECFDB7D-14E8-4EF2-BA2F-38CDA369DEF4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {BD062FE4-F79D-498D-B66A-82830D0D3C4D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {C8544916-CC46-4DFD-A101-664F068AE38B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {D1187FD4-39C9-48E3-885F-4F1F55B74602} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_27368
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-21] (AVAST Software)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-21] (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\kfvukq1w.default
FF NewTab: about:newtab
FF Homepage: www.seznam.cz
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF Extension: Steel Cut 1.0.1 - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\kfvukq1w.default\Extensions\{94472264-1456-4402-a3a8-e58cafcd328f}.xpi [2016-03-15] [not signed]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-05]

Chrome:
=======
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-20]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-20]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-20]
CHR Extension: (Tabulky Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-20]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-21] (AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-08-03] (ELAN Microelectronics Corp.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-09-12] (Lenovo) [File not signed]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-12-13] (Intel Corporation)
R2 ImControllerService; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [36808 2016-01-29] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-09-12] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (Â© pdfforge GmbH.)
R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-09-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-21] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-12-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [46392 2015-12-14] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-17] ()
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-09-12] (Windows (R) Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-09-12] (Windows (R) Win 7 DDK provider) [File not signed]
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-09] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5864888 2015-12-13] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3059416 2015-06-11] (Realtek Semiconductor Corp.)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [10848 2000-03-08] () [File not signed]
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 15:10 - 2016-03-20 15:11 - 00022598 _____ C:\Users\Ondra\Desktop\FRST.txt
2016-03-20 15:09 - 2016-03-20 15:10 - 00000000 ____D C:\FRST
2016-03-20 15:09 - 2016-03-20 15:09 - 02374144 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2016-03-20 15:06 - 2016-03-20 15:06 - 00016148 _____ C:\Windows\system32\LAPTOP-AMJ5VS8M_Ondra_HistoryPrediction.bin
2016-03-20 13:18 - 2016-03-20 13:18 - 00008592 _____ C:\Users\Ondra\Downloads\DPFDP5-8401314669-20160320-130459-pracovni.xml
2016-03-20 12:17 - 2016-03-20 13:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-20 11:43 - 2016-03-20 11:45 - 45353096 _____ C:\Users\Ondra\Downloads\FirefoxSetup45.0-64cz.exe
2016-03-20 11:27 - 2016-03-20 10:40 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-03-20 10:41 - 2016-03-20 10:40 - 01309184 _____ C:\Users\Ondra\Desktop\zoek.exe
2016-03-20 10:40 - 2016-03-20 11:23 - 00000000 ____D C:\zoek_backup
2016-03-20 10:40 - 2016-03-20 10:40 - 01309184 _____ C:\Users\Ondra\Downloads\zoek.exe
2016-03-20 09:31 - 2016-03-20 13:49 - 00000000 ____D C:\Users\Ondra\AppData\Local\CrashDumps
2016-03-19 21:24 - 2016-03-19 21:24 - 00021226 _____ C:\Users\Ondra\Downloads\Adresar OFS Vyškov podzim 2015 (2).xlsx
2016-03-19 21:15 - 2016-03-17 20:42 - 00001332 _____ C:\Users\Ondra\Desktop\Ashampoo Movie Studio 2.lnk
2016-03-19 20:18 - 2016-03-19 20:40 - 00055935 _____ C:\Users\Ondra\Desktop\15.kolo.pdf
2016-03-19 20:17 - 2016-03-19 20:19 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\PDF Architect 4
2016-03-19 20:17 - 2016-03-19 20:17 - 00000000 ____D C:\ProgramData\pdfforge
2016-03-19 20:16 - 2016-03-19 20:19 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-03-19 20:16 - 2016-03-19 20:17 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-03-19 20:16 - 2016-03-19 20:17 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2016-03-19 20:16 - 2016-03-19 20:16 - 00120072 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2016-03-19 20:16 - 2016-03-19 20:16 - 00000000 ____D C:\Users\Ondra\Documents\PDF Architect
2016-03-19 20:16 - 2016-03-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-03-19 20:16 - 2016-03-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2016-03-19 20:15 - 2016-03-19 20:17 - 00000000 ____D C:\Program Files\PDFCreator
2016-03-19 20:14 - 2016-03-19 20:14 - 30032392 _____ C:\Users\Ondra\Downloads\PDFCreator-2_3_0-Setup.exe
2016-03-19 20:04 - 2016-03-20 09:51 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-03-19 20:02 - 2016-03-19 22:57 - 00000000 ____D C:\ProgramData\RogueKiller
2016-03-19 20:01 - 2016-03-19 20:02 - 23803464 _____ C:\Users\Ondra\Desktop\RogueKillerX64.exe
2016-03-19 20:00 - 2016-03-19 20:01 - 23803464 _____ C:\Users\Ondra\Downloads\RogueKillerX64.exe
2016-03-19 19:37 - 2016-03-19 19:39 - 01610352 _____ (Malwarebytes) C:\Users\Ondra\Desktop\JRT.exe
2016-03-19 19:37 - 2016-03-19 19:37 - 01610352 _____ (Malwarebytes) C:\Users\Ondra\Downloads\JRT.exe
2016-03-19 17:14 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-19 17:14 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-03-19 17:14 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-19 17:14 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-19 17:14 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-19 17:14 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-19 17:14 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-19 17:14 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-19 17:14 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-19 17:14 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-19 17:14 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-19 17:14 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-19 17:14 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-19 17:14 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-03-19 17:14 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-19 17:14 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-19 17:14 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-19 17:14 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-19 17:14 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-19 17:14 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-19 17:14 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-19 17:14 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-19 17:14 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-19 17:14 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-19 17:14 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-19 17:14 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-19 17:14 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-19 17:14 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-19 17:14 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-19 17:14 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-19 17:13 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-19 17:13 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-19 17:13 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-19 17:13 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-19 17:13 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-19 17:13 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-19 17:13 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-19 17:13 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-03-19 17:13 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-03-19 17:13 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-19 17:13 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-03-19 17:13 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-19 17:13 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-19 17:13 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-03-19 17:13 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-19 17:13 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-19 17:13 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-19 17:13 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-19 17:13 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-19 17:13 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-19 17:13 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-03-19 17:13 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-03-19 17:13 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-19 17:13 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-03-19 17:13 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-03-19 17:13 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-19 17:13 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-03-19 17:13 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-19 17:13 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-19 17:13 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-03-19 17:13 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-19 17:13 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-03-19 17:13 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-03-19 17:13 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-19 17:13 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-19 17:13 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-03-19 17:13 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-19 17:13 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-19 17:13 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-19 17:13 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-19 17:13 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-19 17:13 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-19 17:13 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-19 17:13 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-19 17:13 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-03-19 17:13 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-03-19 17:13 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-19 17:13 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-19 17:13 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-19 17:13 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-19 17:13 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-03-19 17:13 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-19 17:13 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-03-19 17:13 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-19 17:13 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-19 17:13 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-17 22:56 - 2016-03-17 22:57 - 22908888 _____ (Malwarebytes ) C:\Users\Ondra\Downloads\mbam-setup-2.2.0.1024 (1).exe
2016-03-17 22:55 - 2016-03-17 22:55 - 01527296 _____ C:\Users\Ondra\Downloads\AdwCleaner (1).exe
2016-03-17 22:45 - 2016-03-17 22:49 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-17 22:45 - 2016-03-17 22:45 - 01527296 _____ C:\Users\Ondra\Downloads\AdwCleaner.exe
2016-03-17 22:27 - 2016-03-17 22:27 - 651593543 _____ C:\Windows\MEMORY.DMP
2016-03-17 22:27 - 2016-03-17 22:27 - 00321064 _____ C:\Windows\Minidump\031716-21078-01.dmp
2016-03-17 22:27 - 2016-03-17 22:27 - 00000000 ____D C:\Windows\Minidump
2016-03-17 21:53 - 2016-03-17 22:26 - 00448512 _____ (OldTimer Tools) C:\Users\Ondra\Downloads\TFC.exe
2016-03-17 20:52 - 2016-03-17 20:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ondra\Downloads\HijackThis.exe
2016-03-17 20:45 - 2016-03-20 11:30 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-17 19:58 - 2016-03-17 20:00 - 50541136 _____ (Google Inc.) C:\Users\Ondra\Downloads\48.0.2564.82_chrome_installer_win64 (1).exe
2016-03-17 15:48 - 2016-03-20 13:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-17 15:48 - 2016-03-17 22:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-17 15:48 - 2016-03-17 22:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-17 15:48 - 2016-03-17 15:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-17 15:48 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-17 15:48 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-17 15:48 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-17 15:43 - 2016-03-17 15:44 - 22908888 _____ (Malwarebytes ) C:\Users\Ondra\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-17 15:14 - 2016-03-17 15:14 - 00000000 _____ C:\autoexec.bat
2016-03-17 15:13 - 2016-03-17 15:13 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-17 15:12 - 2016-03-17 15:12 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Ondra\Downloads\SpyHunter-Installer (1).exe
2016-03-17 15:03 - 2016-03-17 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Ondra\Downloads\SpyHunter-Installer.exe
2016-03-16 20:35 - 2016-03-16 20:37 - 103527808 _____ C:\Users\Ondra\Downloads\InstallCrossDJFree3.2.0.exe
2016-03-16 20:32 - 2016-03-16 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Audio Editor Pro
2016-03-16 20:32 - 2016-03-16 20:32 - 00000000 ____D C:\Program Files (x86)\Magic Audio Editor Pro
2016-03-16 20:32 - 2005-06-01 20:15 - 00966144 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioInformation2.dll
2016-03-16 20:32 - 2005-06-01 20:12 - 00467968 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioRecord2.dll
2016-03-16 20:32 - 2005-06-01 20:11 - 00877568 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\NCTAudioFile2.dll
2016-03-16 20:32 - 2005-06-01 20:11 - 00467456 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioPlayer2.dll
2016-03-16 20:32 - 2005-06-01 00:02 - 00522752 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioTransform2.dll
2016-03-16 20:32 - 2005-05-26 20:00 - 00403968 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTWMAFile2.dll
2016-03-16 20:32 - 2005-04-15 20:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioEditor2.dll
2016-03-16 20:32 - 2005-03-28 23:57 - 01852416 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioDesign2.dll
2016-03-16 20:32 - 2005-03-28 23:56 - 00457728 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioDisplay2.dll
2016-03-16 20:32 - 2005-03-28 23:54 - 00478208 _____ (Online Media Technologies Ltd.) C:\Windows\SysWOW64\NCTAudioVisualization2.dll
2016-03-16 20:32 - 2005-01-10 21:54 - 00116296 _____ C:\Windows\SysWOW64\NCTWMAProfiles.prx
2016-03-16 20:32 - 2004-11-04 21:31 - 00479744 _____ (NCT) C:\Windows\SysWOW64\NCTAudioCDGrabber2.dll
2016-03-16 20:32 - 2003-03-19 19:03 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71d.dll
2016-03-16 20:32 - 2002-01-05 22:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2016-03-16 20:31 - 2016-03-16 20:31 - 17717176 _____ C:\Users\Ondra\Downloads\Cool-Audio-Magic-Audio-Editor-pro-Installer.exe
2016-03-16 20:23 - 2016-03-17 22:17 - 00006656 _____ C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-16 20:19 - 2016-03-17 20:42 - 00002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2016-03-16 20:19 - 2016-03-16 20:21 - 00000000 ____D C:\Program Files (x86)\Movie Maker 2.6
2016-03-16 20:17 - 2016-03-16 20:17 - 12563776 _____ C:\Users\Ondra\Downloads\MM26_CS.exe
2016-03-16 19:29 - 2016-03-16 19:37 - 00000000 ____D C:\Users\TEMP\AppData\Local\Packages
2016-03-16 19:29 - 2016-03-16 19:29 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2016-03-16 19:28 - 2016-03-16 19:37 - 00000000 ____D C:\Users\TEMP
2016-03-16 12:38 - 2016-03-16 13:30 - 00000000 ____D C:\Users\Ondra\Documents\CyberLink
2016-03-16 12:38 - 2016-03-16 12:39 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\CyberLink
2016-03-15 22:15 - 2016-03-20 11:29 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-03-15 22:09 - 2016-03-15 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Knife
2016-03-15 22:09 - 2016-03-15 22:09 - 00000000 ____D C:\Program Files (x86)\Mp3 Knife
2016-03-15 22:09 - 2004-04-12 17:27 - 00609584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2016-03-15 22:09 - 2004-04-12 17:27 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2016-03-15 22:04 - 2016-03-15 22:05 - 02025746 _____ ( ) C:\Users\Ondra\Downloads\MK.exe
2016-03-15 17:35 - 2016-03-19 20:41 - 00093489 _____ C:\Users\Ondra\Desktop\obsazování.xlsx
2016-03-12 21:20 - 2016-03-12 21:20 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-03-12 21:20 - 2016-03-12 21:20 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\IrfanView
2016-03-12 21:20 - 2016-03-12 21:20 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-03-12 21:19 - 2016-03-12 21:19 - 01898640 _____ (Irfan Skiljan) C:\Users\Ondra\Downloads\irfanview.exe
2016-03-10 21:00 - 2016-03-10 22:04 - 1146464575 _____ C:\Users\Ondra\Downloads\KRT.-komplet-49-dílů-(15-27)-2.část-(LOM).avi.rar
2016-03-10 20:11 - 2016-03-10 20:24 - 231853495 _____ C:\Users\Ondra\Downloads\Nepotvrzeno 470436.crdownload
2016-03-08 19:59 - 2016-03-08 22:14 - 2434408468 _____ C:\Users\Ondra\Downloads\Bořek-stavitel-16-30-dvb-rip-(Monty).rar
2016-03-05 23:01 - 2016-03-05 23:46 - 2046870203 _____ C:\Users\Ondra\Desktop\rally Vyškov 2015.wmv
2016-03-05 22:57 - 2016-03-06 00:03 - 00003603 _____ C:\Users\Ondra\Desktop\rally Vyškov 2015.wlmp
2016-03-04 15:12 - 2016-03-04 16:52 - 1798341397 _____ C:\Users\Ondra\Downloads\borek-stavitel-komplet-cz.rar
2016-03-03 20:48 - 2016-03-03 20:48 - 00012162 _____ C:\Users\Ondra\Downloads\los Kučerova 2015.xlsx
2016-03-03 20:15 - 2016-03-15 17:27 - 00000000 ____D C:\Users\Ondra\Desktop\Kučerov
2016-03-03 19:53 - 2016-03-03 19:53 - 00024210 _____ C:\Users\Ondra\Downloads\18kolo-prehled.xlsx
2016-03-02 21:45 - 2016-03-02 21:45 - 00069512 _____ C:\Users\Ondra\Downloads\okresni-prebor-mladsi-zaci-71--rocnik-2015.pdf
2016-03-02 21:43 - 2016-03-02 21:43 - 00438978 _____ C:\Users\Ondra\Downloads\Fotbalová asociace České.tif
2016-03-02 21:26 - 2016-03-02 21:26 - 00071184 _____ C:\Users\Ondra\Downloads\okresni-soutez-iii-tridy-skupina-a--rocnik-2015.pdf
2016-03-02 21:26 - 2016-03-02 21:26 - 00015086 _____ C:\Users\Ondra\Downloads\terminovka-jaro-2016.xlsx
2016-03-01 21:45 - 2016-03-01 21:45 - 00021226 _____ C:\Users\Ondra\Downloads\Adresar OFS Vyškov podzim 2015 (1).xlsx
2016-03-01 21:43 - 2016-03-01 21:43 - 00021226 _____ C:\Users\Ondra\Downloads\Adresar OFS Vyškov podzim 2015.xlsx
2016-02-29 17:42 - 2016-02-29 17:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-02-29 17:06 - 2016-02-29 17:36 - 520507528 _____ C:\Users\Ondra\Downloads\Microsoft-Office-2007---plna-verze-CZ.zip
2016-02-29 16:51 - 2016-03-15 17:18 - 00019494 _____ C:\Users\Ondra\Desktop\přátelská utkání.ods
2016-02-26 22:22 - 2016-02-26 22:22 - 00219748 _____ C:\Users\Ondra\Downloads\Seminář RO OFS Vyškov jaro 2016.pdf
2016-02-26 17:41 - 2016-02-26 18:03 - 00000000 ____D C:\Users\Ondra\Desktop\Fotky SVJ
2016-02-26 17:40 - 2016-03-17 20:40 - 00001708 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\REACHit Drive.lnk
2016-02-21 12:18 - 2016-02-21 12:18 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-21 12:18 - 2016-02-21 12:18 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-19 22:28 - 2016-03-19 22:56 - 00000000 ____D C:\Users\Ondra\Desktop\KRD
2016-02-19 19:16 - 2016-02-19 19:16 - 12815360 _____ (Microsoft Corporation) C:\Users\Ondra\Downloads\MP10Setup.exe
2016-02-19 17:54 - 2016-02-19 17:54 - 37582613 _____ C:\Users\Ondra\Downloads\m-mp4-converter6.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 14:57 - 2015-12-14 17:46 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-20 13:51 - 2015-07-10 12:04 - 00000269 _____ C:\Windows\win.ini
2016-03-20 12:17 - 2015-12-24 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 11:49 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-03-20 11:45 - 2015-12-24 22:53 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-20 11:45 - 2015-12-24 22:53 - 00001000 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-20 11:30 - 2015-12-13 22:07 - 00000000 __SHD C:\Users\Ondra\IntelGraphicsProfiles
2016-03-20 11:29 - 2015-12-14 17:46 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-20 11:29 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 11:28 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 11:21 - 2015-07-10 12:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-03-20 11:21 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-03-20 09:02 - 2015-12-25 21:46 - 00004210 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD59DB0F-6C5F-4260-BCBF-48BA72A5F3F4}
2016-03-20 08:58 - 2015-07-16 16:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-20 08:55 - 2015-07-10 13:20 - 00436256 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-19 23:00 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-19 23:00 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-19 23:00 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-19 23:00 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-19 23:00 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-03-19 21:26 - 2015-09-12 15:36 - 00746632 _____ C:\Windows\system32\perfh005.dat
2016-03-19 21:26 - 2015-09-12 15:36 - 00149554 _____ C:\Windows\system32\perfc005.dat
2016-03-19 21:26 - 2015-07-16 16:54 - 01762290 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-19 18:38 - 2015-12-24 21:46 - 00000000 ____D C:\Windows\system32\MRT
2016-03-19 18:17 - 2015-12-24 21:46 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-19 18:14 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-03-19 17:48 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-17 22:49 - 2015-12-13 22:07 - 00000000 ____D C:\Users\Ondra
2016-03-17 22:31 - 2015-12-25 00:06 - 00004280 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-03-17 20:53 - 2015-12-13 22:08 - 00000000 ____D C:\Users\Ondra\AppData\Local\VirtualStore
2016-03-17 20:42 - 2016-02-14 20:27 - 00001332 _____ C:\Users\Public\Desktop\Ashampoo Movie Studio 2.lnk
2016-03-17 20:42 - 2016-02-14 18:59 - 00001073 _____ C:\Users\Public\Desktop\Free MP4 Player.lnk
2016-03-17 20:42 - 2016-02-14 17:38 - 00001442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-03-17 20:42 - 2016-02-14 17:38 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-03-17 20:42 - 2016-02-14 17:38 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-03-17 20:42 - 2016-02-14 17:37 - 00002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-03-17 20:42 - 2016-02-08 17:23 - 00001410 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 (x64).lnk
2016-03-17 20:42 - 2016-02-05 23:10 - 00000880 _____ C:\Users\Public\Desktop\Need for Speed Most Wanted.lnk
2016-03-17 20:42 - 2016-01-24 11:27 - 00001140 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-17 20:42 - 2015-12-31 13:46 - 00001049 _____ C:\Users\Public\Desktop\GeoGet.lnk
2016-03-17 20:42 - 2015-12-27 23:07 - 00001492 _____ C:\Users\Public\Desktop\WarThunder.lnk
2016-03-17 20:42 - 2015-12-25 21:34 - 00001859 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-03-17 20:42 - 2015-12-25 00:07 - 00002018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-03-17 20:42 - 2015-12-24 21:18 - 00001337 _____ C:\Users\Public\Desktop\Football Manager 2015.lnk
2016-03-17 20:42 - 2015-12-14 17:43 - 00000908 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-17 20:42 - 2015-12-14 17:21 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-03-17 20:42 - 2015-12-14 17:21 - 00002097 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-03-17 20:42 - 2015-12-14 16:18 - 00001110 _____ C:\Users\Public\Desktop\Open office.lnk
2016-03-17 20:42 - 2015-12-13 22:30 - 00000811 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-03-17 20:42 - 2015-09-12 15:33 - 00002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-03-17 20:40 - 2016-02-13 21:12 - 00002201 _____ C:\Users\Ondra\Desktop\Google Chrome.lnk
2016-03-17 20:40 - 2016-01-12 19:49 - 00001306 _____ C:\Users\Ondra\Desktop\Dropbox.lnk
2016-03-17 20:40 - 2015-12-31 14:06 - 00001054 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2016-03-17 20:40 - 2015-12-25 22:58 - 00001316 _____ C:\Users\Ondra\Desktop\Traktor Simulátor.lnk
2016-03-17 20:40 - 2015-12-25 21:45 - 00002209 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-03-17 20:40 - 2015-12-13 22:15 - 00002394 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-17 20:38 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\addins
2016-03-17 19:53 - 2016-02-14 17:39 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Seznam.cz
2016-03-17 19:35 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\IME
2016-03-16 12:38 - 2015-09-12 15:36 - 00000000 ____D C:\ProgramData\CyberLink
2016-03-16 12:37 - 2015-12-13 22:08 - 00000000 ____D C:\Users\Ondra\AppData\Local\CyberLink
2016-03-15 17:34 - 2016-01-24 20:19 - 00749568 _____ C:\Users\Ondra\Desktop\plachta.xls
2016-03-14 22:17 - 2015-12-31 13:46 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\GeoGet
2016-03-13 07:42 - 2015-12-13 22:15 - 00000000 ___RD C:\Users\Ondra\OneDrive
2016-03-09 17:14 - 2015-12-25 00:06 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-03-09 17:14 - 2015-12-25 00:06 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 21:51 - 2015-12-25 21:53 - 00000000 ____D C:\Users\Ondra\Documents\Euro Truck Simulator 2
2016-03-05 22:44 - 2016-02-14 19:05 - 00000000 ____D C:\Users\Ondra\Desktop\Videa
2016-03-02 21:43 - 2016-02-14 17:34 - 00000000 ____D C:\Users\Ondra\AppData\Local\Windows Live
2016-02-29 17:47 - 2015-12-14 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-29 17:45 - 2015-07-16 16:52 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-29 17:41 - 2015-07-10 14:16 - 00000000 ____D C:\Windows\ShellNew
2016-02-26 17:40 - 2016-02-14 18:17 - 00000000 ____D C:\Users\Ondra\AppData\Local\Downloaded Installations
2016-02-26 17:40 - 2015-09-12 15:30 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-02-24 05:38 - 2015-12-25 00:06 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-21 12:19 - 2015-12-25 00:06 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-21 12:18 - 2015-12-25 00:06 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-21 12:18 - 2015-12-25 00:06 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-21 12:18 - 2015-12-25 00:06 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-21 12:18 - 2015-12-25 00:06 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-19 19:27 - 2016-01-05 19:10 - 00000000 ____D C:\Users\Ondra\Desktop\pohádky
2016-02-19 19:14 - 2016-02-14 20:27 - 00000000 ____D C:\Users\Ondra\AppData\Local\Ashampoo Movie Studio 2
2016-02-19 17:55 - 2016-02-18 20:13 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\4Media
2016-02-19 17:55 - 2016-02-18 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Media
2016-02-19 17:55 - 2016-02-18 20:12 - 00000000 ____D C:\ProgramData\4Media
2016-02-19 17:55 - 2016-02-18 20:12 - 00000000 ____D C:\Program Files (x86)\4Media

==================== Files in the root of some directories =======

2012-06-06 05:06 - 2012-06-06 05:06 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-03-16 20:23 - 2016-03-17 22:17 - 0006656 _____ () C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-12 16:52 - 2015-09-12 16:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-19 17:50

==================== End of FRST.txt ============================

sisik · Příspěvekod **sisik** » 20 bře 2016 15:15

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ondra (2016-03-20 15:12:13)
Running from C:\Users\Ondra\Desktop
Windows 10 Home (X64) (2015-12-13 21:04:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-747309766-3425171966-3680114264-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-747309766-3425171966-3680114264-503 - Limited - Disabled)
Guest (S-1-5-21-747309766-3425171966-3680114264-501 - Limited - Disabled)
Ondra (S-1-5-21-747309766-3425171966-3680114264-1001 - Administrator - Enabled) => C:\Users\Ondra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Media MP4 Converter (HKLM-x32\...\4Media MP4 Converter) (Version: 7.4.0.20120710 - 4Media)
4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Movie Studio 2 (HKLM-x32\...\{91B33C97-5694-3701-6E8B-670F0B461A08}_is1) (Version: 2.0.9 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Euro Truck Simulator 2 v1.8.2.5s (DLC Going East) (HKLM-x32\...\Euro Truck Simulator 2 v1.8.2.5s (DLC Going East)1.8.2.5s) (Version: 1.8.2.5s - Friends in War)
Euro Truck Simulator 2 verze 1.20.1 (HKLM-x32\...\{29D78C5A-9DC3-495B-9D55-FC7E1CFFA170}_is1) (Version: 1.20.1 - )
Farming Simulator 2009 Fruit-importer 1.0.5 (HKLM-x32\...\{BC494C4A-BC2A-4770-BF69-841F59097616}_is1) (Version: - Defender)
Football Manager 2015 version 15.3.2 (HKLM-x32\...\{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1) (Version: 15.3.2 - SEGA)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free MP4 Player 2 (HKLM-x32\...\Free MP4 Player_is1) (Version: - Youtube Music Downloader)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
GeoGet verze 2.9.5.764 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.5.764 - )
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
ISOMagic (HKLM-x32\...\ISOMagic) (Version: - )
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: 2.2.0.0701 - Lenovo)
Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: 1.0.007.00 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3128.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.003.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.054.00 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.3 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.3 - Lenovo) Hidden
Magic Audio Editor Pro v7.4.0.11 (HKLM-x32\...\Magic Audio Editor Pro_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 cs)) (Version: 43.0.2 - Mozilla)
Mozilla Firefox 45.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 45.0.1 (x64 cs)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed Most Wanted 2012 v1.0.0.0 (HKLM-x32\...\Need for Speed Most Wanted 2012_is1) (Version: 1.0.0.0 - EA Games)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
RBR Akagi Mountain (remove only) (HKLM-x32\...\RBRTrack711) (Version: - )
RBR Aragona (remove only) (HKLM-x32\...\RBRTrack471) (Version: - )
RBR Bergheim 1.1(remove only) (HKLM-x32\...\RBRSieversdorf) (Version: - )
RBR Blanare II (remove only) (HKLM-x32\...\RBRTrack591) (Version: - )
RBR Bruchsal-Unteroewisheim (remove only) (HKLM-x32\...\RBRTrack154) (Version: - )
RBR Castrezzato (remove only) (HKLM-x32\...\RBRTrack572) (Version: - )
RBR Foron (remove only) (HKLM-x32\...\RBRTrack550) (Version: - )
RBR Foron II (remove only) (HKLM-x32\...\RBRTrack551) (Version: - )
RBR Grand Canaria ROC 2000 (remove only) (HKLM-x32\...\RBRTrack157) (Version: - )
RBR Hradek (remove only) (HKLM-x32\...\RBRHradek) (Version: - )
RBR Hyppyjulma (remove only) (HKLM-x32\...\RBRTrack981) (Version: - )
RBR Mlynky (remove only) (HKLM-x32\...\RBRMlynky) (Version: - )
RBR Montekland 0.99 (remove only) (HKLM-x32\...\RBRMontekland) (Version: - )
RBR Peklo_R (remove only) (HKLM-x32\...\RBRPeklo_R) (Version: - )
RBR Pikes Peak 2008 (remove only) (HKLM-x32\...\RBRTrack598) (Version: - )
RBR Pribram (remove only) (HKLM-x32\...\RBRPribram1) (Version: - )
RBR PTD RallySprint 1.1 (remove only) (HKLM-x32\...\RBRPTDRallySprint11) (Version: - )
RBR Reversed Tracks (remove only) (HKLM-x32\...\RBRReversedTracks) (Version: - )
RBR ROC 2008 (remove only) (HKLM-x32\...\RBRROC2008) (Version: - )
RBR Sardian Night (remove only) (HKLM-x32\...\RBRTrack596) (Version: - )
RBR School stage 2 (remove only) (HKLM-x32\...\RBRSchool2) (Version: - )
RBR Sosnova (remove only) (HKLM-x32\...\RBRSosnova) (Version: - )
RBR Sweet Lamb (remove only) (HKLM-x32\...\SweetLamb) (Version: - )
RBR SWISS II (remove only) (HKLM-x32\...\RBRTrack585) (Version: - )
RBR Tavia (remove only) (HKLM-x32\...\RBRTrack969) (Version: - )
RBR Tournament plugin (remove only) (HKLM-x32\...\RBRTM) (Version: - )
RBR Wisla Shakedown Zamarski (remove only) (HKLM-x32\...\RBRTrack980) (Version: - )
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.003.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Richard Burns Rally (HKLM-x32\...\InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}) (Version: 1.00.000 - Název společnosti:)
Richard Burns Rally (x32 Version: 1.00.000 - Název společnosti:) Hidden
Seznam Software (HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Traktor Simulátor (HKLM-x32\...\Traktor Simulátor_is1) (Version: 1.0 - US-Action, s.r.o.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
War Thunder Launcher 1.0.1.602 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
YouTube Video And Music Downloader (HKLM-x32\...\{05A0540E-6A64-4E3C-B4E6-56DA68F94DBF}) (Version: 3.6.1.8 - YouTubeSoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-747309766-3425171966-3680114264-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Ondra\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {134EBF45-3CE2-4B7B-9CD8-BA8A270631E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
Task: {17C5FB6C-38A0-4B90-B8A3-A8046C755D8B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {24FBADEA-F9E2-4351-A618-1EAC6D162E7B} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {26ED9712-F058-4672-94C8-A5A72FE096F6} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {280D7CAD-4D6D-40E0-8445-4AB78165CEB6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-21] (AVAST Software)
Task: {3021EACC-5460-4C07-B138-E3E39AF2D1BF} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-17] (Lenovo)
Task: {469C9574-2A77-46F3-A6AE-F4839DC990DE} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {4F7D59DE-B9C8-44E8-99D1-F3D4D1AB7FBF} - System32\Tasks\{E77544AC-C766-4A12-B59D-75E93C9DB8F6} => pcalua.exe -a H:\Porsche.exe -d H:\
Task: {575EEA96-FE20-484A-A919-503B40C727E2} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-13] (Lenovo)
Task: {5A58C5D1-0A0B-4950-A4F6-517CDABB6986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {62DF64B5-7847-482D-A8AC-FBCDB76A69F5} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {63BC2A52-7E70-475E-9448-7292E0EAC0C7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {699A54E9-E0E3-42ED-82B8-C6C9A1CACB9C} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program
Task: {702024A1-CEF6-4E04-9BEB-E6776E1D61DA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-02-22] (Lenovo)
Task: {7B0869B4-C60A-4537-A673-D2DBA1D2B05B} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-02-22] (Lenovo)
Task: {81C23224-0AC2-46E4-8515-9D2E6EC30B98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-19] (Microsoft Corporation)
Task: {8B2E1C51-F700-4457-BDE3-86CFB7992513} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9F0ED53C-6708-4B65-B2B0-04755E12AC11} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-17] (Lenovo)
Task: {A05EDD6A-7D4A-4A4F-8A7A-A55D154BD18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {C9695B63-DA41-4863-8912-47B9E179ECEA} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: {E007349E-7D2A-4989-AC9F-1488BA9F002C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-17] ()
Task: {F21098BB-8767-4014-B2C2-28194CDAB4BF} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-09-12 16:05 - 2015-09-12 16:05 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-09-12 16:48 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-12 17:15 - 2015-09-12 17:15 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
2015-12-24 21:30 - 2015-08-11 10:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-09-12 17:15 - 2015-09-12 17:15 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe
2015-12-24 21:30 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-12-24 21:30 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-24 21:30 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-24 21:31 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-24 21:31 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-12-24 21:30 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-07-13 12:29 - 2015-12-13 22:09 - 00396688 _____ () C:\Windows\system32\igfxTray.exe
2015-12-24 21:30 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-24 21:31 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-24 21:31 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-24 21:31 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 14:15 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-11 01:40 - 2015-07-11 01:40 - 00016288 _____ () C:\Program Files\lenovo\QuickOptimizer\ShowTaskbarIcon.dll
2015-07-11 01:40 - 2015-07-11 01:40 - 05067168 _____ () C:\Program Files\lenovo\QuickOptimizer\DTPrismAssistInf.dll
2015-09-12 15:33 - 2015-09-12 15:33 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-09-12 15:33 - 2015-09-12 15:33 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2015-09-12 16:53 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-02-26 18:12 - 2015-02-26 18:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2016-01-15 18:13 - 2016-01-15 18:13 - 00199680 _____ () C:\Program Files\PDF Architect 4\libidn.dll
2016-02-21 12:18 - 2016-02-21 12:18 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-21 12:18 - 2016-02-21 12:18 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-20 08:57 - 2016-03-20 08:57 - 02856960 _____ () C:\Program Files\AVAST Software\Avast\defs\16031901\algo.dll
2016-02-21 12:18 - 2016-02-21 12:18 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-12 16:36 - 2016-02-10 14:54 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll
2015-09-12 15:36 - 2015-07-28 05:05 - 00875960 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2015-09-12 15:36 - 2015-07-28 04:47 - 00081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-09-12 15:36 - 2015-07-28 04:47 - 00053248 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_socket.pyd
2015-09-12 15:36 - 2015-07-28 04:47 - 00655360 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ssl.pyd
2015-09-12 16:48 - 2015-06-24 12:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-12 15:44 - 2014-07-04 05:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 20:35 - 2014-07-04 20:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2015-12-25 00:06 - 2015-12-25 00:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-12 15:39 - 2015-02-13 00:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2016-03-20 10:47 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1A294E8A-F5B9-452A-B588-CA09437F3078}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{B0B9EFB5-0E05-4AA7-8401-9D6F628A2E44}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{CC79255F-E16C-41A9-B8CF-66F1A546EFA0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{5BFFC71E-3E8C-4FAD-8FEE-9307E00FC9A8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{E933C888-C7ED-4797-B7BB-4ECF5F073A34}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7EDEEBCA-1D29-4AE9-9305-245611B08F59}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B6747FA5-29F1-4048-B1BF-04526D7807F5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{52C07CDC-997C-43A8-8E56-1F43C7BF3872}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe
FirewallRules: [{0320EA3A-C66F-4B87-8668-0B9179849FAB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{BDFC8E2D-62A6-4D37-920C-70CA30E998B8}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{02266E95-A016-46C0-9820-4DEFDDEDE4DA}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{B806620A-C30A-48BF-A8E1-81DFE8662836}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{67A424DE-7B3F-4298-976F-B9A10F43C27A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8A0375A0-0D66-4A85-ABBD-F2E6F42C4C22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E58953C0-0CF6-4A43-9F3D-0FA9B2F128C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{950E3288-7A4B-45AD-ADFB-5A394B79E398}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{CFFB5777-3A13-4EC5-B96D-96F5F01C71E4}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{F9B28339-9648-416C-95E9-4BF424C6C422}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{E4C8A20F-848D-45D7-BE05-145A908859B9}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [TCP Query User{C6042765-20A0-4C68-BACE-360364C4C0CF}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{DD4F2201-C264-4890-B855-BE6169B6EC3A}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [{D27CF8E7-2E49-44A6-B292-59E75CBDA127}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{413A93A7-4ABA-4545-9751-A1BC07CE607F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8DA9F013-F9C1-462E-ACA7-83CD9B937225}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{52B203C6-FC36-498B-8672-6CD1E9B9D16F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{04F7A625-ECC4-492E-B594-54E16CA93068}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ED767E22-B191-493F-97C3-3DB90F7BD317}] => (Allow) LPort=2869
FirewallRules: [{0EAB50A4-82F5-4717-B365-D695CA604968}] => (Allow) LPort=1900
FirewallRules: [{E41F9977-61DE-49AA-964F-CE6649F9C986}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FBC3AE80-E5BE-4CA9-866B-4D75E73517D7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{5C54AFF0-D53C-4A42-A00B-E9D6F9AE0999}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
FirewallRules: [{8091A2DC-7AEE-4F35-8D85-5FEE30436A6A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{14DB94E9-1474-4CD0-8A60-482C34B33C81}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
FirewallRules: [{056C1F51-9F50-4D2F-BD7E-55E1F026B3B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{C93A5880-1C28-49B8-91E7-7C6E992EC83C}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
FirewallRules: [{6092FBBF-ADFE-4E90-8872-D69182492B9C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A04C0584-B5C4-4684-B491-33585CD22195}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

29-02-2016 17:40:00 Installed Microsoft Office Enterprise 2007
16-03-2016 20:18:10 Installed Windows Movie Maker 2.6
19-03-2016 19:39:56 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2016 03:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:09:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:05:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:05:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:05:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:05:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/20/2016 03:05:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-AMJ5VS8M)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

System errors:
=============
Error: (03/20/2016 11:49:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf9): Store.

Error: (03/20/2016 11:49:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070003): Store.

Error: (03/20/2016 11:49:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf9): Store.

Error: (03/20/2016 11:49:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070003): Store.

Error: (03/20/2016 11:49:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf9): Store.

Error: (03/20/2016 11:49:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070003): Store.

Error: (03/20/2016 11:48:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070003): Microsoft Photos.

Error: (03/20/2016 11:48:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf9): Microsoft Photos.

Error: (03/20/2016 11:48:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070003): Microsoft Photos.

Error: (03/20/2016 11:48:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073cf9): Microsoft Photos.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 58%
Total physical RAM: 4008.27 MB
Available physical RAM: 1652.2 MB
Total Virtual: 5736.27 MB
Available Virtual: 2773.72 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:885.23 GB) (Free:695.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.49 GB) NTFS
Drive e: (Traktor Simulátor) (CDROM) (Total:1.23 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DE949881)

Partition: GPT.

==================== End of Addition.txt ============================

Příspěvekod **jerabina** » 20 bře 2016 22:15

Příspěvek se ti vložil asi 4x, duplikáty mažu.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74969-a1e1-11e5-9bd2-b46d83c4d302} - "I:\Setup.exe" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74d64-a1e1-11e5-9bd2-b46d83c4d302} - "J:\setup.exe" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74dfb-a1e1-11e5-9bd2-b46d83c4d302} - "L:\Launcher.exe" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {7c87569c-cc20-11e5-9bd6-b46d83c4d302} - "G:\AUTORUN.EXE" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {8881baeb-d19d-11e5-9bdc-b46d83c4d302} - "F:\iStudio.exe" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a5f4-cc23-11e5-9bd7-b46d83c4d302} - "H:\AUTORUN.EXE" 
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a9a0-cc23-11e5-9bd7-b46d83c4d302} - "I:\Setup.exe" 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {162063B4-C7FD-4462-9AA8-72054663D1BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {1D5A5802-E8A0-4BEC-817A-E0D329C3EBEE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {44A99802-18BE-4A52-9E2E-63FF7F44E655} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {5EB91A2F-393F-467D-865C-DF6E82A07631} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {6ECFDB7D-14E8-4EF2-BA2F-38CDA369DEF4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {BD062FE4-F79D-498D-B66A-82830D0D3C4D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {C8544916-CC46-4DFD-A101-664F068AE38B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {D1187FD4-39C9-48E3-885F-4F1F55B74602} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_27368

FF NewTab: about:newtab
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Extension: Steel Cut 1.0.1 - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\kfvukq1w.default\Extensions\{94472264-1456-4402-a3a8-e58cafcd328f}.xpi [2016-03-15] [not signed]

C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\autoexec.bat
C:\Windows\system32\Drivers\EsgScanner.sys
C:\Users\Ondra\Downloads\SpyHunter-Installer (1).exe
C:\Users\Ondra\Downloads\SpyHunter-Installer.exe

C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

Task: {4F7D59DE-B9C8-44E8-99D1-F3D4D1AB7FBF} - System32\Tasks\{E77544AC-C766-4A12-B59D-75E93C9DB8F6} => pcalua.exe -a H:\Porsche.exe -d H:\
Task: {5A58C5D1-0A0B-4950-A4F6-517CDABB6986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {8B2E1C51-F700-4457-BDE3-86CFB7992513} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A05EDD6A-7D4A-4A4F-8A7A-A55D154BD18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {C9695B63-DA41-4863-8912-47B9E179ECEA} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Google\Update

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\Users\Ondra\Downloads\MK.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

sisik · Příspěvekod **sisik** » 21 bře 2016 16:07

FIXLOG:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Ondra (2016-03-21 15:58:51) Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd)
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74969-a1e1-11e5-9bd2-b46d83c4d302} - "I:\Setup.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74d64-a1e1-11e5-9bd2-b46d83c4d302} - "J:\setup.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {4fe74dfb-a1e1-11e5-9bd2-b46d83c4d302} - "L:\Launcher.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {7c87569c-cc20-11e5-9bd6-b46d83c4d302} - "G:\AUTORUN.EXE"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {8881baeb-d19d-11e5-9bdc-b46d83c4d302} - "F:\iStudio.exe"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a5f4-cc23-11e5-9bd7-b46d83c4d302} - "H:\AUTORUN.EXE"
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\...\MountPoints2: {fa00a9a0-cc23-11e5-9bd7-b46d83c4d302} - "I:\Setup.exe"

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {162063B4-C7FD-4462-9AA8-72054663D1BF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {1D5A5802-E8A0-4BEC-817A-E0D329C3EBEE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {44A99802-18BE-4A52-9E2E-63FF7F44E655} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {5EB91A2F-393F-467D-865C-DF6E82A07631} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {6ECFDB7D-14E8-4EF2-BA2F-38CDA369DEF4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {BD062FE4-F79D-498D-B66A-82830D0D3C4D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {C8544916-CC46-4DFD-A101-664F068AE38B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-747309766-3425171966-3680114264-1001 -> {D1187FD4-39C9-48E3-885F-4F1F55B74602} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_27368

FF NewTab: about:newtab
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [No File]
FF Extension: Steel Cut 1.0.1 - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\kfvukq1w.default\Extensions\{94472264-1456-4402-a3a8-e58cafcd328f}.xpi [2016-03-15] [not signed]

C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\autoexec.bat
C:\Windows\system32\Drivers\EsgScanner.sys
C:\Users\Ondra\Downloads\SpyHunter-Installer (1).exe
C:\Users\Ondra\Downloads\SpyHunter-Installer.exe

C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

Task: {4F7D59DE-B9C8-44E8-99D1-F3D4D1AB7FBF} - System32\Tasks\{E77544AC-C766-4A12-B59D-75E93C9DB8F6} => pcalua.exe -a H:\Porsche.exe -d H:\
Task: {5A58C5D1-0A0B-4950-A4F6-517CDABB6986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {8B2E1C51-F700-4457-BDE3-86CFB7992513} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A05EDD6A-7D4A-4A4F-8A7A-A55D154BD18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-14] (Google Inc.)
Task: {C9695B63-DA41-4863-8912-47B9E179ECEA} - \avast! Windows 10 Start Menu helper -> No File <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Google\Update

EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-747309766-3425171966-3680114264-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe74969-a1e1-11e5-9bd2-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{4fe74969-a1e1-11e5-9bd2-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe74d64-a1e1-11e5-9bd2-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{4fe74d64-a1e1-11e5-9bd2-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe74dfb-a1e1-11e5-9bd2-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{4fe74dfb-a1e1-11e5-9bd2-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c87569c-cc20-11e5-9bd6-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{7c87569c-cc20-11e5-9bd6-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8881baeb-d19d-11e5-9bdc-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{8881baeb-d19d-11e5-9bdc-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa00a5f4-cc23-11e5-9bd7-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{fa00a5f4-cc23-11e5-9bd7-b46d83c4d302} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa00a9a0-cc23-11e5-9bd7-b46d83c4d302}" => key removed successfully
HKCR\CLSID\{fa00a9a0-cc23-11e5-9bd7-b46d83c4d302} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{162063B4-C7FD-4462-9AA8-72054663D1BF}" => key removed successfully
HKCR\CLSID\{162063B4-C7FD-4462-9AA8-72054663D1BF} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1D5A5802-E8A0-4BEC-817A-E0D329C3EBEE}" => key removed successfully
HKCR\CLSID\{1D5A5802-E8A0-4BEC-817A-E0D329C3EBEE} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44A99802-18BE-4A52-9E2E-63FF7F44E655}" => key removed successfully
HKCR\CLSID\{44A99802-18BE-4A52-9E2E-63FF7F44E655} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5EB91A2F-393F-467D-865C-DF6E82A07631}" => key removed successfully
HKCR\CLSID\{5EB91A2F-393F-467D-865C-DF6E82A07631} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6ECFDB7D-14E8-4EF2-BA2F-38CDA369DEF4}" => key removed successfully
HKCR\CLSID\{6ECFDB7D-14E8-4EF2-BA2F-38CDA369DEF4} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD062FE4-F79D-498D-B66A-82830D0D3C4D}" => key removed successfully
HKCR\CLSID\{BD062FE4-F79D-498D-B66A-82830D0D3C4D} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C8544916-CC46-4DFD-A101-664F068AE38B}" => key removed successfully
HKCR\CLSID\{C8544916-CC46-4DFD-A101-664F068AE38B} => key not found.
"HKU\S-1-5-21-747309766-3425171966-3680114264-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1187FD4-39C9-48E3-885F-4F1F55B74602}" => key removed successfully
HKCR\CLSID\{D1187FD4-39C9-48E3-885F-4F1F55B74602} => key not found.
Firefox "newtab" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\kfvukq1w.default\Extensions\{94472264-1456-4402-a3a8-e58cafcd328f}.xpi => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\autoexec.bat => moved successfully
C:\Windows\system32\Drivers\EsgScanner.sys => moved successfully
C:\Users\Ondra\Downloads\SpyHunter-Installer (1).exe => moved successfully
C:\Users\Ondra\Downloads\SpyHunter-Installer.exe => moved successfully
C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F7D59DE-B9C8-44E8-99D1-F3D4D1AB7FBF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F7D59DE-B9C8-44E8-99D1-F3D4D1AB7FBF}" => key removed successfully
C:\Windows\System32\Tasks\{E77544AC-C766-4A12-B59D-75E93C9DB8F6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E77544AC-C766-4A12-B59D-75E93C9DB8F6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5A58C5D1-0A0B-4950-A4F6-517CDABB6986}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A58C5D1-0A0B-4950-A4F6-517CDABB6986}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B2E1C51-F700-4457-BDE3-86CFB7992513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2E1C51-F700-4457-BDE3-86CFB7992513}" => key removed successfully
C:\Windows\System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A05EDD6A-7D4A-4A4F-8A7A-A55D154BD18A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A05EDD6A-7D4A-4A4F-8A7A-A55D154BD18A}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9695B63-DA41-4863-8912-47B9E179ECEA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9695B63-DA41-4863-8912-47B9E179ECEA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Windows 10 Start Menu helper" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Program Files (x86)\Google\Update => moved successfully
EmptyTemp: => 376.3 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 16:00:48 ====

sisik · Příspěvekod **sisik** » 21 bře 2016 16:20

Snad te je ono...

Příspěvekod **jerabina** » 21 bře 2016 16:23

Ano, to je ono. Co problémy? + otestuj ještě ten soubor na Virustotal.

sisik · Příspěvekod **sisik** » 21 bře 2016 16:36

https://www.virustotal.com/cs/file/36ff ... 458574323/

sisik · Příspěvekod **sisik** » 21 bře 2016 16:38

Při spuštění Google Chrome mi to hlásí pořád to stejný, Prohlížeč Microsoft Edge mi po pár vteřinách padá, ale když spustí Mozzilu tak jede vše úplně v pohodě...

Příspěvekod **jerabina** » 21 bře 2016 16:44

Přeinstalovat tyto dva prohlížeče jsi zkoušel? Úplně je odstranit a nainstalovat znova?

sisik · Příspěvekod **sisik** » 21 bře 2016 16:47

To bylo první co mě napadlo, ale přijde mi, že ve Win10 jsou tyto prohlížeče součástí systému a nejdou odinstalovat. Nebo se pletu? Hledal jsem to a nikde mi to nenašlo možnost odinstalování a to si myslím, že vím jak se to dělá :-)

Příspěvekod **jaro3** » 22 bře 2016 08:37

C:\Users\Ondra\Downloads\MK.exe
pokud nevíš , co jsi stahoval , tak ten soubor raději smaž.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Re: Sekání počítače, prosím o kontrolu logu

Kdo je online