Zpomalene pc + nejde win update + sekani her pres net

[sisjarda]

ComboFix 16-08-15.01 - Uzivatel 18.08.2016 12:43:00.9.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.3.1250.420.1029.18.4095.2714 [GMT 2:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Uzivatel\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Disabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.31.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.31.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\52.0.2743.116\52.0.2743.116_51.0.2704.103_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\TEMP\logishrd\LVPrcInj02.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-07-18 do 2016-08-18 )))))))))))))))))))))))))))))))
.
.
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\Guest\AppData\Local\temp
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\AppData\AppData\Local\temp
2016-08-18 10:52 . 2016-08-18 10:52 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2016-08-18 10:34 . 2016-08-02 22:36 11847048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0F31CB8-3BAE-4EBF-89A8-F5F52587A573}\mpengine.dll
2016-08-17 13:02 . 2016-06-21 22:04 12007136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-08-15 13:05 . 2016-08-15 13:05 -------- d-----w- c:\program files (x86)\TrucksBook Client
2016-08-11 11:22 . 2016-08-11 11:22 -------- d-----w- C:\zoek
2016-08-11 09:57 . 2016-05-11 17:19 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA24965A-1D03-4362-8331-B22319338A50}\gapaengine.dll
2016-08-10 20:06 . 2016-08-10 20:06 -------- d-----w- c:\users\Uzivatel\AppData\Local\Adobe
2016-08-09 16:31 . 2016-08-11 09:53 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-08-09 16:30 . 2016-08-09 16:30 -------- d-----w- c:\programdata\RogueKiller
2016-08-08 11:06 . 2016-08-09 15:11 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-08-08 11:05 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-08-08 11:05 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-08-08 11:05 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-08-08 11:05 . 2016-08-08 11:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-08-08 10:55 . 2016-08-09 16:14 -------- d-----w- C:\AdwCleaner
2016-08-08 10:52 . 2016-08-08 10:52 -------- d-----w- c:\users\Uzivatel\AppData\Local\CEF
2016-08-08 10:51 . 2016-08-08 10:51 -------- d-----w- c:\users\Uzivatel\AppData\Local\ATI
2016-07-21 15:59 . 2016-07-21 15:59 -------- d-----w- c:\users\Uzivatel\AppData\Local\tkdata
2016-07-20 15:49 . 2016-07-20 15:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-07-19 19:49 . 2016-08-12 18:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\TeamViewer
2016-07-19 19:49 . 2016-07-19 20:03 -------- d-----w- c:\program files (x86)\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-27 19:25 . 2010-09-23 21:35 504488 ------w- c:\windows\system32\MpSigStub.exe
2016-07-21 15:43 . 2015-07-14 09:41 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-21 15:43 . 2015-07-14 09:41 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-20 15:49 . 2015-12-20 13:49 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-07-16 09:02 . 2016-07-16 09:02 6079168 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"MyComGames"="c:\users\Uzivatel\AppData\Local\MyComGames\MyComGames.exe" [2016-07-16 4804496]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2016-05-23 3639280]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-08-16 2857248]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-06-10 8810200]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
"PlaysTV"="c:\program files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" [2016-07-01 71440]
"Raptr"="c:\progra~2\RAPTRI~1\Raptr\raptrstub.exe" [2016-05-23 58640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
c:\users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PlaysService;Plays.tv Update Service;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe;c:\program files (x86)\BitComet\tools\BitCometService.exe [x]
R3 cpuz134;cpuz134;c:\users\Uzivatel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Uzivatel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-08-05 16:06 1262408 ----a-w- c:\program files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 15:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Bar = hxxp://www.google.com
mSearchAssistant = www.google.com
mCustomizeSearch = www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hkxr895t.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - about:homeabout:home
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\SecuROM\License information*]
"datasecu"=hex:36,0f,bf,fb,bd,06,02,e6,75,b6,ab,5f,ab,91,fa,b1,48,ac,11,9b,0a,
66,0b,ec,64,3f,e9,61,09,75,38,3c,31,e0,0c,66,e3,50,8a,bd,4d,54,8f,28,68,f5,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_210_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_210_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
.
**************************************************************************
.
Celkový čas: 2016-08-18 13:01:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-08-18 11:01
ComboFix2.txt 2016-08-17 12:59
.
Před spuštěním: Volných bajtů: 437 756 235 776
Po spuštění: Volných bajtů: 437 353 771 008
.
- - End Of File - - E574598A7662139EF816B6D16BA92E8D
A36C5E4F47E84449FF07ED3517B43A31

[Reklama]

[sisjarda]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:24, on 18.8.2016
Platform: Windows 7 SP3 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Users\Uzivatel\Desktop\HiJackThis.exe
C:\Users\Uzivatel\AppData\Local\Temp\nsx672D.tmp\setupHiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Uzivatel\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files (x86)\BitComet\tools\BitCometService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8538 bytes

[sisjarda]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-08-18 13:43:55
-----------------------------
13:43:55.130 OS Version: Windows x64 6.1.7601 Service Pack 3
13:43:55.130 Number of processors: 4 586 0x170A
13:43:55.130 ComputerName: JARIN UserName:
13:43:58.999 Initialize success
13:43:59.030 VM: initialized successfully
13:43:59.030 VM: Intel CPU BiosDisabled
13:44:11.101 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
13:44:11.116 Disk 0 Vendor: WDC_WD15EADS-65P8B0 01.00A01 Size: 1430799MB BusType: 3
13:44:11.241 Disk 0 MBR read successfully
13:44:11.241 Disk 0 MBR scan
13:44:11.241 Disk 0 Windows 7 default MBR code
13:44:11.241 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:44:11.257 Disk 0 default boot code
13:44:11.257 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1430697 MB offset 206848
13:44:11.272 Disk 0 scanning C:\Windows\system32\drivers
13:44:21.132 Service scanning
13:44:39.103 Modules scanning
13:44:39.103 Disk 0 trace - called modules:
13:44:39.119 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
13:44:39.119 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004aba060]
13:44:39.119 3 CLASSPNP.SYS[fffff88001afc43f] -> nt!IofCallDriver -> [0xfffffa8004813520]
13:44:39.119 5 ACPI.sys[fffff8800103a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa800480f680]
13:44:39.134 Disk 0 statistics 101316/0/0 @ 5,18 MB/s
13:44:39.134 Scan finished successfully
13:45:03.673 Disk 0 MBR has been saved successfully to "C:\Users\Uzivatel\Desktop\MBR.dat"
13:45:03.689 The log file has been saved successfully to "C:\Users\Uzivatel\Desktop\aswMBR.txt"
13:46:07.594 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
13:46:07.594 The log file has been saved successfully to "C:\aswMBR.txt"

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

[sisjarda]

Pc najizdi rychleji,ten win update hazi chybu 8007002, to sekani po netu při hrani je stále jestli mam spatnou odezvu nebo to souvisi s tim updatem netusim

[Orcus]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu, pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[sisjarda]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Uzivatel (administrator) on JARIN (26-08-2016 15:36:01)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Platform: Windows 7 Home Premium Service Pack 3 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-07-01] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [MyComGames] => C:\Users\Uzivatel\AppData\Local\MyComGames\MyComGames.exe [4804496 2016-07-16] (MY.COM B.V.)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-05-23] (Electronic Arts)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
Startup: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-08-09]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E7D12EEA-3715-49ED-B9DE-C00C397FFCDA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 -> Default = {3B81079D-2AC9-425f-A494-A1C7D93AFA3C}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {16920FF0-A4F1-441A-9DE2-A1611F008D58} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {39219F87-73E7-43BA-8A59-D107AD2397F2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {7D73E1C2-DD14-414E-98C0-3E2BC86C8C66} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {966EC2A2-8BDE-4AE8-A587-8A5039DAB86D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {9E6ED783-E5CA-4268-BEB9-827741B2AE03} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C1276BEA-EE38-4AB2-A8C8-6C1345B17534} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C3053591-1C96-4B57-B6A8-625BF1EB46D2} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C7179217-FCC6-465A-8D10-F0A180C48CFC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-20] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hkxr895t.default
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @kb-ext.cz/PKIComponent -> C:\Users\Uzivatel\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-08-19] (Komerční banka, a.s.)
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @my.com/Games -> C:\Users\Uzivatel\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-26] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-23] (Unity Technologies ApS)
FF Extension: (Adblock Plus) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hkxr895t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (AdBlock) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM-x32\...\Chrome\Extension: [namehpjphchkdhandfijckhfbooibkgg] - C:\ProgramData\DownloadnSave\namehpjphchkdhandfijckhfbooibkgg.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121224 2016-05-23] (Electronic Arts)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-07-01] (Plays.tv, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [140160 2006-12-20] (QUALCOMM Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-02-21] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-30] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-02-21] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-12-30] (Duplex Secure Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-11] ()
S3 cpuz134; \??\C:\Users\Uzivatel\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-26 15:36 - 2016-08-26 15:36 - 00015425 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2016-08-26 15:35 - 2016-08-26 15:36 - 00000000 ____D C:\FRST
2016-08-26 15:33 - 2016-08-26 15:33 - 02396160 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2016-08-24 20:29 - 2015-10-20 11:54 - 00264192 _____ (Thrustmaster) C:\Windows\system32\tmffbcpl.dll
2016-08-24 20:28 - 2016-08-24 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster
2016-08-24 20:28 - 2016-08-24 20:28 - 00000000 ____D C:\Program Files (x86)\Thrustmaster
2016-08-24 20:28 - 2015-10-20 11:53 - 00239616 _____ (Thrustmaster) C:\Windows\SysWOW64\tmffbcpl.dll
2016-08-24 20:28 - 2015-07-16 16:38 - 00035840 _____ (Thrustmaster) C:\Windows\SysWOW64\tmffbdrv.dll
2016-08-22 19:33 - 2016-08-22 19:33 - 00620159 _____ C:\Users\Uzivatel\Downloads\TB_Client_Beta_1_0_1.zip
2016-08-22 19:33 - 2016-08-22 19:33 - 00000000 ____D C:\Users\Uzivatel\Downloads\TB_Client_Beta_1_0_1
2016-08-22 15:57 - 2015-09-15 01:13 - 01473792 _____ (Flexera Software LLC) C:\Windows\system32\_isres_0x0409.dll
2016-08-22 15:57 - 2015-09-15 01:13 - 00431344 _____ (Flexera Software LLC) C:\Windows\system32\isrt.dll
2016-08-22 15:57 - 2015-07-16 16:38 - 00041472 _____ (Thrustmaster) C:\Windows\system32\tmffbdrv.dll
2016-08-22 15:54 - 2016-08-22 15:54 - 18767136 _____ (Thrustmaster) C:\Users\Uzivatel\Downloads\2016_FFD_4.exe
2016-08-19 17:42 - 2016-08-19 17:43 - 05583348 _____ C:\Users\Uzivatel\Downloads\Nepotvrzeno 147766.crdownload
2016-08-19 09:24 - 2016-08-19 09:29 - 00000340 _____ C:\Users\Uzivatel\Desktop\Fixni.txt
2016-08-18 13:46 - 2016-08-18 13:46 - 00000512 _____ C:\MBR.dat
2016-08-15 15:08 - 2016-08-15 15:08 - 00000000 ____D C:\Users\Uzivatel\Downloads\client_21002
2016-08-15 15:07 - 2016-08-15 15:07 - 43061319 _____ C:\Users\Uzivatel\Downloads\client_21002.zip
2016-08-15 15:05 - 2016-08-22 19:34 - 00001079 _____ C:\Users\Public\Desktop\TrucksBook Client.lnk
2016-08-15 15:05 - 2016-08-22 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrucksBook Client
2016-08-15 15:05 - 2016-08-22 19:34 - 00000000 ____D C:\Program Files (x86)\TrucksBook Client
2016-08-15 15:05 - 2016-08-15 15:05 - 00000000 ____D C:\Users\Public\Documents\TB Client
2016-08-15 15:04 - 2016-08-15 15:04 - 00000000 ____D C:\Users\Uzivatel\Downloads\TB_Client_Beta_1_0_0
2016-08-15 15:02 - 2016-08-15 15:02 - 00617627 _____ C:\Users\Uzivatel\Downloads\TB_Client_Beta_1_0_0.zip
2016-08-11 13:22 - 2016-08-11 13:22 - 00000000 ____D C:\zoek
2016-08-11 13:04 - 2016-08-11 13:22 - 00003371 _____ C:\runcheck.txt
2016-08-11 13:04 - 2016-08-11 13:04 - 00000000 ____D C:\zoek_backup
2016-08-11 11:52 - 2016-08-11 11:52 - 01309184 _____ C:\Users\Uzivatel\Desktop\zoek.exe
2016-08-10 22:06 - 2016-08-10 22:06 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\Adobe
2016-08-09 18:31 - 2016-08-11 11:53 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-08-09 18:30 - 2016-08-09 18:30 - 00000000 ____D C:\ProgramData\RogueKiller
2016-08-09 18:26 - 2016-08-09 18:26 - 00004939 _____ C:\Users\Uzivatel\Desktop\JRT.txt
2016-08-09 18:20 - 2016-08-09 18:20 - 25356360 _____ C:\Users\Uzivatel\Desktop\RogueKillerX64.exe
2016-08-09 18:19 - 2016-08-09 18:19 - 01610560 _____ (Malwarebytes) C:\Users\Uzivatel\Desktop\JRT.exe
2016-08-09 17:47 - 2016-08-09 17:47 - 00001154 _____ C:\malware.txt
2016-08-09 17:45 - 2016-08-09 17:45 - 00001151 _____ C:\Malw.txt
2016-08-08 13:53 - 2016-08-08 13:53 - 00750310 _____ C:\Mal.txt
2016-08-08 13:06 - 2016-08-09 17:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-08 13:05 - 2016-08-09 17:48 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-08 13:05 - 2016-08-08 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-08 13:05 - 2016-08-08 13:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-08 13:05 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-08 13:05 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-08 13:05 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-08 13:04 - 2016-08-08 13:04 - 22851472 _____ (Malwarebytes ) C:\Users\Uzivatel\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-08 12:55 - 2016-08-09 18:14 - 00000000 ____D C:\AdwCleaner
2016-08-08 12:54 - 2016-08-08 12:53 - 03712064 _____ C:\Users\Uzivatel\Desktop\adwcleaner_5.201.exe
2016-08-08 12:53 - 2016-08-08 12:53 - 03712064 _____ C:\Users\Uzivatel\Downloads\adwcleaner_5.201.exe
2016-08-08 12:52 - 2016-08-08 12:52 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\CEF
2016-08-08 12:51 - 2016-08-08 12:51 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\ATI
2016-08-08 12:45 - 2016-08-08 12:45 - 00448512 _____ (OldTimer Tools) C:\Users\Uzivatel\Downloads\TFC (1).exe
2016-08-08 12:45 - 2016-08-08 12:45 - 00448512 _____ (OldTimer Tools) C:\Users\Uzivatel\Desktop\TFC (1).exe
2016-08-08 12:41 - 2016-08-08 12:41 - 00050688 _____ (Atribune.org) C:\Users\Uzivatel\Downloads\ATF-Cleaner (1).exe
2016-08-07 11:01 - 2016-08-07 11:01 - 00006363 _____ C:\Users\Uzivatel\Downloads\ŠIŠKA_JAROSLAV (1).p12
2016-08-06 15:41 - 2016-08-06 15:41 - 07881808 _____ C:\Users\Uzivatel\Desktop\HiJackThis.exe
2016-07-30 10:00 - 2016-07-30 10:00 - 00002974 _____ C:\Windows\System32\Tasks\{B123D193-DE7F-4FAB-B70B-4389BD2A9C3F}
2016-07-29 16:04 - 2016-07-29 16:04 - 00118333 _____ C:\Users\Uzivatel\Downloads\details.htm
2016-07-28 23:10 - 2016-07-28 23:10 - 11313360 _____ (Microsoft Corporation) C:\Users\Uzivatel\Downloads\WindowsUpdateAgent-7.6-x64.exe
2016-07-28 22:28 - 2016-07-28 22:28 - 00002974 _____ C:\Windows\System32\Tasks\{AA210866-A102-4391-96E1-71ED8DD61010}
2016-07-28 22:27 - 2016-07-28 22:27 - 00002974 _____ C:\Windows\System32\Tasks\{EFA31BA1-D2AF-470D-910C-574CB5DEE996}
2016-07-27 22:02 - 2016-07-27 22:02 - 00000000 ____D C:\Users\Uzivatel\Desktop\Temp
2016-07-27 16:41 - 2016-07-27 16:41 - 07682248 _____ C:\Users\Uzivatel\Downloads\WER142E.tmp.mdmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-26 15:34 - 2009-07-14 06:45 - 00023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-26 15:34 - 2009-07-14 06:45 - 00023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-26 15:29 - 2016-02-03 23:42 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-26 15:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-25 22:53 - 2013-12-31 14:19 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TS3Client
2016-08-25 22:53 - 2012-10-22 13:54 - 00000000 ____D C:\Users\Uzivatel\Documents\Euro Truck Simulator 2
2016-08-25 22:02 - 2015-07-14 11:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-25 15:41 - 2016-06-18 23:28 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Raptr
2016-08-24 20:28 - 2010-10-09 12:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-24 15:50 - 2012-08-30 16:14 - 00000000 ____D C:\Users\Uzivatel\Documents\certifikat
2016-08-23 17:20 - 2015-10-17 01:10 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\MyComGames
2016-08-22 15:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-19 23:20 - 2016-03-10 20:05 - 00000000 ____D C:\Users\Uzivatel\Documents\American Truck Simulator
2016-08-19 09:33 - 2016-07-19 21:49 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TeamViewer
2016-08-19 09:33 - 2016-07-19 21:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-19 09:33 - 2014-02-26 16:21 - 00000000 ____D C:\Qoobox
2016-08-18 12:55 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-08-18 12:53 - 2009-07-14 04:34 - 90963968 _____ C:\Windows\system32\config\software.bak
2016-08-18 12:53 - 2009-07-14 04:34 - 26214400 _____ C:\Windows\system32\config\system.bak
2016-08-18 12:53 - 2009-07-14 04:34 - 00786432 _____ C:\Windows\system32\config\default.bak
2016-08-18 12:53 - 2009-07-14 04:34 - 00061440 _____ C:\Windows\system32\config\sam.bak
2016-08-18 12:53 - 2009-07-14 04:34 - 00032768 _____ C:\Windows\system32\config\security.bak
2016-08-18 12:52 - 2013-10-22 20:05 - 00000000 ____D C:\Windows\erdnt
2016-08-18 12:52 - 2012-03-03 16:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-15 15:09 - 2016-03-03 22:56 - 00000861 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-08-15 15:09 - 2016-03-03 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-08-15 15:09 - 2016-03-03 22:56 - 00000000 ____D C:\Program Files\TruckersMP
2016-08-13 20:50 - 2009-07-14 17:18 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-08-13 20:50 - 2009-07-14 17:18 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-08-13 20:50 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-11 20:47 - 2014-01-26 10:08 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2016-08-09 18:08 - 2010-09-23 23:15 - 00000000 ____D C:\Users\Uzivatel
2016-08-09 17:52 - 2014-11-19 20:21 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-08-09 17:48 - 2016-07-19 21:49 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-09 17:48 - 2016-07-19 21:49 - 00001029 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-09 17:48 - 2016-06-21 20:22 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-09 17:48 - 2016-06-18 23:30 - 00002017 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-08-09 17:48 - 2016-04-17 23:24 - 00000806 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2016-08-09 17:48 - 2016-04-17 23:24 - 00000800 _____ C:\Users\Public\Desktop\Project CARS.lnk
2016-08-09 17:48 - 2016-04-10 23:41 - 00001024 _____ C:\Users\Public\Desktop\Open Rails.lnk
2016-08-09 17:48 - 2016-03-16 20:55 - 00001342 _____ C:\Users\Public\Desktop\C-TECH CRONUS ULTIMATE GAMING SOFTWARE v1.0.lnk
2016-08-09 17:48 - 2016-03-02 22:43 - 00002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 17:48 - 2016-03-02 22:43 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-09 17:48 - 2016-02-03 23:42 - 00000961 _____ C:\Users\Public\Desktop\Steam.lnk
2016-08-09 17:48 - 2015-12-23 01:13 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-09 17:48 - 2015-12-23 01:13 - 00001145 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-09 17:48 - 2015-11-17 13:56 - 00000977 _____ C:\Users\Public\Desktop\Origin.lnk
2016-08-09 17:48 - 2015-09-12 07:20 - 00002725 _____ C:\Users\Public\Desktop\Skype.lnk
2016-08-09 17:48 - 2015-06-07 20:26 - 00001396 _____ C:\Users\Public\Desktop\The Witcher 3 - Wild Hunt.lnk
2016-08-09 17:48 - 2014-12-30 13:47 - 00001948 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-08-09 17:48 - 2014-06-21 14:46 - 00000763 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-08-09 17:48 - 2014-02-17 00:27 - 00001005 _____ C:\Users\Public\Desktop\BitComet.lnk
2016-08-09 17:48 - 2013-12-31 14:19 - 00001170 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-08-09 17:48 - 2013-10-31 21:51 - 00001401 _____ C:\Users\Public\Desktop\WarThunder.lnk
2016-08-09 17:48 - 2013-10-23 13:01 - 00000796 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2016-08-09 17:48 - 2013-03-28 16:16 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-08-09 17:48 - 2013-03-28 16:16 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-08-09 17:48 - 2012-09-26 22:40 - 00003041 _____ C:\Users\Public\Desktop\Nero StartSmart 10.lnk
2016-08-09 17:48 - 2012-09-26 22:37 - 00003023 _____ C:\Users\Public\Desktop\Nero MediaHub 10.lnk
2016-08-09 17:48 - 2012-09-26 22:35 - 00003021 _____ C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
2016-08-09 17:48 - 2012-05-20 12:28 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-08-09 17:48 - 2010-12-20 19:30 - 00001101 _____ C:\Users\Public\Desktop\PokerStars.net.lnk
2016-08-09 17:48 - 2010-10-09 12:17 - 00001106 _____ C:\Users\Public\Desktop\WinRAR.lnk
2016-08-09 17:48 - 2010-09-23 23:07 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-08-09 17:48 - 2010-09-23 23:07 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-08-09 17:48 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-09 17:48 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-08-09 17:48 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-08-09 17:48 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-08-09 17:48 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-08-09 17:47 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-09 17:46 - 2016-03-10 20:03 - 00001335 _____ C:\Users\Uzivatel\Desktop\American Truck Simulator.lnk
2016-08-09 17:46 - 2016-03-02 22:40 - 00002289 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 17:46 - 2016-03-02 22:40 - 00002259 _____ C:\Users\Uzivatel\Desktop\Google Chrome.lnk
2016-08-09 17:46 - 2016-01-27 23:06 - 00000795 _____ C:\Users\Uzivatel\Desktop\World of Warships.lnk
2016-08-09 17:46 - 2015-10-17 01:10 - 00002028 _____ C:\Users\Uzivatel\Desktop\My.com Game Center.lnk
2016-08-09 17:46 - 2015-03-14 14:48 - 00001023 _____ C:\Users\Uzivatel\Desktop\Spintires.lnk
2016-08-09 17:46 - 2015-02-25 00:19 - 00002102 _____ C:\Users\Uzivatel\Desktop\Auta.lnk
2016-08-09 17:46 - 2015-02-25 00:18 - 00001258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2016-08-09 17:46 - 2015-01-27 00:21 - 00001211 _____ C:\Users\Uzivatel\Desktop\Farming Simulator 15 .lnk
2016-08-09 17:46 - 2014-06-21 14:39 - 00000000 ____D C:\Users\Uzivatel\Desktop\screenshots
2016-08-09 17:46 - 2014-02-17 00:39 - 00002136 _____ C:\Users\Uzivatel\Desktop\Minecraft.lnk
2016-08-09 17:46 - 2013-01-25 19:56 - 00002158 _____ C:\Users\Uzivatel\Desktop\Agricultural Simulator 2013.lnk
2016-08-09 17:46 - 2012-07-08 21:45 - 00002009 _____ C:\Users\Uzivatel\Desktop\Agricultural Simulator 2012.lnk
2016-08-09 17:46 - 2011-10-23 12:50 - 00001321 _____ C:\Users\Uzivatel\Desktop\Landwirtschafts Simulator 2011 .lnk
2016-08-09 17:46 - 2011-02-19 15:58 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-09 17:46 - 2010-12-20 19:30 - 00001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.net.lnk
2016-08-09 17:46 - 2010-09-23 23:15 - 00001319 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-09 17:46 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-08-09 17:46 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-08-09 17:45 - 2016-04-17 23:24 - 00000000 ____D C:\Program Files (x86)\Project CARS
2016-08-09 17:45 - 2012-06-16 09:39 - 00000000 ____D C:\ProgramData\InstallMate
2016-08-08 13:05 - 2013-10-19 21:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-30 09:53 - 2012-10-22 13:46 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2
2016-07-29 16:08 - 2011-11-08 22:10 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\ElevatedDiagnostics
2016-07-27 21:25 - 2010-09-23 23:35 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-27 17:37 - 2015-04-04 10:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-27 17:36 - 2016-07-26 23:46 - 00000000 ____D C:\Users\Uzivatel\Desktop\Twenty One Pilots - Vessel (2013)
2016-07-27 17:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

==================== Files in the root of some directories =======

2010-10-16 19:22 - 2010-10-16 19:22 - 0033134 _____ () C:\Users\Uzivatel\AppData\Roaming\UserTile.png
2014-01-26 11:20 - 2014-01-26 11:20 - 0000218 _____ () C:\Users\Uzivatel\AppData\Local\recently-used.xbel
2015-04-07 17:43 - 2015-04-07 17:43 - 0000410 _____ () C:\Users\Uzivatel\AppData\Local\Temp-log.txt
2015-05-26 22:38 - 2015-05-26 22:38 - 0000000 _____ () C:\Users\Uzivatel\AppData\Local\Temp.dat
2011-01-03 18:17 - 2011-01-03 18:17 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2014-01-26 11:51 - 2014-01-26 11:51 - 0000000 _____ () C:\ProgramData\spds90.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 18:57

==================== End of FRST.txt ============================

[sisjarda]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by Uzivatel (26-08-2016 15:38:00)
Running from C:\Users\Uzivatel\Desktop
Windows 7 Home Premium Service Pack 3 (X64) (2010-09-23 21:15:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1595650876-3556912388-1829575210-500 - Administrator - Disabled)
Guest (S-1-5-21-1595650876-3556912388-1829575210-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1595650876-3556912388-1829575210-1014 - Limited - Enabled)
Uzivatel (S-1-5-21-1595650876-3556912388-1829575210-1000 - Administrator - Enabled) => C:\Users\Uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Agricultural Simulator 2012 (HKLM-x32\...\Agrar Simulator 2012) (Version: - )
Agricultural Simulator 2013 (HKLM-x32\...\Agricultural Simulator 2013) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
American Truck Simulator (HKLM-x32\...\American Truck Simulator_is1) (Version: - )
Armored Warfare MyCom (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Armored Warfare MyCom) (Version: 1.76 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ASUS RT-N10E Wireless Router Utilities (HKLM-x32\...\{580CA891-08DB-4B6F-B0C1-DF1D149671D7}) (Version: 4.2.3.5 - ASUS)
Auta (HKLM-x32\...\InstallShield_{79A933C8-E333-4D8D-9D5C-86945715E532}) (Version: 1.00.0000 - Název společnosti:)
Auta (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Auta 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)
BitComet 1.35 (HKLM-x32\...\BitComet) (Version: 1.35 - CometNetwork)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
C-TECH CRONUS ULTIMATE GAMING SOFTWARE v1.0 (HKLM-x32\...\C-TECH CRONUS ULTIMATE GAMING SOFTWARE v1.0) (Version: - C-TECH)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.2.0.0 - Ubisoft)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.4.1.0 - GIANTS Software)
Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
Fishing Planet (HKLM\...\Steam App 380600) (Version: - Fishing Planet LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
KB-320e (HKLM-x32\...\{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}) (Version: 1.80.0000 - KYE)
K-Lite Mega Codec Pack 9.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 Trial (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.6 (HKLM-x32\...\{FA2E60B4-783D-44A8-99C2-B226CCFCA000}) (Version: 1.2.6 - Thorvald Natvig)
My.com Game Center (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\MyComGames) (Version: 3.152 - My.com B.V.)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Rails 1.1.1.3487 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.1.1.3487 - Open Rails)
OpenGL Extensions Viewer 4.1 (HKLM-x32\...\GLVIEW3) (Version: 435 - )
Origin (HKLM-x32\...\Origin) (Version: 9.10.2.4863 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.12.1-r114309-release - Plays.tv, LLC)
Project CARS (HKLM-x32\...\UHJvamVjdENBUlM=_is1) (Version: 1 - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
SCS Workshop Uploader (HKLM\...\Steam App 421800) (Version: - )
Seznam Software (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\SeznamInstall) (Version: - Seznam.cz)
SHReK the THiRD(TM) (HKLM-x32\...\InstallShield_{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}) (Version: 1.00.0000 - Activision)
SHReK the THiRD(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Spintires_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
The Saboteur™ (HKLM-x32\...\{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}) (Version: 1.0.0.0 - Electronic Arts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version: - )
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 4.FFD.2016 - Thrustmaster)
TruckersMP 0.2.1.0.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.0.2 Alpha - ETS2MP Team)
TrucksBook Client verze 1.0.1 (HKLM-x32\...\TrucksBook Client_is1) (Version: 1.0.1 - TrucksBook)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\43.0.2357.81\delegate_execute.exe (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03A38794-F449-4566-97F6-9E71250DF9F3} - System32\Tasks\{C2A86779-055F-4EEE-A641-566C310B1A50} => C:\Program Files (x86)\Square Enix\Sleeping Dogs\HKShip.exe
Task: {054D1D64-BC9F-4FF4-8CD7-56F456354AC4} - System32\Tasks\{52902D82-48EB-4987-8F68-210C25C86FCE} => C:\Program Files (x86)\2K Games\Mafia II\pc\mafia2.exe
Task: {070B8B06-03F4-4404-92CB-B610DBCBD1A6} - System32\Tasks\{687FD834-DC42-4BB8-A47B-6A0D5ADCEA38} => C:\Program Files (x86)\2K Games\Mafia II\pc\mafia2.exe
Task: {08E0A823-0E98-45D6-B5A6-45BF61C86280} - System32\Tasks\{00B42A05-3178-4E1E-BF1A-54F9F45A2A16} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.115/cs/ ... rogressBar
Task: {09CCBA08-F9C3-4A44-9D17-14BB52821680} - System32\Tasks\{B123D193-DE7F-4FAB-B70B-4389BD2A9C3F} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {0B80F25D-3196-4207-8572-77F78B3ECF2B} - System32\Tasks\{CB560FE5-41B5-4376-9C95-194881971389} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {1159C05D-B827-4EF7-B4E8-0158F6CC459B} - System32\Tasks\{A7F31966-27E4-406F-812C-004BDC4E10BF} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.115/cs/ ... rogressBar
Task: {1171666A-2EC6-4C2F-B115-BAB32314282B} - System32\Tasks\{488616B6-FE32-4DB3-B80E-27179A7028EC} => E:\Program Files\iWin Games\iWinGames.exe
Task: {224FAB13-34CC-49D3-9DD2-4BA4AB896985} - System32\Tasks\{EFA31BA1-D2AF-470D-910C-574CB5DEE996} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {2D65F380-1F93-49B7-BA46-88A87B0FDDB3} - System32\Tasks\{52955064-5403-4D50-8092-657F440A9E73} => C:\Games\World_of_Warplanes\WOWpLauncher.exe [2015-08-27] (Wargaming.net)
Task: {3881239D-354E-4159-A095-B3BD14EF0EE9} - System32\Tasks\{86543D21-E32E-4BF9-B26D-550C8C44D7F5} => pcalua.exe -a "C:\Program Files (x86)\Bagger-Simulator 2011\Uninstal.exe" -d "C:\Program Files (x86)\Bagger-Simulator 2011"
Task: {44F2C46F-B7E4-4B88-BD52-5F9CF315D1C5} - System32\Tasks\{7C32B58D-BB45-48C6-B901-C8EB67972904} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {460428E0-C336-4689-A0D4-C867156F2243} - System32\Tasks\{AA210866-A102-4391-96E1-71ED8DD61010} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {4A287A58-0044-4879-8325-66CA82324E3B} - System32\Tasks\{DD3D523F-B312-452D-962C-7E2416BD0EC3} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\Instalátor TB Uploader.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2"
Task: {53D1B6C3-814A-4B2D-8A87-2B253CD5E4C7} - System32\Tasks\{B0563FA4-C410-497F-BF24-FFC6425F8396} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {57F04050-40C4-4E97-9FC0-1AC9A1F53CC0} - System32\Tasks\{98C0F374-16FB-4022-977B-6DEFA2549C4B} => C:\Program Files (x86)\Trucksbook Uploader\TrucksBook Uploader.exe
Task: {5A9678EB-91AF-4EDF-9026-9A92C633DC43} - System32\Tasks\{56E9864E-BF51-4CB7-B030-C397E0EFD5B7} => pcalua.exe -a C:\Users\Uzivatel\Downloads\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Uzivatel\Downloads
Task: {5C837274-5427-4B4A-98FF-54CC90008D2F} - System32\Tasks\{A8389AAE-3BF9-4265-81FE-E7AC04553659} => C:\Program Files (x86)\Square Enix\Sleeping Dogs\HKShip.exe
Task: {5D52D4D2-63FA-4021-9C08-C039754A9B05} - System32\Tasks\{1842386C-CDE1-4D4F-B9A8-2F13C70D6714} => pcalua.exe -a C:\Users\Uzivatel\Desktop\Mafia2CZby_Mazarini\Unpack4game\Phoenix.exe -d C:\Users\Uzivatel\Desktop\Mafia2CZby_Mazarini\Unpack4game
Task: {66487936-E111-44E9-81EC-A0B96F21246F} - System32\Tasks\{3FC10ACB-4384-414D-945F-D257F32A5530} => pcalua.exe -a K:\RGSC\setup.exe -d K:\RGSC
Task: {689D9302-71BB-4493-80D8-E0D80C4FDE96} - System32\Tasks\{BE36BD10-D6EF-41F6-B4BB-B75EA66F96E6} => C:\Program Files (x86)\Square Enix\Sleeping Dogs\HKShip.exe
Task: {69D9F99C-0D2C-475A-896D-D02FBB12A038} - System32\Tasks\{039A128F-D013-4321-BB85-884735B9F707} => pcalua.exe -a D:\setup.exe -d D:\
Task: {786CD500-A717-4132-96C5-2EEDB104C6DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {81D006DF-4242-4AA4-80C7-AA08F8F18BA2} - System32\Tasks\{D2FB89BB-A4FD-4F5B-86D8-755914C4B746} => pcalua.exe -a "K:\Support\Need for Speed Undercover_code.exe" -d K:\Support
Task: {89C5ACE8-0A98-4D10-98B2-4195077CC9A0} - System32\Tasks\{B14F5514-C7DA-4206-A82F-F255E4F6928A} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {8BADDEC4-49B8-4E1B-93CB-D8E418261A7A} - System32\Tasks\{A2F4FE66-9A11-47CE-88EB-7512EFB4C82A} => Firefox.exe hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {9474BA2D-7D45-45C3-BFA8-FFEF4E377CED} - System32\Tasks\{C83AE50A-9E05-4D04-822F-8BDD209FFFE4} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {9E74A185-8523-442E-9602-086BC67964B1} - System32\Tasks\{26C28395-2E67-4470-BB53-AAA3CA43D72D} => pcalua.exe -a "C:\Program Files (x86)\Square Enix\Sleeping Dogs\redist\D3D11Install_2010.exe" -d "C:\Program Files (x86)\Square Enix\Sleeping Dogs\redist"
Task: {A3CD8629-F24C-4E1D-9AFA-50EF73A6147F} - System32\Tasks\{C5E741BC-9128-4F49-8A62-37F114D1B1F4} => C:\Program Files (x86)\Square Enix\Sleeping Dogs\HKShip.exe
Task: {A7A2E7A7-8514-4D6F-B44C-AC23D36F54D4} - System32\Tasks\{08EC7A3B-ECD6-478E-B80F-8A4427D249C2} => pcalua.exe -a C:\Users\Uzivatel\Downloads\RoyalVegas.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A7B1D7D9-D34C-482D-8565-42767A41ADB8} - System32\Tasks\{207A70D6-7AE4-46C6-853A-8125F4D3BC29} => pcalua.exe -a "C:\Program Files (x86)\Gamma Task Menager\uninstall.exe" -d "C:\Program Files (x86)\Gamma Task Menager"
Task: {B70A801F-F22B-4B58-8680-63E86A4DBCCB} - System32\Tasks\{ABFAA201-BDAF-4821-AF06-DCA1D934A6AC} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124/en/a ... d;disabled
Task: {B71544FA-713D-4B43-9A5C-638B44E20051} - System32\Tasks\{024A70A6-2FCD-4C37-82EC-DA14BCC3030F} => pcalua.exe -a K:\setup.exe -d K:\
Task: {C45A1EFF-7C35-46B8-8BCE-43A501D90DA1} - System32\Tasks\{F85C6F97-6E07-4399-8428-94961405B3C4} => E:\Program Files\iWin Games\iWinGames.exe
Task: {C583F062-2981-4D88-A1FA-511815AE4AA4} - System32\Tasks\{51512A48-C894-4F06-8A5F-F3ABAB22AEDC} => C:\Program Files (x86)\2K Games\Mafia II\pc\RemoveSaves.exe
Task: {C96DC331-982C-4143-BA1C-CF9DC42A5574} - System32\Tasks\{2BBC0F98-670D-4E2F-BEB0-9CA8E4F5CEE6} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)
Task: {D1B79A1B-AD44-49E2-AB4D-5DFD66294B26} - System32\Tasks\{0A938F02-6A3A-4EDC-A827-1A19D3452A84} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/cs/g ... Error=1603
Task: {D246D24E-8D31-4088-862B-C3609F7B259C} - System32\Tasks\{CF025DF7-B5A1-424A-BCB1-BE5C3C380999} => C:\Program Files (x86)\1C\RigNRoll\rungame.exe
Task: {D2BA63F2-A620-40C0-BFDF-72BBF4224E77} - System32\Tasks\{543D1791-B00B-45A1-AF01-C6F4D1F4B62F} => pcalua.exe -a E:\setup.exe -d E:\
Task: {D4902C9B-8AE6-426F-B85D-119E14018D3E} - System32\Tasks\Application Installer Cleaner => C:\Program Files (x86)\Application Installer\ApplicationInstaller.exe <==== ATTENTION
Task: {D59F272E-A181-4423-B3C9-6FC0DD4CC0CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-21] (Adobe Systems Incorporated)
Task: {D641E3E1-E146-4752-872A-C8E9933CF610} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {E255B0CD-5929-47E5-81BA-6A675995A7A6} - System32\Tasks\{FABB8663-40C5-42EE-B2CB-79CCAB701B82} => C:\Program Files (x86)\TrucksBook Client\TB Client.exe [2016-08-20] (TrucksBook)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 4.1\OpenGL Extensions Viewer 4.1 Home Page.lnk -> hxxp://www.realtech-vr.com/glview/
Shortcut: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 4.1\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com/

ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->
ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->

==================== Loaded Modules (Whitelisted) ==============

2016-02-03 23:44 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-03 23:44 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-03 23:44 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-03 23:44 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-03 23:44 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-03 23:44 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-03 23:44 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-03 23:44 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-03 23:44 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-03 23:44 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-03 23:44 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 17:47 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-02-03 23:44 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\Temp:temp [479147]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:72D2E2A0 [128]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\Classes\.bat: batfile => <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\mojebanka.cz -> hxxps://*.mojebanka.cz
IE trusted site: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-18 12:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F484FF36-EC41-4505-83AC-3E072BAFCD68}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{94256DF9-A764-4CA7-9D2C-4F5E3A95D9A2}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [TCP Query User{FF5E8121-11F9-4AFD-A287-106A2419CC14}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{2468608C-3FA7-4825-8F9F-8C7E07353B85}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{45CAFC43-C859-4E89-8EA4-AD86EF2EAEF9}E:\program files\skype\phone\skype.exe] => (Allow) E:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{0FFA7462-6998-4044-9381-B1444AF7187E}E:\program files\skype\phone\skype.exe] => (Allow) E:\program files\skype\phone\skype.exe
FirewallRules: [{C89F5932-5850-4CFE-8808-E026C8211731}] => (Allow) LPort=21808
FirewallRules: [{4F04739D-9CBD-4302-A2D3-E2D9978D4C80}] => (Allow) LPort=21808
FirewallRules: [TCP Query User{19CB4B19-5CDD-4C19-A3C7-915002A82721}C:\program files (x86)\bitcomet\bitcomet_x64.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet_x64.exe
FirewallRules: [UDP Query User{359ACC36-379A-4BEA-9B1A-077FF53DF30E}C:\program files (x86)\bitcomet\bitcomet_x64.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet_x64.exe
FirewallRules: [{5C7B92BC-39FE-4195-BF7A-534AB4DB655F}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{538CA2B7-371E-434D-9FFE-7DF825607D3C}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{1E396F09-C6D5-47EA-8677-CC4A47609884}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{A3DAFFF1-E7E8-443D-9016-64D3BC340368}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe
FirewallRules: [{E7DC436B-B3A5-459C-93C8-BAE5102AF650}] => (Allow) LPort=16341
FirewallRules: [{BC0851BB-A914-440D-B491-2FE0A2F78C07}] => (Allow) LPort=16341
FirewallRules: [{1B4EEB75-E7BA-466F-8B39-1B04E5BB106B}] => (Allow) LPort=16341
FirewallRules: [{0C359D99-5D8A-4666-B9B7-0E3513D7E2CF}] => (Allow) LPort=16341
FirewallRules: [TCP Query User{89768983-237C-4BEF-BC86-2F677053EB68}C:\games\need for speed the run\need for speed the run.exe] => (Block) C:\games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{AF36141D-B338-4F92-AC2C-C3BAB0FF79A7}C:\games\need for speed the run\need for speed the run.exe] => (Block) C:\games\need for speed the run\need for speed the run.exe
FirewallRules: [{DBAE1495-C7AF-4E99-8DCB-C5DE7CEFB7CB}] => (Allow) LPort=25111
FirewallRules: [{BC29CE2E-E5BE-4F93-BC00-9095B2ACAC1C}] => (Allow) LPort=25111
FirewallRules: [{266F2CC8-7A62-478B-A200-7C144753FD42}] => (Allow) LPort=27358
FirewallRules: [{1FD3A817-1FFC-4C42-A790-91866EB8724F}] => (Allow) LPort=27358
FirewallRules: [{69CB475C-75A1-48A6-BC03-B9712EC65D1D}] => (Allow) LPort=27385
FirewallRules: [{2B850016-1BAC-4C43-9036-DBF38299E5A6}] => (Allow) LPort=27385
FirewallRules: [{A37DA908-C3F5-4380-A36A-A559A0501C73}] => (Allow) LPort=16647
FirewallRules: [{D3EFE343-1192-474C-AD18-FA676998A4CC}] => (Allow) LPort=16647
FirewallRules: [TCP Query User{A19BA93B-3996-4CC5-843F-6D5EE327D34A}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{1236B070-22D1-4100-A7B3-15C1A594F471}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{620D69EA-50E9-4715-ABA8-C83A81530255}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{07991889-AD1A-4ECC-B30F-2C4C5B7C12C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EAB80729-3940-4548-B5EF-B146C58BD8AE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9539868B-9929-45C2-9E46-803FBFA91FF6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CB5544D4-F611-4DBB-8BC1-C7FC34701D13}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{8A7531DE-96BD-4449-82CF-086B2A0B51F1}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe
FirewallRules: [{12BA4FA8-1F48-428A-A875-573D5D730937}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CDD5410F-B2DB-4C55-9CEC-3ADD37FD2859}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{379D3B24-2292-4CC4-B977-56F6AC3AB73C}C:\program files (x86)\agrar simulator 2012\farm2012.dll] => (Block) C:\program files (x86)\agrar simulator 2012\farm2012.dll
FirewallRules: [UDP Query User{DEB24257-6BF4-4972-89C5-DCC549D6A6F7}C:\program files (x86)\agrar simulator 2012\farm2012.dll] => (Block) C:\program files (x86)\agrar simulator 2012\farm2012.dll
FirewallRules: [{7F1EBB1D-0EEF-4602-B5DA-ED0957D531A6}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{8668D2DF-C2DD-43C7-80CE-5EE6D9D30BA2}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe

[sisjarda]

FirewallRules: [{AAA69B72-19B7-4B98-BB94-EAFA95053558}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{93C2F8F8-BFC4-4F5B-8DCC-6EF0E5EF9CB7}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{10B1F417-6F9C-48F7-BC91-F144A504BB1E}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{CE2FAD62-AA05-4936-8008-707B6C922000}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{5FB9E237-8A71-47E8-88C6-BD7117BE2BE0}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{FDDE670F-64DD-4314-B9B3-2D657C340531}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{C1CB2214-A696-4777-943E-63B01973F8D6}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{77D55285-FFC8-49F9-8899-3F091D85D5AC}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{C015731B-4C02-4EF8-A589-CC4B0235C912}C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E2795050-4DFF-4442-AB07-55A199AA1CFE}C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{C5363E90-61B8-41F4-A10F-2C4E80656121}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{2CC0D640-68ED-4923-A5D4-0AB38CB592B5}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [TCP Query User{7844A777-589C-482F-810E-285BDB30559B}C:\program files (x86)\warthunder\aces.exe] => (Block) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{0AF607AD-8307-4696-8CE6-E521AED375CE}C:\program files (x86)\warthunder\aces.exe] => (Block) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [TCP Query User{1CB7023C-0DCA-4109-B8DF-CFDC685C1059}C:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [UDP Query User{1E10A88F-4AC5-4ACF-BAAC-FEB85CF11B2F}C:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [TCP Query User{8CAE4FC0-617B-40ED-83C5-E8677987E4A6}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{4DAA7F35-E887-407D-8028-B692E841864A}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [TCP Query User{7454D7AC-8343-4F13-8AB9-E69A0A449497}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{134ABCE5-99A4-48B5-AF9F-5C53E5AB4346}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{42280684-9704-49F9-9C4C-8AE5F8F2FAAD}C:\program files (x86)\warthunder\launcher.exe] => (Allow) C:\program files (x86)\warthunder\launcher.exe
FirewallRules: [UDP Query User{A39C3141-A245-4B87-A3A7-4A5F6B408ADE}C:\program files (x86)\warthunder\launcher.exe] => (Allow) C:\program files (x86)\warthunder\launcher.exe
FirewallRules: [TCP Query User{BF049282-BC41-49D4-B540-EBF811377353}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{140510BC-6573-4C7A-A3DA-9AA1BA4D77D9}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{CC144C76-1266-4380-B092-89B20FD51995}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{3603354D-199E-4381-9C5F-DF9347D0519A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{61441FE4-B3B1-4498-9110-4108301638F9}C:\program files (x86)\ubisoft\driver san francisco\driver.exe] => (Block) C:\program files (x86)\ubisoft\driver san francisco\driver.exe
FirewallRules: [UDP Query User{32627C65-434F-40FA-9FE9-21DCBE33A127}C:\program files (x86)\ubisoft\driver san francisco\driver.exe] => (Block) C:\program files (x86)\ubisoft\driver san francisco\driver.exe
FirewallRules: [{561A67DB-C190-4076-A1B8-1E409AFB13A4}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
FirewallRules: [{B4FFC160-67E8-495D-A452-F8DF53872C63}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe
FirewallRules: [{4404F7BB-0845-45D4-B55B-522973F97C7F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
FirewallRules: [{DEBECE47-E3E3-44BE-A574-A6B136814A97}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe
FirewallRules: [{3FA15287-3C37-4ED8-BCAA-4E5335A897CB}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{2307DA92-CCC8-4C52-B8CA-2DE58D1E2F6F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{B723DA1F-B486-4227-B629-D82D3D1810A5}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
FirewallRules: [{7705A4D6-83DD-4D5F-9367-F91A0EEAAFB8}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe
FirewallRules: [{BC2CCC60-D274-4F06-ACC3-CF3AA07EDE85}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{DC1D901D-A41B-409F-AA0C-8EC8CD46FF24}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [TCP Query User{070F9B9B-E4C2-4CB7-B1DA-9DA5006DD371}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe] => (Block) C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{41CC7959-2E59-4C78-8CA5-8AA6CF93BD99}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe] => (Block) C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [{79CB3082-7C0A-4E66-975A-30EEE643468D}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{D1B7B7E7-12CA-4BC8-A13A-C51F41331DA4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{CB055CE9-8FD1-403A-A9FE-C278C9F6FD66}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{563D7556-F337-4D8C-BD34-20EEBF204A91}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{1167BE24-35F7-496B-BBEB-1A0C5890661A}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0E93A7DA-174E-49BF-B00A-28D127077446}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [TCP Query User{71A06407-F280-4A49-B6F7-C3E45D3E53D2}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{0A92D9DA-E1B0-4381-9507-99A4B3225C61}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{6FC87D17-C1E9-4EC4-A6D1-95906277B0B8}C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{2E6B6639-B232-40A6-A2E5-BEB547D3E6B1}C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{C0978DC9-DDF5-45F4-B07A-056AFEF21D04}C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{F750EA5A-D369-4183-B44E-32AA16FAAE84}C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{FE67D296-B667-47DA-B3EF-577FDFB5B413}C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{205CD17E-9CA5-4AAD-B87E-7CB3E2A06AF5}C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\uzivatel\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{F84FE260-8893-4C6C-8951-462E1780352F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{34540A30-EA34-4158-BE62-8A09D44D4A2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F03AA56-5805-44CD-9341-35110114AB1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A34060DF-E977-4ADC-9A01-10C872399AE6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B46A73B-F0C4-457C-B328-48E9E7486C0C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7512229D-9A7F-425D-BDA4-041BF60DECD3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ABB61C57-6845-4198-A7D5-FA703770C7ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{2530AD03-7A19-495A-88BC-3411AFD33390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{9635F5D0-FC47-4E2A-A936-5A2F911E3529}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{E8E219D0-D772-40F9-BCA6-32ED721E3804}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{4BD3F98C-352B-45DF-B546-24B2545BA429}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCS Workshop Uploader\bin\win_x86\mod_tools.exe
FirewallRules: [{BEB1362C-93E6-47B9-B8A0-DBC9F475C231}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCS Workshop Uploader\bin\win_x86\mod_tools.exe
FirewallRules: [{FEA2D98A-DC8B-4A63-8487-3B2EB16E06E6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4158BCB4-6F93-4262-8ADD-01668285B5D9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{672FB6D9-277A-4B30-AA90-DDB50AA91BB1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9EC1F42C-16AB-4FDE-957E-1415CD2FFD9C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D8852EAE-9F24-4EBA-80AF-DB1802EE2233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B434860E-F4CC-4528-9177-0632D1AAD195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1C370028-ECC1-4207-84F1-5F166ADE4E24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{A9B22CE9-CF5D-416F-8A5A-D61DC1A8F5C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe
FirewallRules: [{F3D44ABC-2873-4B96-BC27-1CE686DC7C19}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{1D771C61-1D69-4E78-AB85-F35D9E42BC38}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C61BFEB6-5E6E-410E-B4DF-84F0C303BE3D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{2400230C-52CB-4B46-A3A8-91433B88C7FF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{87B9B7E9-3CCF-42EB-B864-AF8BDD0903E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{746AD97A-B134-4F7E-ADA9-D0810DE30AE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{058A284E-97FA-4F96-B0F1-9188A0838B76}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BA0146AE-EBAD-4BB3-B9E9-5D5A21E1E4F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FCF95650-080C-430C-A6C0-970B7C22966E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CABFAA1F-477B-4CA5-B96B-859084A6271E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{77997016-0FE2-427A-B7C4-656288C970D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DAAEB765-A4AB-4271-A412-4795BE85CA0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ABCF62A6-C05C-4EAF-AF01-2F922758BFDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{295588A3-540E-4AB3-B341-D63076E8D21E}C:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe
FirewallRules: [UDP Query User{53242646-C9BE-43A7-B772-54938ABDD353}C:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe
StandardProfile\AuthorizedApplications: [C:\Users\Uzivatel\P-7-78-8964-9648-3874\winpvc.exe] =>

==================== Restore Points =========================

15-08-2016 12:33:14 Windows Update
17-08-2016 14:42:47 ComboFix created restore point
19-08-2016 17:22:58 Windows Update
22-08-2016 15:56:09 Installed Thrustmaster FFB Driver
24-08-2016 15:54:03 Windows Update
24-08-2016 20:19:29 Removed Thrustmaster FFB Driver
24-08-2016 20:28:31 Installed Thrustmaster FFB Driver

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 802.11n Wireless PCI Express Card LAN Adapter
Description: 802.11n Wireless PCI Express Card LAN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LITE-ON TECHNOLOGY CORPORATION
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/19/2016 09:53:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE verze 11.0.9600.17840 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a98

Čas spuštění: 01d1f9ed177c79ec

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files\Internet Explorer\IEXPLORE.EXE

ID hlášení: f55649d5-65e1-11e6-ad51-e0cb4e3ece7b

Error: (08/18/2016 12:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Název chybujícího modulu: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007af2
ID chybujícího procesu: 0x6e0
Čas spuštění chybující aplikace: 0xLVPrcSrv.exe0
Cesta k chybující aplikaci: LVPrcSrv.exe1
Cesta k chybujícímu modulu: LVPrcSrv.exe2
ID zprávy: LVPrcSrv.exe3

Error: (08/17/2016 02:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Název chybujícího modulu: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007af2
ID chybujícího procesu: 0x660
Čas spuštění chybující aplikace: 0xLVPrcSrv.exe0
Cesta k chybující aplikaci: LVPrcSrv.exe1
Cesta k chybujícímu modulu: LVPrcSrv.exe2
ID zprávy: LVPrcSrv.exe3

Error: (08/11/2016 01:07:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Název chybujícího modulu: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007af2
ID chybujícího procesu: 0x668
Čas spuštění chybující aplikace: 0xLVPrcSrv.exe0
Cesta k chybující aplikaci: LVPrcSrv.exe1
Cesta k chybujícímu modulu: LVPrcSrv.exe2
ID zprávy: LVPrcSrv.exe3

Error: (08/09/2016 06:24:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Název chybujícího modulu: LVPrcSrv.exe, verze: 12.10.1110.0, časové razítko: 0x4acc50c4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007af2
ID chybujícího procesu: 0x674
Čas spuštění chybující aplikace: 0xLVPrcSrv.exe0
Cesta k chybující aplikaci: LVPrcSrv.exe1
Cesta k chybujícímu modulu: LVPrcSrv.exe2
ID zprávy: LVPrcSrv.exe3

Error: (08/05/2016 09:36:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (07/30/2016 10:08:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TB Client.exe, verze: 1.0.0.0, časové razítko: 0x5799cf97
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869, časové razítko: 0x556363bc
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c42d
ID chybujícího procesu: 0x131c
Čas spuštění chybující aplikace: 0xTB Client.exe0
Cesta k chybující aplikaci: TB Client.exe1
Cesta k chybujícímu modulu: TB Client.exe2
ID zprávy: TB Client.exe3

Error: (07/30/2016 10:08:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: TB Client.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
Zásobník:
na System.Drawing.Font.CreateNativeFont()
na System.Drawing.Font.Initialize(System.Drawing.FontFamily, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean)
na System.Drawing.Font.Initialize(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean)
na System.Drawing.Font..ctor(System.String, Single)
na TB_Client.Form1.InitializeComponent()
na TB_Client.Form1..ctor()
na TB_Client.Program.Main(System.String[])

Error: (07/30/2016 10:00:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TB Client.exe, verze: 1.0.0.0, časové razítko: 0x5799cf97
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869, časové razítko: 0x556363bc
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c42d
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0xTB Client.exe0
Cesta k chybující aplikaci: TB Client.exe1
Cesta k chybujícímu modulu: TB Client.exe2
ID zprávy: TB Client.exe3

Error: (07/30/2016 10:00:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: TB Client.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
Zásobník:
na System.Drawing.Font.CreateNativeFont()
na System.Drawing.Font.Initialize(System.Drawing.FontFamily, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean)
na System.Drawing.Font.Initialize(System.String, Single, System.Drawing.FontStyle, System.Drawing.GraphicsUnit, Byte, Boolean)
na System.Drawing.Font..ctor(System.String, Single)
na TB_Client.Form1.InitializeComponent()
na TB_Client.Form1..ctor()
na TB_Client.Program.Main(System.String[])


System errors:
=============
Error: (08/26/2016 03:34:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba TrustedInstaller neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.

Error: (08/26/2016 03:34:25 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 2TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/26/2016 03:28:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd

Error: (08/26/2016 03:28:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WinDefend byla ukončena s následující chybou:
%%126 = Uvedený modul nebyl nalezen.

Error: (08/26/2016 03:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Plays.tv Update Service neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/26/2016 03:28:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Plays.tv Update Service bylo dosaženo časového limitu (30000 ms).

Error: (08/26/2016 03:28:43 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Zařízení \Device\CdRom0 má chybný blok.

Error: (08/26/2016 03:28:20 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Zařízení \Device\CdRom0 má chybný blok.

Error: (08/26/2016 03:27:52 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (08/25/2016 08:45:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba TrustedInstaller neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
Date: 2016-08-18 12:52:04.640
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:52:04.546
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:52:04.421
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:52:04.312
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:42:47.922
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:42:47.812
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:42:47.719
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-18 12:42:47.610
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-17 14:55:54.259
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-17 14:55:54.150
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 4095.24 MB
Available physical RAM: 2458.07 MB
Total Virtual: 8188.69 MB
Available Virtual: 6443.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.17 GB) (Free:401.9 GB) NTFS
Drive d: (FS15) (CDROM) (Total:1.91 GB) (Free:0 GB) UDF
Drive e: (Project CARS) (CDROM) (Total:15.46 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 1397.3 GB) (Disk ID: A3FCE61E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {16920FF0-A4F1-441A-9DE2-A1611F008D58} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {39219F87-73E7-43BA-8A59-D107AD2397F2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {7D73E1C2-DD14-414E-98C0-3E2BC86C8C66} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {966EC2A2-8BDE-4AE8-A587-8A5039DAB86D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {9E6ED783-E5CA-4268-BEB9-827741B2AE03} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C1276BEA-EE38-4AB2-A8C8-6C1345B17534} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C3053591-1C96-4B57-B6A8-625BF1EB46D2} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C7179217-FCC6-465A-8D10-F0A180C48CFC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKLM-x32\...\Chrome\Extension: [namehpjphchkdhandfijckhfbooibkgg] - C:\ProgramData\DownloadnSave\namehpjphchkdhandfijckhfbooibkgg.crx <not found>
2016-07-28 22:28 - 2016-07-28 22:28 - 00002974 _____ C:\Windows\System32\Tasks\{AA210866-A102-4391-96E1-71ED8DD61010}
2016-07-28 22:27 - 2016-07-28 22:27 - 00002974 _____ C:\Windows\System32\Tasks\{EFA31BA1-D2AF-470D-910C-574CB5DEE996}
C:\Users\Uzivatel\AppData\Roaming\UserTile.png
C:\ProgramData\ezsidmv.dat
C:\ProgramData\spds90.txt
Task: {D4902C9B-8AE6-426F-B85D-119E14018D3E} - System32\Tasks\Application Installer Cleaner => C:\Program Files (x86)\Application Installer\ApplicationInstaller.exe <==== ATTENTION
AlternateDataStreams: C:\Windows\Temp:temp [479147]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:72D2E2A0 [128]
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\Classes\.bat: batfile => <===== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[sisjarda]

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Uzivatel (07-09-2016 20:24:09) Run:1
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {16920FF0-A4F1-441A-9DE2-A1611F008D58} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {39219F87-73E7-43BA-8A59-D107AD2397F2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {7D73E1C2-DD14-414E-98C0-3E2BC86C8C66} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {966EC2A2-8BDE-4AE8-A587-8A5039DAB86D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {9E6ED783-E5CA-4268-BEB9-827741B2AE03} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C1276BEA-EE38-4AB2-A8C8-6C1345B17534} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C3053591-1C96-4B57-B6A8-625BF1EB46D2} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1595650876-3556912388-1829575210-1000 -> {C7179217-FCC6-465A-8D10-F0A180C48CFC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1595650876-3556912388-1829575210-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
CHR HKLM-x32\...\Chrome\Extension: [namehpjphchkdhandfijckhfbooibkgg] - C:\ProgramData\DownloadnSave\namehpjphchkdhandfijckhfbooibkgg.crx <not found>
2016-07-28 22:28 - 2016-07-28 22:28 - 00002974 _____ C:\Windows\System32\Tasks\{AA210866-A102-4391-96E1-71ED8DD61010}
2016-07-28 22:27 - 2016-07-28 22:27 - 00002974 _____ C:\Windows\System32\Tasks\{EFA31BA1-D2AF-470D-910C-574CB5DEE996}
C:\Users\Uzivatel\AppData\Roaming\UserTile.png
C:\ProgramData\ezsidmv.dat
C:\ProgramData\spds90.txt
Task: {D4902C9B-8AE6-426F-B85D-119E14018D3E} - System32\Tasks\Application Installer Cleaner => C:\Program Files (x86)\Application Installer\ApplicationInstaller.exe <==== ATTENTION
AlternateDataStreams: C:\Windows\Temp:temp [479147]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:72D2E2A0 [128]
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\Classes\.bat: batfile => <===== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16920FF0-A4F1-441A-9DE2-A1611F008D58}" => key removed successfully
HKCR\CLSID\{16920FF0-A4F1-441A-9DE2-A1611F008D58} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{39219F87-73E7-43BA-8A59-D107AD2397F2}" => key removed successfully
HKCR\CLSID\{39219F87-73E7-43BA-8A59-D107AD2397F2} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7D73E1C2-DD14-414E-98C0-3E2BC86C8C66}" => key removed successfully
HKCR\CLSID\{7D73E1C2-DD14-414E-98C0-3E2BC86C8C66} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{966EC2A2-8BDE-4AE8-A587-8A5039DAB86D}" => key removed successfully
HKCR\CLSID\{966EC2A2-8BDE-4AE8-A587-8A5039DAB86D} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9E6ED783-E5CA-4268-BEB9-827741B2AE03}" => key removed successfully
HKCR\CLSID\{9E6ED783-E5CA-4268-BEB9-827741B2AE03} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C1276BEA-EE38-4AB2-A8C8-6C1345B17534}" => key removed successfully
HKCR\CLSID\{C1276BEA-EE38-4AB2-A8C8-6C1345B17534} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C3053591-1C96-4B57-B6A8-625BF1EB46D2}" => key removed successfully
HKCR\CLSID\{C3053591-1C96-4B57-B6A8-625BF1EB46D2} => key not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C7179217-FCC6-465A-8D10-F0A180C48CFC}" => key removed successfully
HKCR\CLSID\{C7179217-FCC6-465A-8D10-F0A180C48CFC} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll => not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\namehpjphchkdhandfijckhfbooibkgg" => key removed successfully
C:\Windows\System32\Tasks\{AA210866-A102-4391-96E1-71ED8DD61010} => moved successfully
C:\Windows\System32\Tasks\{EFA31BA1-D2AF-470D-910C-574CB5DEE996} => moved successfully
C:\Users\Uzivatel\AppData\Roaming\UserTile.png => moved successfully
C:\ProgramData\ezsidmv.dat => moved successfully
C:\ProgramData\spds90.txt => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4902C9B-8AE6-426F-B85D-119E14018D3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4902C9B-8AE6-426F-B85D-119E14018D3E}" => key removed successfully
C:\Windows\System32\Tasks\Application Installer Cleaner => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Application Installer Cleaner" => key removed successfully
C:\Windows\Temp => ":temp" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\ProgramData\TEMP => ":72D2E2A0" ADS removed successfully.
"HKU\S-1-5-21-1595650876-3556912388-1829575210-1000\Software\Classes\.bat" => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4969173 B
Java, Flash, Steam htmlcache => 380573157 B
Windows/system/drivers => 913476 B
Edge => 0 B
Chrome => 417661281 B
Firefox => 720896 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 39582 B
LocalService => 132244 B
NetworkService => 207280 B
Uzivatel => 194182727 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 961.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:25:17 ====

[jaro3]

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Co problémy?